Our stakeholders are segmented, as is our industry, into constituencies with various needs.
How OSCAL Supports Your Role
Please decide which roles you fit into, then go from there.
- Security Professionals -- You are responsible for documenting security controls and how they are applied within a system.
- Assessors -- You are responsible for assessing security-related information produced by others.
- Tool Developers -- You build tools and utilities to help other players, enabling them to do more work more consistently, thoroughly, accurately and easily.
- Policy Authors -- You write policy documents (catalogs or profiles/baselines/overlays) defining, characterizing and customizing security controls for others to use.