Compliance as Code (CAC): No-Code access has begun, but you can't play unless you share who's playing.
The world of Compliance as Code offers us all a chance to contribute, but before you can contribute, you have to identify who is contributing!
Just like you need to know your users in projects such as the OSN Skills Network, NIST's CyberSecurity community, the UCF's Roles database, Jooble, O*NET, ComplianceDictionary.com, WordNIK, etc., all allow either identified persons or identified organizations to make direct contributions to their content.
Notice that we said "identified" up there? That's because when contributing to each of these projects, the project needs to know who (person or organization) the contributor is. They can't rely on "Joe Schmoe" or "Sally Sidewalk" without knowing which Joe or Sally they are referencing.
Same thing for your organization. If you are contributing to shared content, your own organization will need to track you, too. Organization is essential to building Secure Technical Implementation Guides (STIGs) and Software IDs (SWIDs), as each organization's name is a part of the file name associated with the STIG or SWID. Having disambiguated organizations is a key security element for those files and is part of the CAC No-Code movement.
We presented "Person and Organization Disambiguation," our third webinar series, where we discussed how each person and organization is disambiguated and how that works by giving you a no-code template to try! That way, you can fully contribute to the Compliance as Code movement! Don't be left out! The webinar was on November 18, 2021, at 10:00 AM in Pacific Time. Be a part of the future of compliance as code!
If you would like to watch it, click HERE for the link.
Here is what we will cover regarding identification:
1. How to go from a read-only User to a disambiguated Person who can contribute to content.
2. How to submit changes related to Organization or Persons and submit that back to the federated database.
If you missed the prior webinars, here are the links to the recordings so you can catch up:
September 16, 2021: Introduction to Compliance as Code
October 14, 2021: Compliance as Code Base Application Introduction
Remember to contribute and comply; you must identify!
This webinar was followed immediately by a Zoom meeting with our CTO, Sean Kohler focused on alpha testing this MVP. The link was provided at the end of the webinar for you to join or you could have clicked HERE at that time.
Unified Compliance and AuditBoard Session
Dorian Cougias, Unified Compliance co-founder and Compliance Scientist, and Richard Marcus, AuditBoard's Head of Information Security, held a session called “Not Your Grandfather’s Compliance Program”.
With today’s heightened supply chain risk and ever-increasing regulatory oversight, information security compliance has become a required cost of delivering any kind of digital services.
For many, this challenge requires managing multiple frameworks in complex and dynamic environments to satisfy customers, regulators, and executive leadership.
Dorian Cougias, founder of Unified Compliance Framework (UCF), and Richard Marcus, AuditBoard's Head of Information Security, to gain insight into the technology-enabled approaches that forward-thinking compliance professionals are using to keep pace with the rapidly evolving compliance landscape. Watch and learn how to reimagine their processes and leverage technology to aggregate, harmonize, and automate compliance activities.
Watch it here: (coming soon)
Do you know what “No-Code MVPs are?” Minimum Viable Products allow you to manage Users, Accounts, Groups, and Contributors/Organizations.
No-Code MVPs will release over the next couple of months. Watch this MVPs webinar held on October 14 at 10:00 am PDT, 1:00 pm EDT., we will give you access to the MVP no-code template.
Which was followed immediately by a Zoom meeting with Sean Kohler, CTO, Unified Compliance who will focus on alpha testing the template.
Learn how to:
• Re-introduction of Compliance as Code
• Where we are in the whole process (from no-code apps through the gateway launch)
• Introduction of our layout templates (in Figma) • Overview of the necessary schemas (user, account, person, group, organization)
• Introduction of our base template, the no-code based account MVP.
Listen now: https://theucf.info/webinar/recording/101421