(Note: A list of links for all articles in this series can be found at the conclusion of this article.)

In part 2 of this multi-part blog series on continuous compliance, we described our open-source SDK called Trestle which provides an implementation of the NIST Open Security Control Assessment Language (OSCAL) standard framework and the corresponding set of key compliance artifacts expressed as compliance as code. We mentioned that in addition to direct editing and manipulation of OSCAL documents, Trestle also provides capabilities for agile authoring of compliance artifacts as Markdown content and its conversion to OSCAL format. Further, in our first blog in this series, we described various personas and their role in the compliance processes.

Leave a Reply

Your email address will not be published. Required fields are marked *