cloud.gov Compliance

Compliance documentation and automation.

Continuous Monitoring tooling

Some shortcuts/tools for our monthly ConMon are in the ./ConMon directory

Audit

See the Audit directory README for guidance on running automated audits.

Historical / OpenControl note

This repository was originally intended to document cloud.gov's SSP using Compliance Masonry, but by 2020 that effort had been dormant for 4 years, and is now archived here in the opencontrol tag. We aim to revive that effort using NIST's OSCAL

Contributing

See CONTRIBUTING for additional information.

Public domain

This project is in the worldwide public domain. As stated in CONTRIBUTING:

This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the CC0 1.0 Universal public domain dedication.

All contributions to this project will be released under the CC0 dedication. By submitting a pull request, you are agreeing to comply with this waiver of copyright interest.

About

Compliance automation for cloud.gov

Other

Languages

Language:Ruby 56.9%Language:Shell 43.1%