OpenControl: A YAML-Powered Antidote to Bureaucracy
It's a powerfully simple idea.
To improve the quality of our software development, we use continuous integration. To improve the reliability of our deployment, we use continuous delivery. To improve the security of our systems, we can use continuous authorization.
Simply put, the tools that we use to develop and operate software, should also be used to generate and validate assessment and authorization packages.
Every commit runs the tests. Every passing build, updates the system security plan. Every deployment includes updates to continuous monitoring.
Software as Code.
Tests as Code.
Infrastructure as Code.
Compliance as Code.
The full website is online at http://opencontrol.xyz.