Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( Dot gov ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Open Security Controls Assessment Language OSCAL

Project Links

Overview FAQs News & Updates Events Presentations

Presentations

Title / Presenter	Type	Date
OSCAL Mini Workshop Series - Event #8: The OSCAL Futurist: Musing on What is Possible and What is Needed	Presentation	11/30/2022
OSCAL Mini Workshop Series - Event #7: Implementing a Security Assessment Framework (SAF) with OSCAL	Presentation	11/02/2022
OSCAL Mini Workshop Series - Event #6: Compliance as Code - from Upstream to Ops	Presentation	10/05/2022
OSCAL Mini Workshop Series - Event #5: NIST Open Source OSCAL Tooling	Presentation	09/07/2022
OSCAL Mini Workshop Series - Event #4: RegScale - Extreme Automation with OSCAL - Exercising the Full OSCAL Stack in a Next Generation GRC	Presentation	08/10/2022
OSCAL Mini Workshop Series - Event #3: OSCAL Implementation: Early Lessons Learned	Presentation	07/13/2022
OSCAL Mini Workshop Series - Event #2: IBM's Trestle - Compliance as Code Orchestrator and Automation Workflow	Presentation	06/15/2022
OSCAL Mini Workshop #1: Compliance as Code for Big Bang Risk Management Framework (RMF) Control Mapping to Accelerate Department of Defense (DoD) Authorization to Operate (ATO)	Presentation	05/18/2022
Open Security Controls Assessment Language (OSCAL) Michaela Iorga - NIST	Presentation	03/10/2022
Security Automation with Open Security Controls Assessment Language (OSCAL) Michaela Iorga michaela.iorga@nist.gov David Waltermire david.waltermire@nist.gov	Presentation	05/26/2021
Security Automation Simplified Via NIST's Open Security Controls Assessment Language (OSCAL) Michaela Iorga - NIST Brian Ruf - FedRAMP PMO Presented at: National Cybersecurity Summit (June 4-6, 2019), Huntsville, AL. https://www.nationalcybersummit.com [178MB file; no audio in video on slide 21]	Presentation	06/05/2019
The Open Security Control Assessment Language: A high-level overview David Waltermire david.waltermire@nist.gov	Presentation	01/18/2018

Project Links

Overview FAQs News & Updates Events Presentations

Additional Pages

OSCAL Adopters' Workshops OSCAL 101

Contacts

Michaela Iorga
michaela.iorga@nist.gov

Group

Secure Systems and Applications

Topics

Security and Privacy: assurance, audit & accountability, controls assessment, risk assessment, security automation, system authorization, systems security engineering

Technologies: cloud & virtualization

Related Projects

Cloud Computing
DevSecOps
NIST Risk Management Framework
SCAP v2
Security Content Automation Protocol

Additional Pages

OSCAL Adopters' Workshops OSCAL 101

Contacts

Michaela Iorga
michaela.iorga@nist.gov

Group

Secure Systems and Applications

Topics

Security and Privacy: assurance, audit & accountability, controls assessment, risk assessment, security automation, system authorization, systems security engineering

Technologies: cloud & virtualization

Related Projects

Cloud Computing
DevSecOps
NIST Risk Management Framework
SCAP v2
Security Content Automation Protocol

Created April 24, 2018, Updated August 23, 2023