NIST is developing the Open Security Controls Assessment Language (OSCAL), a set of hierarchical, formatted, XML- and JSON-based formats that provide a standardized representation for different categories of information pertaining to the publication, implementation, and assessment of security controls. OSCAL is being developed through a collaborative approach with the public. The OSCAL website
provides an overview of the OSCAL project, including an XML and JSON schema reference and examples. The OSCAL GitHub repository
holds the actual OSCAL schemas, examples, documentation source files, and other resources. The NIST team welcomes public contributions to this project. If you are interested in contributing, please review the contributor documentation
for ideas and information on how to get started.