change(docs): Updated to clearer field names based on SCI v0.3.6 (#757)

Author: eddie-knight

.github/workflows/format_check.yml

@@ -7,16 +7,16 @@ jobs:
   prettier-fmt-check:
     runs-on: ubuntu-latest
     steps:
-      - name: Checkout repository
+      - title: Checkout repository
         uses: actions/checkout@v3
 
-      - name: Set up Node.js
+      - title: Set up Node.js
         uses: actions/setup-node@v3
         with:
           node-version: "16"
 
-      - name: Install Prettier
+      - title: Install Prettier
         run: npm install --save-dev prettier
 
-      - name: Check formatting with Prettier
+      - title: Check formatting with Prettier
         run: npx prettier --check "**/*.md" --config ./.config/.prettierrc

.github/workflows/links.yml

@@ -9,7 +9,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
-      - name: Link Checker
+      - title: Link Checker
         id: lychee
         uses: lycheeverse/lychee-action@v1
         with:

.github/workflows/linting_check.yml

@@ -8,37 +8,37 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - name: Checkout repository
+      - title: Checkout repository
         uses: actions/checkout@v3
 
-      - name: Set up Node.js
+      - title: Set up Node.js
         uses: actions/setup-node@v3
         with:
           node-version: "16"
 
-      - name: Install markdownlint-cli
+      - title: Install markdownlint-cli
         run: npm install -g markdownlint-cli
 
-      - name: Run markdownlint
+      - title: Run markdownlint
         run: markdownlint '**/*.md' --config ./.config/.markdownlint.yaml
 
   yaml-lint:
     runs-on: ubuntu-latest
 
     steps:
-      - name: Checkout repository
+      - title: Checkout repository
         uses: actions/checkout@v3
 
-      - name: Set up Python
+      - title: Set up Python
         uses: actions/setup-python@v4
         with:
           python-version: "3.x" # Use any compatible Python 3 version
 
-      - name: Install yamllint
+      - title: Install yamllint
         run: |
           python -m pip install --upgrade pip
           pip install yamllint
 
-      - name: Run yamllint
+      - title: Run yamllint
         run: |
           yamllint -c ./.config/.yamllint .

.github/workflows/release.yml

@@ -22,13 +22,13 @@ jobs:
       - uses: actions/checkout@v4
         name: Build
 
-      - name: Configure Go
+      - title: Configure Go
         uses: actions/setup-go@v5
 
-      - name: Install dependencies
+      - title: Install dependencies
         run: go mod download
 
-      - name: Get Build Target
+      - title: Get Build Target
         id: process_target
         run: |
           # Read the input for a single build target
@@ -38,7 +38,7 @@ jobs:
           echo "Build target: $build_target"
           echo "target=$build_target" >> $GITHUB_OUTPUT
 
-      - name: Create Release Artifacts
+      - title: Create Release Artifacts
         run: |
           # Create all artifacts for the specified build target
           build_target="${{ steps.process_target.outputs.target }}"
@@ -61,7 +61,7 @@ jobs:
             fi
           done
 
-      - name: Upload Artifacts
+      - title: Upload Artifacts
         uses: actions/[email protected]
         with:
           name: ccc-catalogs
@@ -73,13 +73,13 @@ jobs:
     needs: build
     runs-on: ubuntu-latest
     steps:
-      - name: Download Artifacts
+      - title: Download Artifacts
         uses: actions/[email protected]
         with:
           name: ccc-catalogs
 
       # Create a GitHub release
-      - name: Create GitHub Release
+      - title: Create GitHub Release
         id: create_release
         uses: actions/create-release@v1
         with:
@@ -92,7 +92,7 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       # Upload the artifacts to the release
-      - name: Upload Release Assets
+      - title: Upload Release Assets
         run: |
           for file in ./*
           do

.github/workflows/sonatype_scan.yaml

@@ -19,7 +19,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - name: Sonatype Lifecycle SCA Scan
+      - title: Sonatype Lifecycle SCA Scan
         id: evaluate
         uses: sonatype/actions/evaluate@v1
         with:
@@ -31,7 +31,7 @@ jobs:
           scan-targets: ${{ env.SonatypeScanTarget }}
           module-exclude: ${{ env.ExcludeDirectory }}
 
-      - name: Save Sonatype SBOM
+      - title: Save Sonatype SBOM
         uses: sonatype/actions/fetch-sbom@v1
         if: always() && steps.evaluate.outputs.scan-id
         with:

.github/workflows/todo_check.yml

@@ -8,10 +8,10 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - name: Checkout code
+      - title: Checkout code
         uses: actions/checkout@v4
 
-      - name: Check for TODOs in services directory
+      - title: Check for TODOs in services directory
         uses: damienjburks/[email protected]
         with:
           path: "./services"

.github/workflows/yaml_check.yml

@@ -8,10 +8,10 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - name: Checkout repository
+      - title: Checkout repository
         uses: actions/checkout@v3
 
-      - name: Validate YAML Schema
+      - title: Validate YAML Schema
         uses: InoUno/yaml-ls-check@develop
         with:
           schemaMapping: |

.vscode/controls.code-snippets

@@ -20,7 +20,7 @@
 			"        - <ISO 27001 control IDs>",
 			"      NIST_800_53:",
 			"        - <NIST 800-53 control IDs>",
-			"    test_requirements:",
+			"    assessment-requirements:",
 			"      - id: CCC.<Service Category Abbreviation>.C#.TR##",
 			"        text: |",
 			"          <REQUIREMENT TEXT>",
@@ -51,7 +51,7 @@
 			"        - <ISO 27001 control IDs>",
 			"      NIST_800_53:",
 			"        - <NIST 800-53 control IDs>",
-			"    test_requirements:",
+			"    assessment-requirements:",
 			"      - id: CCC.<Service Category Abbreviation>.C#.TR##",
 			"        text: |",
 			"          <REQUIREMENT TEXT>",

common/controls.yaml

@@ -1,13 +1,13 @@
 control-families:
-  - name: Data
+  - title: Data
     description: 'TODO: Describe this control family'
     controls:
       - id: CCC.C01
         title: Prevent Unencrypted Requests
         objective: |
           Ensure that all communications are encrypted in transit to protect data
           integrity and confidentiality.
-        requirements:
+        assessment-requirements:
           - id: CCC.C01.TR01
             text: |
               When a port is exposed for non-SSH network traffic, all traffic MUST
@@ -55,7 +55,7 @@ control-families:
           designated as restricted or prohibited, to comply with
           regulatory requirements and reduce exposure to geopolitical
           risks.
-        requirements:
+        assessment-requirements:
           - id: CCC.C06.TR01
             text: |
               When a deployment request is made, the service MUST validate
@@ -102,7 +102,7 @@ control-families:
           Ensure that data is replicated across multiple
           zones or regions to protect against data loss due to hardware
           failures, natural disasters, or other catastrophic events.
-        requirements:
+        assessment-requirements:
           - id: CCC.C08.TR01
             text: |
               When data is stored, the service MUST ensure that data is
@@ -146,7 +146,7 @@ control-families:
           Access logs should always be considered sensitive.
           Ensure that access logs are protected against unauthorized
           access, tampering, or deletion.
-        requirements:
+        assessment-requirements:
           - id: CCC.C09.TR01
             text: |
               When access logs are stored, the service MUST ensure that
@@ -204,7 +204,7 @@ control-families:
           of defined trust perimeter. An untrusted destination is defined
           as a resource that exists outside of a specified trusted
           identity or network or data perimeter.
-        requirements:
+        assessment-requirements:
           - id: CCC.C10.TR01
             text: |
               When data is replicated, the service MUST ensure that
@@ -231,15 +231,15 @@ control-families:
           - reference-id: NIST_800_53
             identifiers:
               - AC-4
-  - name: Encryption
+  - title: Encryption
     description: 'TODO: Describe this control family'
     controls:
       - id: CCC.C02
         title: Ensure Data Encryption at Rest for All Stored Data
         objective: |
           Ensure that all data stored is encrypted at rest to maintain
           confidentiality and integrity.
-        requirements:
+        assessment-requirements:
           - id: CCC.C02.TR01
             text: |
               When data is stored at rest, the service MUST be configured to
@@ -274,7 +274,7 @@ control-families:
           Ensure that encryption keys are managed securely by enforcing
           the use of approved algorithms, regular key rotation, and
           customer-managed encryption keys (CMEKs).
-        requirements:
+        assessment-requirements:
           - id: CCC.C11.TR01
             text: |
               When encryption keys are used, the service MUST verify that
@@ -333,7 +333,7 @@ control-families:
             identifiers:
               - SC-12
               - SC-17
-  - name: Identity and Access Management
+  - title: Identity and Access Management
     description: 'TODO: Describe this control family'
     controls:
       - id: CCC.C03
@@ -344,7 +344,7 @@ control-families:
           something you know, something you have, or something you are. In the
           case of programattically accessible services, such as API endpoints, this
           includes a combination of API keys or tokens and network restrictions.
-        requirements:
+        assessment-requirements:
           - id: CCC.C03.TR01
             text: |
               When an entity attempts to modify the service, the service MUST
@@ -431,7 +431,7 @@ control-families:
           by adversaries. This includes restricting access based on trust
           criteria such as IP allowlists, domain restrictions, and tenant
           isolation.
-        requirements:
+        assessment-requirements:
           - id: CCC.C05.TR01
             text: |
               When access to sensitive resources is attempted, the service MUST
@@ -490,15 +490,15 @@ control-families:
           - reference-id: NIST_800_53
             identifiers:
               - AC-3
-  - name: Logging & Monitoring
+  - title: Logging & Monitoring
     description: 'TODO: Describe this control family'
     controls:
       - id: CCC.C04
         title: Log All Access and Changes
         objective: |
           Ensure that all access and changes are logged to maintain a
           detailed audit trail for security and compliance purposes.
-        requirements:
+        assessment-requirements:
           - id: CCC.C04.TR01
             text: |
               When any access attempt is made to the service, the service MUST log
@@ -551,7 +551,7 @@ control-families:
           Ensure that logs and associated alerts are generated when
           unusual enumeration activity is detected that may indicate
           reconnaissance activities.
-        requirements:
+        assessment-requirements:
           - id: CCC.C07.TR01
             text: |
               When suspicious enumeration activities are detected, the
@@ -587,7 +587,7 @@ control-families:
           - reference-id: NIST_800_53
             identifiers:
               - AU-6
-  - name: ""
+  - title: ""
     description: 'TODO: Describe this control family'
     controls:
       - id: CCC.C12
@@ -600,7 +600,7 @@ control-families:
           attack surface and prevent unauthorized  inbound connections.
           Overly permissive rules such as, 0.0.0.0/0 must be disallowed or
           strictly controlled.
-        requirements:
+        assessment-requirements:
           - id: CCC.C12.TR01
             text: |
               When an unauthorized IP or network attempts to connect