Register | Lost password?
Advanced Search
Forum Scope






Start typing a member's name above and it will auto-complete

Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters

Please confirm you want to mark all topics read

Mark all topics read

Your thoughts on Defining Contributors?
sp_Feed
Avatar
Dorian Cougias
Posts: 3
Level 10
Nov 23, 2021 - 10:12 am

1

Now that you've read the article (if you haven't, click HERE), what do you think?

Avatar
Sean Kohler
Posts: 6
Level 10
Nov 23, 2021 - 10:54 am

2

It is very important to disambiguate Users as Contributors early in the Federated Data process.  We are working on having stackable validations in the process followed by a friend-of-a-friend model to ensure contributed data comes from a known Person.

Avatar
Peter Rosenberg
Denmark
Posts: 1
Level 0
Jan 24, 2022 - 10:16 pm
3

Thanks, Dorian
In the xMas days of joy and calm, I went thru your Webinar on C-a-C (Compliance as Code) and also had a glimpse of your Use Cases.
I think, we should raise the abstraction to yet another level...

Now I'm, scrutinizing - not the Frank Zappa way 😉 asking rethorically:

  • Why do you believe that a Diagram is needed for a Team ? 
    You keep arguing (elsewhere) that Text is more precise/comprehensive and suitable to Auditors. So why not for a 'general audience' ?  
    I do agree its compelling to have easy graphics and visualizations beside of textual representations, but to whom  - End Users or Architects or both ?
  • What is the end-goal (not Minimum Viable product) ?
    Is this to remove the variations of Platform specializations, that is tedious to roll into CIS and likewise frameworks ?
    Is it to allow easy (machine assisted) comparison of findings of compliance controls detections ?

Or is the reality, it support a general control seen around like 'You must be able to present a documented system', alone invented by decades of various frameworks and standards ?

Well, if it can be automated, like by feeding a VMWare 'Software Defined Datacentre' to PlantUML, and voila - all AS-IS is suddenly documented, then we can get rid of Document Controls like mentioned, and simply require an Automated Document Generation capability should exist as a best practice. 
 

BR
Peter Rosenberg

Avatar
Dorian Cougias
Posts: 3
Level 10
Jan 31, 2022 - 9:41 am

4

Peter, if I'm understanding this correctly, the generalized question is "what is the end goal for diagramming as code"? Or are you asking something else?

Most Users Ever Online: 18
Currently Online:
Guest(s) 1
Currently Browsing this Page:
1 Guest(s)

Devices in use: Phone (1)