Getting Started
Welcome!
The goal of the OSCAL Patterns Library is to maximize interoperability across OSCAL tools. The library accomplishes this by defining the recommended OSCAL representation for specific use cases. Recommendations are based on the consenss of participating Foundation members.
Organization
-
Core OSCAL: Patterns, guidance, information and resources common to any OSCAL representation regardless of framework or control set.
-
FedRAMP: Patterns, guidance, information and resources for expressing FedRAMP Authorization Packages in OSCAL.
- FedRAMP System Security Plan (SSP): Represent FedRAMP SSP content in OSCAL (New!)
- FedRAMP Plan of Action and Milestones (POA&M): Represent FedRAMP POA&M content in OSCAL (Next Priority)
- FedRAMP Assessments: Represent FedRAMP SAP and SAR content in OSCAL (Future)
-
Additional Frameworks and Industries: Framework-specific and industry-specific patterns, guidance, information and resources. (Prioritized based on demand and available resources.)
Library Status and Next Steps
The OSCAL Foundation jumpstarted this library using prior content created by former FedRAMP PMO members. The initial deployment focuses on deployment and cleanup of that FedRAMP-specific content in response to new OSCAL requirements for FedRAMP-authorized systems.