Open Security Controls Assessment Language (OSCAL)

NIST releases automation-friendly security and privacy assessment procedures


The agency developed an online comment tool to release future controls and assessment procedures concurrently to keep pace with evolving cyber threats.

FedRAMP eyes .govCAR for other authorization applications


The program management office hopes .govCAR will streamline the security authorization process.

FedRAMP just automated checking security authorization packages for completeness


Cloud vendors should be able to get their hands on the XML-automated validations next week.

Agency reuse of FedRAMP-approved cloud products climbs with automation


Also: an update on the fate of the FedRAMP Authorization Act in the Senate

FEMA working to clarify cyber controls


Only then can the agency use automation for compliance, according to its CTO.

FedRAMP cloud security requirements under revision


The program management offices is aligning security impact levels with new NIST guidance on security and privacy controls.