Recently Updated Pages

FedRAMP's baselines are available in OSCAL XML, JSON and YAML formats on the OSCAL Foundation's f...

Every control should have one or more responsible roles identified. In OSCAL, there are three op...

Needs Work Content cleanup YAML Example For MVP: attach a Word or PDF document enumerating t...

The FedRAMP Control Information Summary (CIS) and Customer Responsibility Matrix (CRM) are derive...

See [Controls citation and link]

The leveraged FedRAMP-Authorized services table is used to list both underlying leveraged authori...

The system's overall FIPS-199 impact level is determined primarily by the sensitivity of the info...

The Digital Identity Level (DIL) is represented on the page below. Within system-characteristics...

OSCAL component include: this system, a special component that represents the entire system and ...

Document Revision History The OSCAL revision history requires one FedRAMP extension to meet FedRA...

The first control in each NIST SP 800-53 control family is a policy and procedure control. These ...

Within the OSCAL-based FedRAMP baselines, control statements and control objectives are tagged w...

FedRAMP only accepts only one of five values for implementation-status: implemented, partial, pla...

Need rework and to cover aggregated parameters Every applicable control must have at least one re...

FedRAMP accepts only one of five values for control-origination: sp-corporate, sp-system, custome...

This content uses YAML for examples. All examples are derived from complete example OSCAL content...

All OSCAL artifacts must have the following content in metadata: title: The artifact's title las...

Core OSCAL requires somne content to be present all OSCAL artifacts. This is crtical to consisten...

This is address in Appendix Q: Cryptographic Modules.