-
Notifications
You must be signed in to change notification settings - Fork 174
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Revision to Handling of Assessment Objects #1896
Labels
Comments
As an example. The following is an excerpt from the NIST SP 800-53r5 catalog. It is the "examine" assessment method for AC-1. Current:
Proposed (pre OSCAL 2.0) non-breaking change suggestion:
Proposed Ideal (OSCAL 2.0 breaking change), uses properties instead of parts as the values are better expressed as just text fields without formatting:
|
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
User Story
As an OSCAL tool developer, I want to be able to enumerate each of the assessment objects independently, so that I can more appropriately tie a specific assessment object to an assessment activity. Individual assessment objects are assessment subjects in the context of the AP and AR models.
Currently all assessment objects of a control's assessment method are lumped into a single
part
withname="assessment-objects"
. Instead, each assessment object should be in its ownpart" with
name="assessment-object"` (note: singular. No "s" at the end.)Goals
assessment-object
instead ofassessment-objects
.Dependencies
No response
Acceptance Criteria
(For reviewers: The wiki has guidance on code review and overall issue review for completeness.)
Revisions
No response
The text was updated successfully, but these errors were encountered: