A A A
Avatar
Please consider registering
Guest
sp_LogInOut Log Insp_Registration Register
Register | Lost password?
Advanced Search
Forum Scope






Start typing a member's name above and it will auto-complete

Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
sp_Feed
Your thoughts on Defining Contributors?
Nov 23, 2021
10:12 am
Avatar
Dorian Cougias
Admin
Level 10
Forum Posts: 4
Member Since:
Aug 18, 2021
sp_UserOfflineSmall Offline

Now that you've read the article (if you haven't, click HERE), what do you think?

Nov 23, 2021
10:54 am
Avatar
Sean Kohler
Admin
Level 10
Forum Posts: 6
Member Since:
Aug 18, 2021
sp_UserOfflineSmall Offline

It is very important to disambiguate Users as Contributors early in the Federated Data process.  We are working on having stackable validations in the process followed by a friend-of-a-friend model to ensure contributed data comes from a known Person.

Jan 24, 2022
10:16 pm
Avatar
Peter Rosenberg
Denmark
New Member
Members
Level 0
Forum Posts: 1
Member Since:
Jan 20, 2022
sp_UserOfflineSmall Offline

Thanks, Dorian
In the xMas days of joy and calm, I went thru your Webinar on C-a-C (Compliance as Code) and also had a glimpse of your Use Cases.
I think, we should raise the abstraction to yet another level...

Now I'm, scrutinizing - not the Frank Zappa way 😉 asking rethorically:

  • Why do you believe that a Diagram is needed for a Team ? 
    You keep arguing (elsewhere) that Text is more precise/comprehensive and suitable to Auditors. So why not for a 'general audience' ?  
    I do agree its compelling to have easy graphics and visualizations beside of textual representations, but to whom  - End Users or Architects or both ?
  • What is the end-goal (not Minimum Viable product) ?
    Is this to remove the variations of Platform specializations, that is tedious to roll into CIS and likewise frameworks ?
    Is it to allow easy (machine assisted) comparison of findings of compliance controls detections ?

Or is the reality, it support a general control seen around like 'You must be able to present a documented system', alone invented by decades of various frameworks and standards ?

Well, if it can be automated, like by feeding a VMWare 'Software Defined Datacentre' to PlantUML, and voila - all AS-IS is suddenly documented, then we can get rid of Document Controls like mentioned, and simply require an Automated Document Generation capability should exist as a best practice. 
 

BR
Peter Rosenberg

Jan 31, 2022
9:41 am
Avatar
Dorian Cougias
Admin
Level 10
Forum Posts: 4
Member Since:
Aug 18, 2021
sp_UserOfflineSmall Offline

Peter, if I'm understanding this correctly, the generalized question is "what is the end goal for diagramming as code"? Or are you asking something else?

Forum Timezone: America/Los_Angeles
Most Users Ever Online: 18
Currently Online:
Guest(s) 1
Currently Browsing this Page:
1 Guest(s)
Top Posters:
Elisabeth Heiberger: 1
SKFree: 1
Peter Rosenberg: 1
Robert Newhall: 1
Member Stats:
Guest Posters: 0
Members: 41
Moderators: 0
Admins: 5
Forum Stats:
Groups: 1
Forums: 2
Topics: 5
Posts: 10
Administrators: admin: 3, Jong Castillo: 0, Dorian Cougias: 4, Sean Kohler: 6, tcastillo: 0