SSP Control Implementation Scope/Origination #784
Description
User Story:
As an OSCAL we need to better differentiate scope and origination of responsibility for control and more granular control statements in the SSP model.
See the table in issue #572 for inspiration for references.
Goals:
- Using analysis, ensure scope and origination can be appropriately represented at all appropriate levels of granularity (
implemented-requirement,statement, and/orby-component) - Ensure syntax and documentation are updated, enabling OSCAL users to apply this feature.
- Create new issues identifying the specific OSCAL model and documentation changes that are needed to address this issue
Dependencies:
None.
Acceptance Criteria
- Update the constraint to allow the prop to appear at the statement, by-component, and statement/by-component levels.
- Add a note in the docs about how to resolve the effective value when values are applied at multiple levels.
- All OSCAL website and readme documentation affected by the changes in this issue have been updated. Changes to the OSCAL website can be made in the docs/content directory of your branch.
- A Pull Request (PR) is submitted that fully addresses the goals of this User Story. This issue is referenced in the PR.
- The CI-CD build process runs without any reported errors on the PR. This can be confirmed by reviewing that all checks have passed in the PR.
Metadata
Metadata
Assignees
Labels
Type
Projects
Status