GOALS

• Need to establish shared goals for ACS and ACM satisfying two primary personas (SREs & SecOps)
• Three use cases: (1) Visibility (2) Remediation (3) Audit Evidence

BACKGROUND

• One of the strategic directions for Red Hat is to move more of our product offerings into Cloud (ACM, ACS, Quay are a set for OpenShift Plus) - we would like to integrate those offerings so that customers can use them better easily
• ACS and ACM should work together to come up with a more unified approach 
• We start from the user experience with two personas (SRE & SecOps) and then map it to the underlying technology 

PERSONAS

• SRE
  (1) Log into Cloud.Redhat.com (2) Start to configure OPP compliance service - Provision the service and configure it so that the compliance services available for SRE/SecOps to use (3) Collaborate with SecOps to define policies - SecOps needs to tell what compliance standards needs to be adopted and enforced / SREs needs to define policies and configure GitHubs

• SecOps
  Meet various security controls and policies, Collaboration between SREs and SecOps - But the page should be very similar to ACS compliance view (1) Monitor the compliance dashboard (2) Remediate

DATA SOURCES

1. ACS Compliance standards 
2. Compliance Operators
3. ACM

INITIAL COMPLIANCE STANDARS ONBOARDING UX 

https://miro.com/app/board/uXjVOWki4X8=/

INITIAL ONBOARDING MOCKUPS

https://marvelapp.com/prototype/d8c9a71/screen/85195744