Open Security Controls Assessment Language (OSCAL)
NIST releases automation-friendly security and privacy assessment procedures
The agency developed an online comment tool to release future controls and assessment procedures concurrently to keep pace with evolving cyber threats.
FedRAMP eyes .govCAR for other authorization applications
The program management office hopes .govCAR will streamline the security authorization process.
FedRAMP just automated checking security authorization packages for completeness
Cloud vendors should be able to get their hands on the XML-automated validations next week.
Agency reuse of FedRAMP-approved cloud products climbs with automation
Also: an update on the fate of the FedRAMP Authorization Act in the Senate
FEMA working to clarify cyber controls
Only then can the agency use automation for compliance, according to its CTO.
FedRAMP cloud security requirements under revision
The program management offices is aligning security impact levels with new NIST guidance on security and privacy controls.