Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Spiral: Determine approach to documenting in the SSP and Component Definition a mapped control or statement. #32

Open
iMichaela opened this issue Jul 8, 2023 · 1 comment
Open

Spiral: Determine approach to documenting in the SSP and Component Definition a mapped control or statement. #32

iMichaela opened this issue Jul 8, 2023 · 1 comment
Labels
Help Wanted This issue is soliciting help from the community for assistance and/or feedback. Priority: LOW Spiral This issue is tracking a spiral. Progress, Concurrence and Feedback.

Comments

@iMichaela
Copy link
Collaborator

Problem Statement

The mapping of controls or statements of controls is needed in the SSP and possibly Component Definition so the results of the assessment against one regulatory framework can be used to automatically infer the compliance status against other mapped frameworks.

For each control satisfaction, by-component, a mapping-record assembly is needed to document:

  • the mapping relation (by uuid) to other control(s)
  • the mapping document (by uuid) where the above mapping is to be found
  • the locally tailored relation based on the control/statement implementation
  • evidence requirements when different
  • anything else?
@iMichaela iMichaela added the Step 1 - Initiation This research effort issue requires review and consideration. label Jul 8, 2023
@iMichaela
Copy link
Collaborator Author

A mapping-record assembly which allows documenting a particular mapping relation for a control-implementation/implemented-requirements/by-components or control-implementation/implemented-requirements/statements/by-components needs to be researched and added to the SSP model and potentially to CDef model as well.

@iMichaela iMichaela added Help Wanted This issue is soliciting help from the community for assistance and/or feedback. Priority: LOW Spiral This issue is tracking a spiral. Progress, Concurrence and Feedback. and removed Step 1 - Initiation This research effort issue requires review and consideration. labels Jul 8, 2023
@iMichaela iMichaela mentioned this issue Jul 8, 2023
Open
@Compton-US Compton-US mentioned this issue Nov 22, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Help Wanted This issue is soliciting help from the community for assistance and/or feedback. Priority: LOW Spiral This issue is tracking a spiral. Progress, Concurrence and Feedback.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@iMichaela