Skip to content

Define mechanisms for framework customization #52

New issue
New issue
Open
Open
Define mechanisms for framework customization#52
Labels
AgedA label for issues older than 2023-01-01ResearchScope: ModelingIssues targeted at development of OSCAL formatsUser Story
@kscarfone

Description

@kscarfone
kscarfone
opened on Sep 22, 2017

As a compliance auditor, I can customize a framework by choosing which parts of the framework are included, modifying the framework, and extending the framework.

Required Resources:

  • A framework in a machine-readable OSCAL format (e.g., NIST CSF, PCI DSS)

Goals:

  1. A user can extend an existing framework to create a new framework.
  2. A user can choose which parts of a given framework are included or excluded.
  3. A user can modify existing parts of a given framework.

Acceptance Criteria:

  1. A mockup is produced demonstrating implementation of a framework that uses framework extension and tailoring features described above (goals 1-3).

Metadata

Metadata

Assignees

No one assigned

    Labels

    AgedA label for issues older than 2023-01-01ResearchScope: ModelingIssues targeted at development of OSCAL formatsUser Story

    Type

    No type

    Projects

    NIST OSCAL Work Board

    Status

    Needs Triage

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions