This attribute is only a placeholder so that all the ISM attributes are not shown
in the schemaGuide for every element. If you refer to the documentation of the
attribute group it will say what attributes should be here.
Describe the overall level of risk
(e.g., very low, low, moderate, high, or very high) to the system, considering all
individual
risks, mitigating factors, environment, architecture, system's security categorization,
historical evidence, etc.
Source: CNSSI-1254 appendix C RAR Data elements #20, NIST SP 800-30
Source
<xsd:complexType name="RatedScaleResponseType"><xsd:simpleContent><xsd:restriction base="boe:ResponseWithExplanation"><xsd:attribute name="response" type="boe:RatingScaleEnum" use="required"><xsd:annotation><xsd:documentation><p xmlns="http://www.w3.org/1999/xhtml" ism:classification="U" ism:ownerProducer="USA">Describe the overall level of risk (e.g., very low, low, moderate, high, or very high) to the system, considering all individual risks, mitigating factors, environment, architecture, system's security categorization, historical evidence, etc.</p><p xmlns="http://www.w3.org/1999/xhtml" ism:ownerProducer="USA" ism:classification="U">Source: CNSSI-1254 appendix C RAR Data elements #20, NIST SP 800-30</p></xsd:documentation></xsd:annotation></xsd:attribute></xsd:restriction></xsd:simpleContent></xsd:complexType>
Schema location
BOE.xsd Copy and paste this link to your file browser, clicking the link MAY open in the browser. Opening in an XML aware editor is best.
Describe the overall level of risk
(e.g., very low, low, moderate, high, or very high) to the system, considering all
individual
risks, mitigating factors, environment, architecture, system's security categorization,
historical evidence, etc.
Source: CNSSI-1254 appendix C RAR Data elements #20, NIST SP 800-30
<xsd:attribute name="response" type="boe:RatingScaleEnum" use="required"><xsd:annotation><xsd:documentation><p xmlns="http://www.w3.org/1999/xhtml" ism:classification="U" ism:ownerProducer="USA">Describe the overall level of risk (e.g., very low, low, moderate, high, or very high) to the system, considering all individual risks, mitigating factors, environment, architecture, system's security categorization, historical evidence, etc.</p><p xmlns="http://www.w3.org/1999/xhtml" ism:ownerProducer="USA" ism:classification="U">Source: CNSSI-1254 appendix C RAR Data elements #20, NIST SP 800-30</p></xsd:documentation></xsd:annotation></xsd:attribute>
Schema location
BOE.xsd Copy and paste this link to your file browser, clicking the link MAY open in the browser. Opening in an XML aware editor is best.
This document has been approved for Public Release by the Office of the Director of National Intelligence. See Distribution Notice for details.
Click Here