1. Proposed title of this feature request

Add STIG Rule ID and Severity to Compliance Reports for Profiles.

2. What is the nature and description of the request?

Enhance the OpenShift Compliance Operator and ACS compliance dashboard to include STIG Rule IDs and Severity levels in the scan results generated by profiles. These metadata fields are essential for aligning with cybersecurity frameworks and automating integration with tools like eMASS.

Compliance results currently primarily show pass/fail status and general compliance metrics.

3. Why does the customer need this? (List the business requirements here)

• Delays in system approval because required data is missing from compliance reports

• Extra effort needed due to manual STIG checks

• May impact the production readiness and regulatory approval of OpenShift deployments

4. List any affected packages or components.

• Compliance Operator (v1.7.0)

• ACS Compliance Dashboard (v4.7.4)

• STIG Profiles: ocp4-stig, rhcos4-stig

For reference a sample Compliance report is attached to the case.