Open question for the compliance assessment community -- Is there an existing XML representation for POAM reporting?
Within the DoD, we've identified a need for an XML format for POAM
reporting. Based on an internal tasking, I developed a suggested set of
schemas and guidance for POAM reporting, both as stand-alone and as part of
ARF (see attached--it has evolved since this draft, mostly in that I re-used
some data elements from the open Gantt project for milestones and added
"system" level POAMs).
My boss was concerned that I am probably re-inventing the wheel since POAMs
are so widely used across a lot of communities.
My question to anyone with information: Is there a pre-existing XML format
for POAM reporting already available I can integrate into ARF and/or use for
stand-alone POAM reporting in the DoD?
Lt Col Joseph L. Wolfkiel
Director, Computer Network Defense Research & Technology (CND R&T) Program
9800 Savage Rd Ste 6767
Ft Meade, MD 20755-6767
Commercial 410-854-5401 DSN 244-5401