Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Compliance Masonry QuickStart

Compliance Masonry QuickStart


Aidan Feldman

October 20, 2016


  1. Compliance Masonry Making compliance easier, faster, better. Aidan Feldman &

    James Scott, 18F eRegulations
  2. None
  3. Compliance documentation is the biggest bottleneck that impacts delivery

  4. MyApp cloud.gov Component AWS Component Cloud Foundry Component Compliance Masonry

    Inherits Inherits Inputs SSP Outputs CIS Webiste
  5. demo

  6. eRegs demo

  7. Potential benefits for reviewers • Automatically generate reports • Show

    reviewers what has changed • Ability to view subsets of the documentation • Tracking of dependent systems
  8. Continuously Validate and Verify

  9. Thanks!

  10. name: Identification and Authentication Policy for 18F satisfies: - standard:

    NIST-800-53 control: IA-8 (1) narrative: | PIV verification is subject to the delegated enterprise SSO system. ...
  11. None
  12. None