pburkholder
commented
2 years ago I started using CMS SIA and it's only kind-of useful. So I'm making a cloud.gov specific SIA template as I go: https://docs.google.com/document/d/1cshpRVP-BxDMSIJzSpXgxF6so3pnGptK/edit
On Wed, Jun 8, 2022 at 3:33 PM Chiakao @.***> wrote:
In order to submit the TCP SCR, we need to develop an SIA as input to the SAP Acceptance Criteria
- GIVEN [a precondition] AND [another precondition] WHEN [test step] AND [test step] THEN [verification step] AND [verification step]
Security considerations
The 3PAO determine that we will need an SIA which will serve as input to the SAP that they are developing. We do not believe this SIA will have any impact on existing control narratives, diagrams, etc. Implementation sketch
- Leverage CMS Template
- Draft cloud.gov SIA using the CMS template
— Reply to this email directly, view it on GitHub https://github.com/cloud-gov/cg-compliance/issues/257, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAJHWCQSMZ4S4ZDZ52L4BCTVODYR5ANCNFSM5YHUOY6Q . You are receiving this because you are subscribed to this thread.Message ID: @.***>
--
Peter Burkholder | cloud.gov https://cloud.gov ISSO, compliance & security lead please use @.*** for cloud.gov matters
*202-709-2028 <(202)%20209-2028> | @. @.> *
| pronouns he-him https://www.mypronouns.org/he-him *Free/Busy Calendar @.**>
In order to submit the TCP SCR, we need to develop an SIA as input to the SAP
Security considerations
The 3PAO determined that we will need an SIA which will serve as input to the SAP that they are developing. We do not believe this SIA will have any impact on existing control narratives, diagrams, etc.
Implementation sketch