New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add precise docs on responsible-party and role in SSP #74

Open

aj-stein-gsa opened this issue Oct 4, 2024 · 0 comments

Assignees

Contributor

aj-stein-gsa commented Oct 4, 2024 •

edited by Gabeblis

Loading

The documentation site provides high-level description of the role assembly and its use (see https://automate.fedramp.gov/documentation/general-concepts/oscal-metadata/#working-with-role-assemblies) but is not explicit about the need for a corresponding responsible-party). May need to update documentation to make this rule clearer.

This section of the documentation (https://automate.fedramp.gov/documentation/ssp/4-ssp-template-to-oscal-mapping/) calls out specifict roles (e.g., "system-owner", "authorizing-official", etc.), and does mention the use of responsible-party with provided examples.

Documentation needs to be added for the role-defined-authorizing-official-poc constraint.

See original context for this work in GSA/fedramp-automation#754 (review).

The text was updated successfully, but these errors were encountered:

aj-stein-gsa mentioned this issue

Add role-has-responsible-party constraint GSA/fedramp-automation#754

Closed

5 tasks

Rene2mt self-assigned this

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment