Search Results

Needs Work Content cleanup YAML Example For MVP: attach a Word or PDF document enumerating the applicable laws and regulations. For Normalized: Provide one back-matter/resources entry per applicable law or regulation that includes: a title with the tit...

See Inventory Approaches for guidance.

See the FedRAMP POA&M book.

This needs work that may have been completed elsewhere and nees to be moved into here. This needs MVP and Normalized content examples MVP Key Points Include: The SR-2 (id=sr-2 control should have links entries to the user guide This is not normalized a...

OSCAL offers a great deal of flexibility for controls responses. To balance consistency, interoperability and ease of adoption, the OSCAL Foundation recommends two approaches: Flat Approach: Aligns with FedRAMP's SSP Word template where control responses are ...

The normalized approach is prefered. Organizations starting new with no legacy SSP content should use this. For organizations converting from a legacy FedRAMP SSP Word template, consider starting with the Control Response: Flat Approach and migrating to the no...

The flat approach to control responses is only intended as a starting point for service providers converting from a legacy FedRAMP SSP Word template. If you are not converting a legacy SSP, use the Control Response: Normalized Approach. With the flat approach...

The goal of the OSCAL Patterns Library is to maximize interoperability across OSCAL tools. The library accomplishes this by defining the recommended OSCAL representation for specific use cases. Recommendations are based on the consenss of participating Foundat...

:root { --accent: #2d6be4; --accent-dim: #e8effe; --border: #dde1e9; --surface2: #f0f2f5; --muted: #6b7280; --tag-open: #16a34a; --tag-arc: #92400e; --radius: 6px; --mono: "JetBrains Mono", "Fira Mono", monospace; } .cr-meta { font-size: .8rem; color: var(--mu...