U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Open Security Controls Assessment Language OSCAL

Open Security Controls Assessment Language (OSCAL) Educational Workshop 101 Series

The National Institute of Standards and Technology is hosting a series of monthly educational workshops focused on the Open Security Controls Assessment Language (OSCAL).

The purpose of these workshops is to improve OSCAL adoption by expanding the OSCAL community of interest (COI) through the onboarding of members who have no previous knowledge of OSCAL.

Setting the foundation for security automation, with a particular focus on the continuous authorization to operate (ATO) processes and continuous monitoring, OSCAL provides machine-readable representations of control catalogs, control baselines or profiles, system security plans, assessment plans, assessment results, and plan of actions and milestones, in a set of formats expressed in XML, JSON, and YAML.

The educational workshops will be virtual or in-person, and will provide one of the following topics:

  • An overview of OSCAL models and alignment with NIST RMF
  • An understanding of the OSCAL models
  • Basic knowledge for new OSCAL developers

In addition to presenting one of the topics listed above, the host will facilitate an open dialog with the participants, and, when applicable, demo the concepts. 

The NIST OSCAL team is committed to hosting those workshops monthly, on the third Tuesday of each month, 11:00 AM - 12:00 PM ET, except for the months of May and December 2023. A detailed schedule is provided below.

How to join the workshop:

Meeting URL
https://bluejeans.com/254853560/6295

Meeting ID: 254 853 560
Participant Passcode: 6295

Want to dial in from a phone? Dial one of the following numbers:
+1.202.795.3352,,,254853560,,,6295 (United States (Washington DC))
+1.408.317.9254,,,254853560,,,6295 (US (San Jose))
+1.888.748.9073,,,254853560,,,6295 (United States (Primary))
(see all numbers - https://www.bluejeans.com/premium-numbers)


2023 Planned Sessions:

Date Topic Presenter Format

2023.02.21

11:00am-12:00pm EST

What is OSCAL and Who Can Use It? (video, transcript) Michaela Iorga, NIST

virtual

 

2023.03.21

11:00am-12:00pm EDT

The Anatomy of OSCAL Models - Where to Start? (video, transcript)

Michaela Iorga, NIST

Robert Sherwood, Credentive Security

virtual

2023.04.18

11:00am-12:00pm EDT

New OSCAL Developer (video, transcript) tbd virtual

2023.06.20

What is OSCAL and Who Can Use It? tbd tbd

2023.07.18

The Anatomy of OSCAL Models tbd tbd

2023.08.15

New OSCAL Developer tbd tbd

2023.09.19

What is OSCAL and Who Can Use It? tbd tbd

2023.10.17

The Anatomy of OSCAL Models tbd tbd

2023.11.21

New OSCAL Developer tbd tbd

 

Created April 24, 2018, Updated August 23, 2023