Closed mlysaght2017 closed 3 weeks ago
This issue will be closed as stale in 7 days. Please update this issue if it is still needed.
This issue will be closed as stale in 7 days. Please update this issue if it is still needed.
Closed as stale. An update may reopen this issue.
Feature Request
Description of Problem:
We need to design a comprehensive end-to-end process for assessing the security posture of generic cloud services and generating detailed reports using NIST OSCAL (Open Security Controls Assessment Language), so that we can ensure consistent, thorough, and transparent evaluations of cloud service security while leveraging a standardized framework. The process will include the intake of cloud services from the cloud service taxonomy WG, the definition and selection of relevant controls, the execution of assessments, and the reporting of results.
Potential Solutions:
Acceptance Criteria:
Define Assessment Methodology:
Create Detailed Workflow:
Implement Continuous Monitoring:
Design Reporting Format:
Pilot Assessments:
Documentation and Presentation:
Stakeholders:
Security Working Group Members
Priority: High
Estimated Effort: 4-6 weeks
Dependencies: