Specification for the Open Checklist Interactive Language (OCIL) Version 2.0

Waltermire, David; Scarfone, Karen; Casipe, Maria

doi:https://doi.org/10.6028/NIST.IR.7692

NISTIR 7692

Specification for the Open Checklist Interactive Language (OCIL) Version 2.0

Documentation Topics

Date Published: April 2011

Author(s)

David Waltermire (NIST), Karen Scarfone (G2), Maria Casipe (MITRE)

Abstract

This report defines version 2.0 of the Open Checklist Interactive Language (OCIL). The intent of OCIL is to provide a standardized basis for expressing questionnaires and related information, such as answers to questions and final questionnaire results, so that the questionnaires can use a standardized, machine-readable approach to interacting with humans and using information stored during previous data collection efforts. OCIL documents are Extensible Markup Language (XML) based. This report defines and explains the requirements that IT products and OCIL documents asserting conformance with the OCIL 2.0 specification must meet.

Keywords

assessment; OCIL; Open Checklist Interactive Language; questionnaire; SCAP; security automation; Security Content Automation Protocol; XML

Control Families

Audit and Accountability; Assessment, Authorization and Monitoring; Configuration Management; Risk Assessment

Documentation

Publication:
NISTIR 7692 (DOI)
Local Download

Supplemental Material:
None available

Related NIST Publications:
SP 800-70 Rev. 4
SP 800-179 Rev. 1 (Draft)
SP 800-179

Document History:
04/07/11: NISTIR 7692 (Final)

Topics

Security and Privacy
audit & accountability; risk assessment; security automation

Laws and Regulations
OMB Circular A-130