Open question for the compliance assessment community -- Is there an existing XML representation for POAM reporting?

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Open question for the compliance assessment community -- Is there an existing XML representation for POAM reporting?

Wolfkiel, Joseph
 
All,

Within the DoD, we've identified a need for an XML format for POAM
reporting.  Based on an internal tasking, I developed a suggested set of
schemas and guidance for POAM reporting, both as stand-alone and as part of
ARF (see attached--it has evolved since this draft, mostly in that I re-used
some data elements from the open Gantt project for milestones and added
"system" level POAMs).

My boss was concerned that I am probably re-inventing the wheel since POAMs
are so widely used across a lot of communities.

My question to anyone with information:  Is there a pre-existing XML format
for POAM reporting already available I can integrate into ARF and/or use for
stand-alone POAM reporting in the DoD?

Lt Col Joseph L. Wolfkiel
Director, Computer Network Defense Research & Technology (CND R&T) Program
Management Office
9800 Savage Rd Ste 6767
Ft Meade, MD 20755-6767
Commercial 410-854-5401 DSN 244-5401
Fax 410-854-6700

2009-08-15 POAM Reporting and Updates to the Assessment Results Format.doc (5M) Download Attachment
smime.p7s (6K) Download Attachment