GOALS

• Establish shared compliance module UX for ACS and ACM
• Satisfy three use cases: (1) Visibility (2) Remediation (3) Audit Evidence

BACKGROUND

• One of the strategic directions for Red Hat is to move more of our product offerings into Cloud (ACM, ACS, Quay, ODF and OpenShift are a set for OpenShift Platform Plus) - we would like to integrate those offerings so that customers can use them better easily
• ACS and ACM should provide a unified solution for customers 

PERSONAS

• SRE
  (1) Log into Cloud.Redhat.com (2) Start to configure OPP compliance service - Provision the service and configure it so that the compliance services available for SRE/SecOps to use (3) Collaborate with SecOps to define policies - SecOps needs to tell what compliance standards needs to be adopted and enforced / SREs needs to define policies and configure GitHubs

• SecOps
  Meet various security controls and policies, Collaboration between SREs and SecOps - But the page should be very similar to ACS compliance view (1) Monitor the compliance dashboard (2) Remediate

DATA SOURCES

1. ACS Compliance standards 
2. OpenShift Compliance Operators
3. ACM Governance