Compliance
The Compliance object contains information about Industry and Regulatory Framework standards, controls and requirements.
Attributes
Caption | Name | Type | Description |
---|---|---|---|
Complaince References Articles | compliance_references |
KB Article[] | A list of sources of information or tools that help organizations understand, interpret, and implement compliance standards. They provide guidance, best practices, and examples. |
Compliance Standards Articles | compliance_standards |
KB Article[] | A list of established guidelines or criteria that define specific requirements an organization must follow. |
Security Control | control |
String | A Control is prescriptive, prioritized, and simplified set of best practices that one can use to strengthen their cybersecurity posture. e.g. AWS SecurityHub Controls, CIS Controls. |
Raw Data | raw_data |
JSON | The event data as received from the event source. |
Record ID | record_id |
String | Unique identifier for the object |
Compliance Requirements | requirements |
String[] |
A list of requirements associated to a specific control in an industry or regulatory framework. e.g. NIST.800-53.r5 AU-10
|
Security Standards | standards |
String[] |
Security standards are a set of criteria organizations can follow to protect sensitive and confidential information. e.g. NIST SP 800-53, CIS AWS Foundations Benchmark v1.4.0, ISO/IEC 27001
|
Status | status |
String |
The resultant status of the compliance check normalized to the caption of the status_id value. In the case of 'Other', it is defined by the event source.
|
Status Code | status_code |
String | The resultant status code of the compliance check. |
Status Details | status_detail |
String | The contextual description of the status, status_code values. |
Status ID | status_id |
Integer |
The normalized status identifier of the compliance check.
|
Unmapped Data | unmapped |
Unmapped[] | The attributes that are not mapped to the event schema. The names and values of those attributes are specific to the event source. |
Relationships
Inbound Relationships
These objects and events reference Compliance in their attributes:
Outbound Relationships
Compliance references the following objects and events in its attributes:
This page describes qdm-1.3.2+ocsf-1.3.0
Updated about 2 months ago