Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ For more information, please look at each blueprint's README file.

## Cybersecurity Documentation

In addition to the IaC, Stellar Engine provides supporting documentation that maps NIST 800-53r5 controls for users leveraging the IaC. This documentation is designed to streamline achieving ATO by providing generalized templates. All documentation is provided [here](https://drive.google.com/drive/folders/1NeWZcOuxysi7kUNRCFDd8CeHnxF14ywp). For how to utilize these documents, please see the following [Path to Authorization](docs/path-to-authorization.md) guide.
In addition to the IaC, Stellar Engine provides supporting documentation that maps NIST 800-53r5 controls for users leveraging the IaC. This documentation is designed to streamline achieving ATO by providing generalized templates. All documentation can be requested [here](https://forms.gle/zdv7Gip4opmdhBqk7). For how to utilize these documents, please see the following [Path to Authorization](docs/path-to-authorization.md) guide.

## Detailed Deployment Guide

Expand Down
Binary file not shown.
Binary file added docs/artifacts/PIA-PCIL-SORN/NIST_SP_800_122.pdf
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
24 changes: 12 additions & 12 deletions docs/path-to-authorization.md
Original file line number Diff line number Diff line change
Expand Up @@ -66,9 +66,9 @@ privacy risks
- Authorization boundaries establish the scope of systems to be protected,
managed, and authorized for operation or use.
- [Impact Level 5 Authorization
Boundary](https://drive.google.com/drive/folders/1BLtoC59BMUueC9uwtWjBymJuQg2ku2m3)
Boundary](https://forms.gle/zdv7Gip4opmdhBqk7)
- [FedRAMP High Authorization
Boundary](https://drive.google.com/drive/folders/16zsUdmzq_fK1BRFCrjgxsFRM23YVhjBa)
Boundary](https://forms.gle/zdv7Gip4opmdhBqk7)
- Regularly assess the security and privacy risks at the organization level
and system level. Update risk assessment results on an on-going basis.

Expand All @@ -80,9 +80,9 @@ based on the impact analysis
- [Categorize](https://csrc.nist.gov/pubs/sp/800/60/v1/r1/final) each system
based on the impact to the organization if the confidentiality,
availability, or integrity were to become compromised.
- [FIPS 199](https://drive.google.com/drive/u/0/folders/1CMLkSzmdJTtld5-R7Ttks2uSGvv79Ikr)
- [Categorization References](/docs/artifacts/categorization-references/)
- [System Security Plan
Templates](https://drive.google.com/drive/u/0/folders/1qV0Pu9EDnCEJpk0iKDodU_69BN96hEVr)
Templates](https://forms.gle/zdv7Gip4opmdhBqk7)

[**Step 2;
Select**](https://csrc.nist.gov/Projects/risk-management/about-rmf/select-step):
Expand Down Expand Up @@ -110,10 +110,10 @@ risk assessment(s)
- How effective are the controls we have implemented? What is the
frequency in which the controls are monitored?
- [Security Control Traceability Matrix (SCTM)
Templates](https://drive.google.com/drive/u/0/folders/13SahM7cIrE_jeA2G103yhGfpeXlBaZIq)
Templates](https://forms.gle/zdv7Gip4opmdhBqk7)
(IL5 H-H-X and FedRAMP High Baselines)
- [Policies and Procedures
Templates](https://drive.google.com/drive/u/0/folders/1qnZ0N2BrRd8fF5u4h06H2Bbd4TxvLJvl)
Templates](https://forms.gle/zdv7Gip4opmdhBqk7)
(IL5 HHX and FedRAMP High Baselines)

[**Step 3;
Expand Down Expand Up @@ -181,17 +181,17 @@ Continuously **monitor** control implementation and risks to the system
**Additional Artifacts for an ATO:**

- [Privacy Impact Assessment
(PIA)](https://drive.google.com/drive/u/0/folders/18N1nBCZOaV2peJI4cEDJ0KSNyTo3s32o)
(PIA)](/docs/artifacts/PIA-PCIL-SORN/)
- [PII Confidentiality Impact Level
(PCIL)](https://drive.google.com/drive/u/0/folders/18N1nBCZOaV2peJI4cEDJ0KSNyTo3s32o)
(PCIL)](/docs/artifacts/PIA-PCIL-SORN/)
- [System of Records Notice
(SORN)](https://drive.google.com/drive/u/0/folders/18N1nBCZOaV2peJI4cEDJ0KSNyTo3s32o)
(SORN)](/docs/artifacts/PIA-PCIL-SORN/)
- [Hardware
List](https://drive.google.com/drive/u/0/folders/1fH-PDmfeJxf7b8BNkJVW39EHtUhYImUm)
List](/docs/artifacts/hw-sw-list/)
- [Software
List](https://drive.google.com/drive/u/0/folders/1fH-PDmfeJxf7b8BNkJVW39EHtUhYImUm)
List](/docs/artifacts/hw-sw-list/)
- [Ports, Protocols, and Services Management
(PPSM)](https://drive.google.com/drive/u/0/folders/1cvnyqHlwMINoxU2sZ61OQRWOKetSauuF)
(PPSM)](/docs/artifacts/ppsms/)

**Things to Consider:**

Expand Down
2 changes: 1 addition & 1 deletion fast/stages-aw/0-bootstrap/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -179,7 +179,7 @@ These features are optional and only enabled if the relevant variables have been

## How to Run This Stage

For detailed information on prerequisites and steps to deploy this stage, please see the latest [Detailed Deployment Guide (DDG)](https://drive.google.com/drive/u/0/folders/1OLgdf_VnY8zdkcmxHPwhEVoidGAqY6PX) If you do not have access, you will have to request it.
For detailed information on prerequisites and steps to deploy this stage, please see the latest [Detailed Deployment Guide (DDG)](/docs/ddg.md) If you do not have access, you will have to request it.

## Customizations

Expand Down
2 changes: 1 addition & 1 deletion fast/stages-aw/1-resman/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ The design of this stage ensures that all parts of a Stellar Engine deployment r

## How to Run This Stage

For detailed information on prerequisites and steps to deploy this stage, please see the latest [Detailed Deployment Guide (DDG)](https://drive.google.com/drive/u/0/folders/1OLgdf_VnY8zdkcmxHPwhEVoidGAqY6PX) If you do not have access, you will have to request it.
For detailed information on prerequisites and steps to deploy this stage, please see the latest [Detailed Deployment Guide (DDG)](/docs/ddg.md) If you do not have access, you will have to request it.

### Impersonating the Automation Service Account

Expand Down