compliance-trestle
compliance-trestle copied to clipboard
oscal-compass
An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.
## Issue description / feature objectives Add documentation describing how to use the trestle sdk, including the overall design of the codebase and how the OSCAL classes are laid out....
## Issue description / feature objectives Mypy 0.900 onwards will not embed type-stubs *excluding* the standard library. Ensure appropriate typestubs are included for the development environment. ## Caveats / Assumptions...
## Issue description / feature objectives Today most of the serialisation uses orjson, however, the native `.json()` method is still exposed. Use the `json_dumps` config attribute to change to orjson....
## Issue description / feature objectives The current task use a log block to print info. This has become messy as the details increase. Currently we are carrying resource files...
## Issue description / feature objectives PCI is definitely a standard that we will want to be able to support ## Completion Criteria - Automation to create a PCI catalog...
## Issue description / feature objectives Trestle tasks are the most likely entry point for an external developer to use trestle as in many ways they are effectively 'embedded scripts'....
## Issue description / feature objectives Using a FedRAMP SSP as a usecase there are a few metrics I would want to understand: 1. Are all parameters set (e.g. non-default...
## Issue description / feature objectives ## Caveats / Assumptions ## Completion Criteria
## Issue description / feature objectives NIST 800-53 ,and FedRAMP are currently the only standards with officially released content for OSCAL, however, they are highly overlapping. As a result we...
Metadata
Owner
Metadata
An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.