iMichaela
commented
4 months ago @ancatri - Thank you fro opening the issue. IMHO, this issue can not be addressed today since the FINOS' common cloud controls need to be defined, but more than anything the threat-based approach and the assessment process are not well established in order to determine the correct/supporting representation in OSCAL of the necessary information (catalog, profile, component-definitions, mapping to threats, etc.)
However, a better understanding of the editorial abilities including validation by schema and constraints of the generated information, as well as human-readable conversion of OSCAL-based content, could be of immediate importance for the members of this WG.
github-actions[bot]
Feature Request
Govern the FINOS Control Catalog in OSCAL
Description of Problem:
Govern the FINOS Control Catalog in OSCAL
Potential Solutions:
Hi team - Hope you all are doing well - This message is to announce that next Tuesday 2/13 we will be kicking off the CNFC OSCAL COMPASS Community Call now as part of CNCF tag. COMPASS = Compliance Automated Standard Solution
Meeting is happening in Zoom not in Webex as before - Zoom meeting number https://zoom.us/j/92729235315
We´ve moved to a subscription model where you can subscribe to the series here https://calendar.google.com/calendar/u/0/r/eventedit/copy/NW51Z3Q5djBrNTU1bDI4azhhZWRhdTg3bW1fMjAyNDAyMTNUMTUwMDAwWiAwYjh1NWVsOHRhNHM5M3QyY203MnR1dmhoa0Bn/YWxlbGVpdmFwYWwyOTA1QGdtYWlsLmNvbQ?scp=ALL - Feel free to spread the word
We will be taking meeting notes here - https://docs.google.com/document/d/1z9xvt-Z97j4CtEH1-nR9sMWul7jQkUi_fNY7BdMPgxM/edit
Recording will be shared after the meeting with the community
Thank you and see you next Tuesday 2/13 at 10 am EST and every other week following on!