OSCAL Mini Workshop Series

The NIST OSCAL team is hosting a new series of mini workshops, that aims to address topics of interest for our community and to open this forum for its members to present their OSCAL-related work. Unless specifically stated, the workshops will not require a deep, technical understanding of OSCAL, and the dialog is informal, allowing the community to interact with the presenters and with the OSCAL team members.

Please see below the call for proposals if you are interested in presenting your OSCAL work. To submit topics for discussion, please email us at oscal@nist.gov.

The OSCAL project and this workshop series are aligned with NIST’s mission of promoting U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life. NIST works to maximize its impact and mission fulfillment by positioning itself to anticipate future technology trends and develop the most important measurements and standards products that are aligned with industry drivers and needs.

We encourage developers of control-oriented security tools, organizations that want to use or create OSCAL-based information to automate security assessment, and those planning to move towards continuous Authorization to Operate (cATO) to attend the workshops.

Who should attend:

• Leaders in digital transformation and security automation from the government, private, and academic sectors;
• Vendors of security automation tools who are considering implementing OSCAL formats in their tools;
• Participants in standard development organizations focusing on developing and publishing control catalogs and baselines;
• System owners from the government, private, and academic sectors, who want to streamline the documentation of controls used in their information systems.

Call for Proposals

NIST OSCAL Mini Workshop program committee is seeking timely, topical, and thought-provoking technical presentations or demonstrations highlighting OSCAL editorial tools, OSCAL-based security assessment automation processes, and Governance Risk and Compliance (GRC) tools supporting OSCAL formats for integration into such processes.

NIST does not endorse any of the OSCAL tools or services presented. Presentations or demos promoting such tools or services, as opposed to focusing on the OSCAL-related technical aspects, will not be permitted.

We encourage proposals from a diverse array of organizations and individuals with different perspectives, from the public and private sectors, international bodies, assessment and authorization (A&A), or certification and authorization (C&A) providers.

Please find below the calendar of proposed dates. Before submitting a proposal, please consult the calendar and indicate the preferred date with your submission and the duration of your presentation (60 min, including Q&A). We will do our best to update the calendar as soon as a submission is approved.

Submit your proposal via email to oscal@nist.gov, with the subject line: “OSCAL Workshop - [Date: yyyy/mm/dd]”, where the “Date” is the selected date from the calendar below. Please include in your submission a pre-assessment of the OSCAL knowledge level the audience will need using a 4-levels scale with level one (L1/bronze) being equivalent to novice and level four (L4/platinum) being an OSCAL expert.

Join the meetings here or dial one of the following numbers: +1.202.795.3352,,, 743 906 781 ,,, 9254 (United States (Washington DC)) +1.408.317.9254,,, 743 906 781 ,,, 9254 (US (San Jose)) (To see all available numbers, go to: https://www.bluejeans.com/numbers) Enter the meeting ID and passcode as follows: Meeting ID: 743 906 781 Participant Passcode: 9254

Workshops Calendar: jump to: 2023, 2022

2023

2022