Subset: AssessmentCommon
Classes originating from the oscal-assessment-common namespace: subjects, assets, activities, tasks, findings, observations, risks, and related helper types.
URI: AssessmentCommon
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/oscal
Classes in subset
| Class | Description |
|---|---|
| Activity | Identifies an assessment or related process that can be performed |
| AssessmentAssets | Identifies the assets used to perform this assessment |
| AssessmentMethod | A local definition of a control objective |
| AssessmentPart | A partition of an assessment plan or results or a child of another part |
| AssessmentPlatform | Used to represent the toolset used to perform aspects of the assessment |
| AssessmentSelectControlById | Select a specific control for inclusion/exclusion in the assessment by litera... |
| AssessmentSubject | Identifies system elements being assessed, such as components, inventory item... |
| AssessmentSubjectPlaceholder | Used when the assessment subjects will be determined as part of one or more o... |
| AssessmentSubjectSource | Assessment subjects will be identified while conducting the referenced activi... |
| AssociatedActivity | Identifies an individual activity to be performed as part of a task |
| AssociatedRisk | Relates the finding to a set of referenced risks |
| AtFrequency | The task is intended to occur at the specified frequency |
| Characterization | A collection of descriptive data about the containing object from a specific ... |
| ControlObjectiveSelection | Identifies the control objectives of the assessment |
| ControlSelection | Identifies the controls being assessed |
| EventTiming | The timing under which the task is intended to occur |
| Facet | An individual characteristic that is part of a larger set produced by the sam... |
| Finding | Describes an individual finding |
| FindingTarget | Captures an assessor's conclusions regarding the degree to which an objective... |
| IdentifiedSubject | Used to detail assessment subjects that were identified by this task |
| ImportSSP | Used by the assessment plan and POA&M to import information about the system |
| LocalObjective | A local definition of a control objective for this assessment |
| LoggedBy | Used to indicate who created a log entry in what role |
| MitigatingFactor | Describes an existing mitigating factor that may affect the overall determina... |
| ObjectiveStatus | A determination of if the objective is satisfied or not within a given system |
| Observation | Describes an individual observation |
| OnDateCondition | The task is intended to occur on the specified date |
| Origin | Identifies the source of the finding, such as a tool, interviewed person, or ... |
| OriginActor | The actor that produces an observation, a finding, or a risk |
| RelatedObservation | Relates the identified element to a set of referenced observations |
| RelatedTask | Identifies an individual task for which the containing object is a consequenc... |
| RelevantEvidence | Links this observation to relevant evidence |
| RequiredAsset | Identifies an asset required to achieve remediation |
| Response | Describes either recommended or an actual plan for addressing the risk |
| ReviewedControls | Identifies the controls being assessed and their control objectives |
| Risk | An identified risk |
| RiskLog | A log of all risk-related tasks taken |
| RiskLogEntry | Identifies an individual risk response that occurred as part of managing an i... |
| RiskResponseReference | Identifies an individual risk response that this log entry is for |
| SelectObjectiveById | Used to select a control objective for inclusion/exclusion |
| SelectSubjectById | Identifies a set of assessment subjects to include/exclude by UUID |
| Step | Identifies an individual step in a series of steps related to an activity, su... |
| SubjectReference | A human-oriented identifier reference to a resource |
| Task | Represents a scheduled event or milestone, which may be associated with a ser... |
| TaskDependency | Used to indicate that a task is dependent on another task |
| ThreatId | A pointer, by ID, to an externally-defined threat |
| UsesComponent | The set of components that are used by the assessment platform |
| WithinDateRange | The task is intended to occur within the specified date range |