Glossary of the Repository Data Fields

Change History	Running log detailing any changes made to the checklist since its inclusion in the repository. This field is updated with each version of the checklist.
Checklist Homepage	States the URL of the checklist home page.
Checklist Installation Tools	Describes the functional tools required to use the checklist to configure the system, if they are not included with the checklist.
Checklist Summary	Summarizes the purpose of the checklist and its settings.
Comments, Warnings, Disclaimer, Miscellaneous	Any additional information that the checklist developer wishes to convey to users.
Creation Date	States the date when the checklist is first listed by NIST, in the format CCYY-MM-DD.
Dependency/Requirement	Indicate that another checklist or guide is required in order to properly use and implement the current checklist.
Disclaimer	Legal notice pertaining to the checklist.
Download Package	URL or filenames(s) of the checklist documentation, scripts, templates, etc.
Integrity	The message digest or hash of the checklist package. SHA-1 or SHA-256 is recommended
Known Issues	Summarizes issues that may arise after application of the checklist to help users pinpoint any functional and operational problems caused by the checklist.
Licensing	States the license agreement, e.g. the checklist is copyrighted, open source, GPL, free software, shareware, etc.
Name	States the name of the checklist.
NIAP/CMVP Status	Whether the product has been NIAP or CMVP evaluated using this checklist. The field also states the type of evaluation received.
NIST Identifier	A NIST-assigned identifier to uniquely identify the checklist.
Point of Contact	Provides an e-mail address where questions, comments, suggestions, and problem reports can be sent in reference to the checklist. The point of contact should be an email address that the checklist developer monitors for checklist problem reports.
Product	The official IT product name.
Product Category	The main product category of the IT product, e.g. firewall, IDS, operating system, web server, etc.
Product Role	Specifies the primary use or function of the IT product as described by the checklist, e.g., Client Desktop Host, Web Server, Bastion Host, Network Border Protection, Intrusion Detection, etc.
Product Support	Vendor will accept support calls from users who have applied this checklist on their IT product; warranty for the IT product has not been affected.
Product Version	The specific software or firmware released version number of the IT product, including service pack or patch level as appropriate.
References	Any supporting references chosen by the developer that were used to produce the checklist or checklist documentation.
Regulatory Compliance	Whether the checklist is consistent with various regulations, e.g. HIPAA, GLBA, FISMA, ISO17799, Sarbanes & Oxley, DoD 8500, etc.
Revision Date	States the date when the checklist was last revised, in the format CCYY-MM-DD.
Rollback Capability	Whether the changes in product configuration made by applying the checklist can be rolled back and, if so, how to rollback the changes.
Sponsor	States the name of the IT product manufacturer organization and individuals who sponsor the submitted checklist if it is submitted by a third party entity.
Status	Whether Candidate, Final, Archived, or Under Review.
Submitting Organization/Authors	The name of the organization and authors that produced the checklist.
Target Audience	Intended audience that should be able to install, test, and use the checklist, including suggested minimum skills and knowledge required to correctly use the checklist.
Target Operational Environment	The IT product’s operational environment, e.g. SOHO, Enterprise, Specialized Security-Limited Functionality, or Custom (with description).
Testing Information	Platforms on which checklist was tested. Can include any additional testing-related information such as summary of testing procedures used.
Vendor	Contains the name of the manufacturer of the IT product.
Version	Indicates the version or release number of the checklist.