Michaela Iorga

@aj-stein-nist -- I still believe that a page like this one that provides links to content others are developing, hosted by NIST, will be perceived as endorsed by NIST with...

@aj-stein-nist - I agree, and the lessons learned from the OSCAL Tools page are the ones that raised my concerns to this level. Not once I heard ‘the tool X...

@david-waltermire-nist OSCAL club serves the purpose you mention above and it is community driven. We can direct anyone that inquires to the OSCAL Club . We can provide a link...

@aj-stein-nist Yes, The legal office recommended we transfer to the community the page with OSCAL Tools and the proposed page with OSCAL Examples generated by non-NIST people. Now that the...

@david-waltermire-nist - Please note that Erik left FRB around Dec 2021, and might no longer monitor this issue. But one important aspect to note, an issue Erik mentioned several times...

@guyzyl - you might want to see the IBM work here: [https://ibm.github.io/compliance-trestle/tutorials/ssp_profile_catalog_authoring/ssp_profile_catalog_authoring/](https://ibm.github.io/compliance-trestle/tutorials/ssp_profile_catalog_authoring/ssp_profile_catalog_authoring/)... The description reads: "_In summary, the catalog tools allow conversion of a Catalog to markdown for editing -...

@gregelin - You asked during the meeting for some **suggestions** for other controls. I good hybrid control is SC-8 and SC-8(1) if you think of the TLS example we discuss...

This issue is derived from the following scenario (schematically represented below): ``` system-implementation - component[@uuid="app1",@type="software"] - link[@rel="depends-on", @href="storage1"] - component[@uuid="storage1",@type="hardware"] - component[@uuid="this-system",@type="this-system"] - inventory-item[@uuid="inv1"] - implemented-component[@component-uuid="app1"] - implemented-component[@component-uuid="storage1"] control-implementation -...

> This continues the theme of keeping the POAM document fairly self sufficient > > Using a link to other documents breaks the paradigm of keeping the POAM document fairly...

@aj-stein-nist - It might be important to have a mechanism in place or a task force (mini-team of contributors) that are responsible for the correctness (format validation at minimum) of...