Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OSCAL mapping model support for identifying controls in a catalog that are not mapped #1333

Open
4 tasks
iMichaela opened this issue Jul 4, 2022 · 1 comment
Open
4 tasks

OSCAL mapping model support for identifying controls in a catalog that are not mapped #1333

iMichaela opened this issue Jul 4, 2022 · 1 comment
Assignees
@Compton-US
Labels
Community Feedback Needed Discussion Needed This issues needs to be reviewed by the OSCAL development team. enhancement Research User Story

Comments

@iMichaela
Copy link
Contributor

User Story:

As an OSCAL user, when I map a source catalog to a target catalog, I would like to also document, in the mapping instance of the source catalog, the controls or control parts/statements for which the target catalog does not have mappable control or part.

Also, in order to successfuly reverse the source->target relationships documented in a mapped catalog, so I can infer any implementation or assessment information relative to the target catalog into the source catalog, I would like to be able to, at minimum, list the unmapped target controls in the mapping instance.

Goals:

@vikas-agarwal76 requested this feature in #1150: I believe a 5th relationship that may be good to capture would be "None" or "Null". This is to explicitly capture cases where no mapping (not even partial) exists for a source control in the target catalog. In this case the target controls will be empty. This will help distinguish cases where no mapping has been specified till now versus no mapping exists at all. One may want to explicitly state that fact for completeness to avoid any ambiguity.

Since "None" or "Null" is not a mapping relation, will not have a target, an alternative way of capturing this information such as a different construction that would follow the existing mappings to define unmapped elements (i.e., controls, or control statements).

Dependencies:

Acceptance Criteria

  • The solution is aligned with the draft Control Mapping Support for control mapping #1150
  • All OSCAL website and readme documentation affected by the changes in this issue have been updated. Changes to the OSCAL website can be made in the docs/content directory of your branch.
  • A Pull Request (PR) is submitted that fully addresses the goals of this User Story. This issue is referenced in the PR.
  • The CI-CD build process runs without any reported errors on the PR. This can be confirmed by reviewing that all checks have passed in the PR.
@david-waltermire david-waltermire added Discussion Needed This issues needs to be reviewed by the OSCAL development team. Model Engineering An issue to be discussed during the bi-weekly Model Engineering Meeting labels Jul 5, 2022
@david-waltermire david-waltermire added this to the OSCAL 1.1.0 milestone Jul 8, 2022
@david-waltermire david-waltermire moved this from Todo to Under Review in NIST OSCAL Work Board Aug 26, 2022
@david-waltermire david-waltermire moved this from Under Review to Todo in NIST OSCAL Work Board Aug 26, 2022
@iMichaela iMichaela mentioned this issue Sep 19, 2022
Closed
This was referenced Apr 28, 2023
Open
Closed
@aj-stein-nist aj-stein-nist removed the Model Engineering An issue to be discussed during the bi-weekly Model Engineering Meeting label Jul 11, 2023
@aj-stein-nist aj-stein-nist removed this from the v1.1.0 milestone Jul 27, 2023
@aj-stein-nist aj-stein-nist moved this from Todo to DEFINE Research Needed in NIST OSCAL Work Board Sep 20, 2023
@Compton-US Compton-US added the Aged A label for issues older than 2023-01-01 label Nov 2, 2023
@Compton-US
Copy link
Contributor

This is being worked as a part of DEFINE:

Keeping open pending outcome.

@Compton-US Compton-US removed the Aged A label for issues older than 2023-01-01 label Nov 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Compton-US Compton-US

Labels
Community Feedback Needed Discussion Needed This issues needs to be reviewed by the OSCAL development team. enhancement Research User Story
Projects
NIST OSCAL Work Board
Status: DEFINE Research Needed
Milestone
No milestone
Development

No branches or pull requests
4 participants
@david-waltermire @iMichaela @aj-stein-nist @Compton-US