Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Open Security Controls Assessment Language OSCAL

OSCAL Adopters' Mini Workshops Series

The NIST OSCAL team is hosting a series of monthly mini workshops that aims to address topics of interest for our community and to open this forum for its members to present their OSCAL-related work. Unless specifically stated, the workshops will not require a deep, technical understanding of OSCAL, and the dialog is informal, allowing the community to interact with the presenters and with the OSCAL team members.

Call for Proposals

The NIST OSCAL Mini Workshop program committee is seeking timely, topical, and thought-provoking technical presentations or demonstrations highlighting OSCAL editorial tools, OSCAL-based security assessment automation processes, and Governance Risk and Compliance (GRC) tools supporting OSCAL formats for integration into such processes.

NIST does not endorse any of the OSCAL tools or services presented. Presentations or demos promoting such tools or services, as opposed to focusing on the OSCAL-related technical aspects, will not be permitted.

We encourage proposals from a diverse array of organizations and individuals with different perspectives, from the public and private sectors, international bodies, assessment and authorization (A&A), or certification and authorization (C&A) providers.

Please find below the calendar of proposed dates. Before submitting a proposal, please consult the calendar and indicate the preferred date with your submission. We will do our best to update the calendar as soon as a submission is approved.

Submit your proposal via email to oscal@nist.gov, with the subject line: “OSCAL Workshop - [Date: yyyy/mm/dd]”, where the “Date” is the selected date from the calendar below. Please include in your submission a pre-assessment of the OSCAL knowledge level the audience will need using a 4-levels scale with level one (L1/bronze) being equivalent to elementary or novice OSCAL knowledge, and level four (L4/platinum) being equivalent to expert OSCAL knowledge.

Join the events on ZoomGov:
Past and new (scheduled) presentations can be found below. Please click the year in the table below to jump to the presentations of choice. 

2024 Presentations:

- 01/17/2024: 

- 02/15/2024:

- 03/20/2024: 

- 04/03/2024 [SPECIAL EDITION]:

- 04/17/2024: 

- 05/15/2024: 

- 06/05/2024:

- 06/20/2024:

- 07/17/2024:

- 09/18/2024:


2023 Presentations:

- 02/01/2023 - [SPECIAL EDITION]: 

- 02/15/2023:

  • Google's Internal OSCAL Adoption (video, transcript)
    • Vikram KhareDirector – Continuous Assurance and Controls Engineering, Google
    • Valentin Mihai, Technical Lead, Cloud CISO - Continuous Assurance and Controls Engineering, Google

- 03/01/2023 - [SPECIAL EDITION]: 

- 03/15/2023:

- 05/17/2023: 

- 07/19/2023: 

- 08/23/2023: 

- 09/20/2023: 

- 10/18/2023: 

- 11/15/2023: 

  • Cyber Compliance Management Platform (no recording, presentation)
    • Tom Nash, PwC, UK
    • Siva Mallampati, PwC, UK
    • Salma Bedair, PwC, UK
    • Joshua Kong, PwC, Middle East
    • Shereef Assem, PwC, Middle East

2022 Presentations:

- 05/18/2022: 

- 06/15/2022:

- 07/13/2022:

- 08/10/2022:

- 09/07/2022:

- 10/05/2022:

- 11/02/2022:

- 11/30/2022:

Created April 24, 2018, Updated October 03, 2024