You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The Canadian Centre for Cyber Security publishes a modified version of NIST 800-53. While I have been able to capture most of their modifications in an OSCAL profile using the alters functionality, in some cases they have added new controls such as AC-17(400).
Is there a way to capture these additional controls in a separate OSCAL catalog, and for oscal-cli to merge them into their existing NIST 800-53 structure?
The text was updated successfully, but these errors were encountered:
Yes. You can add new controls in a new catalog. You would then import both the original and the new catalog in the same OSCAL profile. Once resolved, the resulting catalog would contain selected controls from both source catalogs.
I've captured the extra controls in a separate catalog, but for some reason the controls in the second catalog (only) are being imported twice. Below is a snippet from the profile.
The Canadian Centre for Cyber Security publishes a modified version of NIST 800-53. While I have been able to capture most of their modifications in an OSCAL profile using the
alters
functionality, in some cases they have added new controls such as AC-17(400).Is there a way to capture these additional controls in a separate OSCAL catalog, and for
oscal-cli
to merge them into their existing NIST 800-53 structure?The text was updated successfully, but these errors were encountered: