Compliance is time consuming, burdensome, and expensive, but also necessary to access new markets and serve a wide range of customers. Industry leaders, particularly in the federal government space, have recognized this bottle-neck and proposed a solution for advancing and automating system security assessments through the use of a universal machine-readable data capture and exchange format. These leaders, in collaboration with NIST, have developed the Open Security Control Assessment Language (OSCAL) which serves as foundation for assessing cloud-based information systems. It has already been adopted by the FedRAMP PMO as a testing ground for automating the FedRAMP authorization package and accelerating the ATO approval process.
In this on-demand webinar KyberStorm CEO Milica Lijeskic and Telos solution architect Jet Ryan talk about what OSCAL is, and how compliance teams can benefit from this standard. You will learn:
- What OSCAL is and the benefits compliance teams can expect
- How compliance as code will change the traditional way of accrediting information systems
- Telos’ approach to adopting OSCAL and other data sharing standards
- How our current OSCAL capability produces a machine-readable system security plan (SSP) for FedRAMP
- Future OSCAL capabilities in the works and how they can benefit you