Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Compliance Masonry QuickStart

Compliance Masonry QuickStart

Aidan Feldman

October 20, 2016
Tweet

More Decks by Aidan Feldman

Other Decks in Technology

Transcript

  1. Compliance Masonry
    Making compliance
    easier, faster, better.
    Aidan Feldman & James Scott, 18F
    eRegulations

    View full-size slide

  2. Compliance documentation is
    the biggest bottleneck that
    impacts delivery

    View full-size slide

  3. MyApp
    cloud.gov
    Component
    AWS
    Component
    Cloud
    Foundry
    Component
    Compliance
    Masonry
    Inherits Inherits
    Inputs
    SSP
    Outputs
    CIS
    Webiste

    View full-size slide

  4. Potential benefits for reviewers
    ● Automatically generate reports
    ● Show reviewers what has changed
    ● Ability to view subsets of the documentation
    ● Tracking of dependent systems

    View full-size slide

  5. Continuously Validate
    and Verify

    View full-size slide

  6. name: Identification and Authentication Policy for 18F
    satisfies:
    - standard: NIST-800-53
    control: IA-8 (1)
    narrative: |
    PIV verification is subject to the delegated enterprise SSO system.
    ...

    View full-size slide