Recently Updated Pages

The flat approach to inventory is only intended as a starting point for service providers convert...

The normalized approach is prefered. Organizations starting new with no legacy inventory reportin...

See Inventory Approaches for guidance.

The flat approach to control responses is only intended as a starting point for service providers...

SSP Approvals follow the Roles pattern, using the content-approver role. Defined Identifiers Re...

The SSP title page follows the Title Pages pattern.

System Owner follows the Roles pattern, using the system-owner role. Defined Identifiers Requir...

Information System Security Officer (ISSO) follows the Roles pattern, using the information-syst...

This needs work that may have been completed elsewhere and nees to be moved into here. This ...

This needs work that may have been completed elsewhere and nees to be moved into here. This ...

This needs work that may have been completed elsewhere and nees to be moved into here. This ...

This needs work that may have been completed elsewhere and nees to be moved into here. This ...

This needs work that may have been completed elsewhere and nees to be moved into here. This ...

This needs work that may have been completed elsewhere and nees to be moved into here. This ...

This needs work that may have been completed elsewhere and nees to be moved into here. This ...

UTF-8 Character Encoding OSCAL uses UTF-8 character encoding. JSON and YAML files are always UTF-...

FedRAMP's baselines are available in OSCAL XML, JSON and YAML formats on the OSCAL Foundation's f...

Needs Work Content cleanup YAML Example For MVP: attach a Word or PDF document enumerating t...

The FedRAMP Control Information Summary (CIS) and Customer Responsibility Matrix (CRM) are derive...

The leveraged FedRAMP-Authorized services table is used to list both underlying leveraged authori...