Basic Search
|
Geographic Searches
|
Advanced Search |
MegadealsSubsidy Tracker Individual Entry
Company: Cyberesi Consulting Group Inc
Parent Company:
Subsidy Source: federal
State in Which Facility Is Located: Maryland
Project Description: PURPOSE: THIS PROJECT PROPOSES TO GENERATE THE CPRT DATA IN OSCAL IN THE FORM OF A SET OF CONTROL CATALOGS AND CONTROLS MAPPING. ACTIVITIES TO BE PERFORMED: THE PROJECT WILL AUTOMATICALLY BUILD OSCAL CONTENT FROM CPRT REFERENCE DATA AND RELATED MAPPING DOCUMENT. SPECIFICALLY, PROOF-OF-CONCEPT CODE WILL PROGRAMMATICALLY COMBINE CPRT MAPPINGS WITH THE PRE-EXISTING OSCAL NIST SP 800-53 CONTROL (SP 800-53 CATALOG) TO CREATE NEW OSCAL CONTENT. THE RESULTANT CONTENT WILL INCREASE PUBLICLY AVAILABLE OSCAL CONTENT. THIS NEW OSCAL CONTENT WILL PROVIDE PRODUCT VENDORS THE ABILITY TO IMPORT WELL-FORMED AND VALID OSCAL INTO THEIR PRODUCTS. THIS WILL ENABLE GRC PRODUCT VENDORS TO IMPORT OSCAL AS A STARTING POINT FOR ASSESSMENT, REPORTING, AND AUTHORIZATION (I.E., SYSTEM SECURITY PLAN GENERATION). EXPECTED OUTCOMES: ONCE THE PROJECT SUCCESSFULLY EXPANDS AVAILABLE OSCAL CONTENT, FOLLOW-ON ACTIVITIES WILL ENRICH THE OSCAL CONTENT WITH MAPPING INFORMATION. SPECIFICALLY, A FUTURE PROJECT WILL CREATE PROOF-OF-CONCEPT CODE TO PROGRAMMATICALLY CREATE OSCAL CONTENT WHERE THE RELATIONSHIP BETWEEN TWO OR MORE EMBEDDED REFERENCE DATASETS ARE DEFINED BY KEY PROPERTIES. KEY PROPERTIES MIGHT INCLUDE RELATIONSHIP TYPES USING SET THEORY, MAPPING RATIONAL USING SEMANTIC, SYNTACTIC, OR FUNCTIONAL TERMS, AND FULFILLMENT STATEMENTS WHETHER ONE REFERENCE ELEMENT ENTIRELY SATISFIES THE OTHER REFERENCE ELEMENT. THIS WILL ALLOW USERS, SUCH AS GRC PRODUCT VENDORS, TO GO BEYOND COMMUNICATING THE RELATIONSHIPS OF SP 800-53 CONTROLS TO CPRT REFERENCE DATASET. PRODUCT VENDORS WOULD THEN BE ABLE TO EXPRESS THE FULFILLMENT OF A GIVEN CPRT REFERENCE DATASET BASED ON SP 800-53 ASSESSMENTS.INTENDED BENEFICIARIES: GOVERNANCE, RISK AND COMPLIANCE (GRC) TOOL VENDORS WILL BE ABLE TO SUPPORT AUTOMATED ASSESSMENTS AGAINST OTHER REGULATORY FRAMEWORKS THAN SP 800-53. SYSTEM OWNERS WILL BE ABLE TO GENERATE INFORMATION REGARDING THE CPRT CONTROLS SATISFACTION IN MACHINE READABLE FORMATS (XML, JSON AND YAML), SECURITY ASSESSORS AND AUDITORS WILL BE ABLE TO AUTOMATE 60% OR MORE OF THE SYSTEMS ASSESSMENT WHILE INCREASING THE ASSESSMENT ACCURACY. SECURITY FRAMEWORK OWNERS AND SYSTEM IMPLEMENTERS WILL BE ABLE TO USE THE MAPPING MODEL TO RELAY HOW THE CONTROLS FROM ONE FRAMEWORK RELATE TO CONTROLS FROM OTHER REGULATORY FRAMEWORKS, SUPPORTING RIGOROUS ASSESSMENTS ?ONCE? AND INFERENCE OF THE RESULTS ?MULTIPLE TIMES?.SUBRECIPIENT ACTIVITIES: THERE ARE NO PLANNED SUBAWARDS.
Year: 2023
Subsidy Value: $98,985
Program Name: Measurement and Engineering Research and Standards
Catalog of Federal Domestic Assistance code: 11.609
Awarding Agency: Department of Commerce
Type of Subsidy: federal grant
Source of Data:
(click here)
Notes: Year is first year of award performance period. Subsidy value is cumulative obligated total to date. Program name is per the Catalog of Federal Domestic Assistance code.
Source Notes: If an online information source is not working, check the Tracker
inventory page for an updated link.