From ae57f544fc6481d0b3b410d5a580b9ffc20d6413 Mon Sep 17 00:00:00 2001 From: CRob <69357996+SecurityCRob@users.noreply.github.com> Date: Tue, 18 Nov 2025 10:34:00 -0500 Subject: [PATCH 1/4] Add UKSSCOP reference-ids and claims to OSPS-AC.yaml Dependent upon merge of https://github.com/ossf/security-baseline/pull/426 AC mapping sot UKSSCOP framework Signed-off-by: CRob <69357996+SecurityCRob@users.noreply.github.com> --- baseline/OSPS-AC.yaml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/baseline/OSPS-AC.yaml b/baseline/OSPS-AC.yaml index 387639f..0d763a6 100644 --- a/baseline/OSPS-AC.yaml +++ b/baseline/OSPS-AC.yaml @@ -71,6 +71,11 @@ controls: - reference-id: IA-5 - reference-id: 1.2e - reference-id: 1.2f + - reference-id: UKSSCOP + entries: + - reference-id: Claim 1.4.2 + - reference-id: Claim 2.1.5 + - reference-id: Claim 2.2.2 assessment-requirements: - id: OSPS-AC-01.01 text: | @@ -135,6 +140,10 @@ controls: - reference-id: AC-6 - reference-id: CM-5 - reference-id: CM-7 + - reference-id: UKSSCOP + entries: + - reference-id: Claim 2.1.2 + - reference-id: Claim 2.2.2 assessment-requirements: - id: OSPS-AC-02.01 text: | @@ -199,6 +208,9 @@ controls: - reference-id: CM-3 - reference-id: CM-3(2) - reference-id: CM-5 + - reference-id: UKSSCOP + entries: + - reference-id: Claim 2.2.2 assessment-requirements: - id: OSPS-AC-03.01 text: | @@ -286,6 +298,11 @@ controls: - reference-id: AC-20(1) - reference-id: CM-5 - reference-id: CM-7 + - reference-id: UKSSCOP + entries: + - reference-id: Claim 2.1.2 + - reference-id: Claim 2.1.3 + - reference-id: Claim 2.2.2 assessment-requirements: - id: OSPS-AC-04.01 text: | From 2c25695b76bfb36bd1c62728246ad6982a7e2c2c Mon Sep 17 00:00:00 2001 From: CRob <69357996+SecurityCRob@users.noreply.github.com> Date: Mon, 24 Nov 2025 08:39:36 -0500 Subject: [PATCH 2/4] Remove 'Claim 2.1.2' reference from OSPS-AC.yaml Signed-off-by: CRob <69357996+SecurityCRob@users.noreply.github.com> --- baseline/OSPS-AC.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/baseline/OSPS-AC.yaml b/baseline/OSPS-AC.yaml index 0d763a6..57a43e6 100644 --- a/baseline/OSPS-AC.yaml +++ b/baseline/OSPS-AC.yaml @@ -142,7 +142,6 @@ controls: - reference-id: CM-7 - reference-id: UKSSCOP entries: - - reference-id: Claim 2.1.2 - reference-id: Claim 2.2.2 assessment-requirements: - id: OSPS-AC-02.01 From 11fc6e3deb34ed0bf6c0edde6515208af4221ad7 Mon Sep 17 00:00:00 2001 From: CRob <69357996+SecurityCRob@users.noreply.github.com> Date: Mon, 24 Nov 2025 08:45:29 -0500 Subject: [PATCH 3/4] Update baseline/OSPS-AC.yaml Co-authored-by: Ben Cotton Signed-off-by: CRob <69357996+SecurityCRob@users.noreply.github.com> --- baseline/OSPS-AC.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/baseline/OSPS-AC.yaml b/baseline/OSPS-AC.yaml index 57a43e6..6898518 100644 --- a/baseline/OSPS-AC.yaml +++ b/baseline/OSPS-AC.yaml @@ -299,7 +299,7 @@ controls: - reference-id: CM-7 - reference-id: UKSSCOP entries: - - reference-id: Claim 2.1.2 + - reference-id: Claim 2.1.1 - reference-id: Claim 2.1.3 - reference-id: Claim 2.2.2 assessment-requirements: From 0cc45835e2ad00f0619a093091126ac71d284e4f Mon Sep 17 00:00:00 2001 From: CRob <69357996+SecurityCRob@users.noreply.github.com> Date: Wed, 26 Nov 2025 09:01:29 -0500 Subject: [PATCH 4/4] Update OSPS-AC.yaml Signed-off-by: CRob <69357996+SecurityCRob@users.noreply.github.com> --- baseline/OSPS-AC.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/baseline/OSPS-AC.yaml b/baseline/OSPS-AC.yaml index 6898518..aa58e2e 100644 --- a/baseline/OSPS-AC.yaml +++ b/baseline/OSPS-AC.yaml @@ -209,6 +209,7 @@ controls: - reference-id: CM-5 - reference-id: UKSSCOP entries: + - reference-id: Claim 1.1.4 - reference-id: Claim 2.2.2 assessment-requirements: - id: OSPS-AC-03.01