There’s recently been a push within FedRAMP towards modernizing the framework to meet modern security challenges and better align federal security standards across agencies and technologies.

Part of this push is standardizing how security controls are measured and assessed, and the most recent blog from FedRAMP mentions a new standard–OSCAL.

Here, we will discuss OSCAL, why the National Institute of Standards and Technology (NIST) is creating it to address assessments, and how we streamline them.