Compliance

compliance

The Compliance object contains information about Industry and Regulatory Framework standards, controls and requirements.

Attributes

CaptionNameTypeDescription
Related Assessments assessments Assessment[] A list of assessments associated with the compliance requirements evaluation
Compliance Standard References compliance_references KB Article[] A list of reference KB articles that provide information to help organizations understand, interpret, and implement compliance standards. They provide guidance, best practices, and examples.
Compliance Standards: Details compliance_standards KB Article[] A list of established guidelines or criteria that define specific requirements an organization must follow.
Security Control control String A Control is prescriptive, prioritized, and simplified set of best practices that one can use to strengthen their cybersecurity posture. e.g. AWS SecurityHub Controls, CIS Controls.
Control Parameters control_parameters Key:Value object[] The list of control parameters evaluated in a Compliance check.
Raw Data raw_data JSON Group:context
The event data as received from the event source.
Record ID record_id String Group:primary
Unique identifier for the object
Compliance Requirements requirements String[] A list of requirements associated to a specific control in an industry or regulatory framework. e.g. NIST.800-53.r5 AU-10
Compliance Standards: List standards String[] Compliance standards are a set of criteria organizations can follow to protect sensitive and confidential information. e.g. NIST SP 800-53, CIS AWS Foundations Benchmark v1.4.0, ISO/IEC 27001
Status status String The resultant status of the compliance check normalized to the caption of the status_id value. In the case of 'Other', it is defined by the event source.
Status Code status_code String The resultant status code of the compliance check.
Status Detail status_detail String The contextual description of the status, status_code values.

🚧 WARNING: DEPRECATED

Status Detail has been deprecated since 1.4.0. Use the status_details attribute instead.

Status Details status_details String[] A list of contextual descriptions of the status, status_code values.
Status ID status_id Integer The normalized status identifier of the compliance check.
  • 0: Unknown (UNKNOWN)
  • 1: Pass (PASS)
  • 2: Warning (WARNING)
  • 3: Fail (FAIL)
  • 99: Other (OTHER)
Unmapped unmapped Unmapped[] Data from the source that was not mapped into the schema.

Relationships

Compliance shown in context

Inbound Relationships

These objects and events reference Compliance in their attributes:

Outbound Relationships

Compliance references the following objects and events in its attributes:

This page describes ocsf-1.4.0