Section 2 - "determine the expected values..."

[jimsch]

Version -04

1. Suggested task name - not from the terminology document (should the term be there?) "Policy Definition:"
2. Same note as issue Section 2 - "assets and endpoints" #3 about data elements and attributes - are they different and are they defined
3. I am having a problem with the last clause in the last sentence. How is policy definition (my assumption) going to influence what is going to be detected on an endpoint? Is this not just defining a new attribute to be collected for the asset and therefore part of step 1?
4. Suggested text:
   Policy Definition: This is where an organization can express its policy for acceptable or problematic values of an asset attribute. The expected values of an asset attribute are determined for later comparison against the actual asset attribute values during the evaluation process. Expected values may include both those values which are good as well as those values which represent problems, such as vulnerabilities. The organization can also specify the asset attributes that are to be present for a given asset."

[ncamwing]

Hi Jim,

I like your rewording but to answer #3, its not just about adding a new attribute, though it could be a part of it....the task is really more about the definition of what is expected or acceptable (or not).
Your wording will be in -05....

Thanks, Nancy

[jimsch]

This looks ok to me.