Compliance

compliance

The Compliance object contains information about Industry and Regulatory Framework standards, controls and requirements.

Attributes

CaptionNameTypeDescription
Related AssessmentsassessmentsAssessment[]

A list of assessments associated with the compliance requirements evaluation

Compliance Standard Referencescompliance_referencesKB Article[]

A list of reference KB articles that provide information to help organizations understand, interpret, and implement compliance standards. They provide guidance, best practices, and examples.

Compliance Standards: Detailscompliance_standardsKB Article[]

A list of established guidelines or criteria that define specific requirements an organization must follow.

Security ControlcontrolString

A Control is prescriptive, prioritized, and simplified set of best practices that one can use to strengthen their cybersecurity posture. e.g. AWS SecurityHub Controls, CIS Controls.

Control Parameterscontrol_parametersKey:Value object[]

The list of control parameters evaluated in a Compliance check.

Raw Dataraw_dataJSON

Group:context
The event data as received from the event source.

Record IDrecord_idString

Group:primary
Unique identifier for the object

Compliance RequirementsrequirementsString[]

A list of requirements associated to a specific control in an industry or regulatory framework. e.g. NIST.800-53.r5 AU-10

Compliance Standards: ListstandardsString[]

Compliance standards are a set of criteria organizations can follow to protect sensitive and confidential information. e.g. NIST SP 800-53, CIS AWS Foundations Benchmark v1.4.0, ISO/IEC 27001

StatusstatusString

The resultant status of the compliance check normalized to the caption of the status_id value. In the case of 'Other', it is defined by the event source.

Status Codestatus_codeString

The resultant status code of the compliance check.

Status Detailstatus_detailString

The contextual description of the status, status_code values.

🚧 WARNING: DEPRECATED

Status Detail has been deprecated since 1.4.0. Use the status_details attribute instead.

Status Detailsstatus_detailsString[]

A list of contextual descriptions of the status, status_code values.

Status IDstatus_idInteger

The normalized status identifier of the compliance check.

  • 0: Unknown (UNKNOWN)
  • 1: Pass (PASS)
  • 2: Warning (WARNING)
  • 3: Fail (FAIL)
  • 99: Other (OTHER)
UnmappedunmappedUnmapped[]

Data from the source that was not mapped into the schema.

Relationships

Compliance shown in context

Inbound Relationships

These objects and events reference Compliance in their attributes:

Outbound Relationships

Compliance references the following objects and events in its attributes:

This page describes ocsf-1.4.0