Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WIP: Starting a single control trace. #142

Closed
wants to merge 3 commits into from
Closed

WIP: Starting a single control trace. #142

wants to merge 3 commits into from

Conversation

Compton-US
Copy link

Committer Notes

See #141

All Submissions:

  • Have you followed the guidelines in our Contributing document?
  • Have you checked to ensure there aren't other open Pull Requests for the same update/change?
  • Have you squashed any non-relevant commits and commit messages? [instructions]
  • Do all automated CI/CD checks pass?

Changes to Core Features:

  • Have you added an explanation of what your changes do and why you'd like us to include them?
  • Have you written new tests for your core changes, as applicable?
  • Have you included examples of how to use your new feature(s)?

@david-waltermire david-waltermire marked this pull request as draft September 22, 2022 18:47
@david-waltermire david-waltermire linked an issue Sep 27, 2022 that may be closed by this pull request
Create a very basic example to trace one control through the OSCAL models. #141
Open
3 tasks
aj-stein-nist
aj-stein-nist reviewed Oct 14, 2022
View reviewed changes
Copy link
Contributor

@aj-stein-nist aj-stein-nist left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I apologize, you had asked me to look at this long ago and had not followed up. I know it is still WIP, but one minor issue. Nice work so far!

examples/trace-a-single-control/README.md Outdated Show resolved Hide resolved
aj-stein-nist
aj-stein-nist reviewed Oct 18, 2022
View reviewed changes
Copy link
Contributor

@aj-stein-nist aj-stein-nist left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor thing I caught when leveraging your sample for a quick sanity check. :-)

examples/trace-a-single-control/yaml/system-security-plan.yaml
confidentiality-impact:
base: fips-199-low
integrity-impact:
base: fips-199-low
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I actually had to double check 800-60 Revision 2 and lazily looked up this PR to see what the structure was and translate it back into XML for another PR. FYI/FYE, the actually recommended (base) for C.3.5.1 is Low-Moderate-Low.

Suggested change
base: fips-199-low
base: fips-199-moderate

If you wanted to override and say well the book says is moderate, but my AO, ISSO, organizational leadership, what have you, said it is different, you could do it.

          integrity-impact:
            base: fips-199-moderate
            selected: fips-199-low

@aj-stein-nist
Copy link
Contributor

Given the conversation in #141 (comment) that was discussed a little while back, I am going to close this out for now. We can reopen as we see fit when the work comes back into focus in the next sprint or a subsequent one.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aj-stein-nist aj-stein-nist aj-stein-nist left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Create a very basic example to trace one control through the OSCAL models.
2 participants
@Compton-US @aj-stein-nist