Details
-
Feature Request
-
Resolution: Won't Do
-
Undefined
-
None
-
None
-
None
-
False
-
False
-
0
-
0%
Description
1. Proposed title of this feature request
Add ITSG-33 Profile to the Compliance Operator
2. What is the nature and description of the request?
The Canadian Federal Government has their own version of NIST-800-53 called ITSG-33. It is mostly the same as NIST-800-53 with a few additions for data residency requirements. Having an ITSG-33 specific profile would help accelerate ATO for our Canadian customers.
3. Why does the customer need this? (List the business requirements here)
As Canadian Federal Government departments and Crown Corporations move to the Cloud, they are required to prove they have met certain compliance standards. ITSG-33 is one of the core security profiles they need to meet. Having a specific ITSG-33 profile available for the OpenShift Compliance Operator would be a great boost to departments adopting OpenShift in the cloud, and a competitive advantage over our competition.
You can see the ITSG-33 description and control catalog here:
https://cyber.gc.ca/en/guidance/it-security-risk-management-lifecycle-approach-itsg-33
4. List any affected packages or components.
OpenShift Compliance Operator
Attachments
Issue Links
- is related to
-
CMP-1268 Add ITSG-33 Profile to Compliance Operator
-
- Closed
-
