POA&M - remediations/lifecycle ="planned" error #461
Comments
|
Evidence provided that showing planned is included. And provided submission package for review as well (fake data) |
|
Is this for Rev 4 or Rev 5 or both? |
|
REV 4 is the location. |
|
There is a discrepancy between NIST OSCAL JSON structure (https://pages.nist.gov/OSCAL-Reference/models/v1.1.1/plan-of-action-and-milestones/json-outline/) and NIST OSCAL XML structure (https://pages.nist.gov/OSCAL-Reference/models/v1.1.1/plan-of-action-and-milestones/xml-outline/). We'll discuss this issue with NIST. |
|
FYI - NIST has identified that the SAR has the same discrepancy. Just following up. |
|
This relates to usnistgov/OSCAL#1956. |
|
This was discussed on the 12/6/2023 FedRAMP Early Adopters Workgroup call. On the call, the FedRAMP PMO recommended that the OSCAL syntax be kept as-is and that the discrepancy be explained in the associated OSCAL documentation. There was general agreement that leaving it as-is was the right thing to do. There were no concerns raised with this way forward on the call. Based on the discussion result, this issue can be closed. This relates OSCAL issues usnistgov/OSCAL#1618 and usnistgov/OSCAL#1956. usnistgov/OSCAL#1956 can be closed. |
github-project-automation
bot
moved this from 🏗 In progress
to ✅ Done
in FedRAMP Automation
Extended Description
Json structure the response objects are collected within "remediations". The schematron is looking for "response".
Preconditions
Acceptance Criteria
Review and determine if the schematron rule needs to be repointed, or if the issue is in the method of converting from json to xml. Once determined, fix as appropriate so the error no longer presents when the lifecycle="planned" is present but located within remediations.
Story Tasks
Definition of Done
FakeSubmissionPackage.zip
The text was updated successfully, but these errors were encountered: