Showing:

Annotations
Attributes
Diagrams
Facets
Model
Properties
Source
Used by
Element boe:IdentifyingEventType / boe:Event
Namespace urn:us:gov:ic:boe
Annotations

The event that identified the deficiency (e.g., security controls assessment, penetration test)

Source: CNSSI-1254 appendix C POA&M Data elements #3, NIST SP 800-37

Diagram
Diagram IC-ISM_xsd_Simple_Type_ShortStringType.tmp#ShortStringType IC-ISM_xsd_Attribute_Group_SecurityAttributesGroup.tmp#SecurityAttributesGroup IC-ISM_xsd_Complex_Type_ShortStringWithSecurityType.tmp#ShortStringWithSecurityType
Type ShortStringWithSecurityType
Type hierarchy
Properties
content complex
Attributes
QName Type Use Annotation
SchemaguideSecurityAttributesGroup xsd:NMTOKEN optional
This attribute is only a placeholder so that all the ISM attributes are not shown in the schemaGuide for every element. If you refer to the documentation of the attribute group it will say what attributes should be here.
Source
<xsd:element name="Event" type="ism:ShortStringWithSecurityType">
  <xsd:annotation>
    <xsd:documentation>
      <p xmlns="http://www.w3.org/1999/xhtml" ism:classification="U" ism:ownerProducer="USA">The event that identified the deficiency (e.g., security controls assessment, penetration test)</p>
      <p xmlns="http://www.w3.org/1999/xhtml" ism:ownerProducer="USA" ism:classification="U">Source: CNSSI-1254 appendix C POA&M Data elements #3, NIST SP 800-37</p>
    </xsd:documentation>
  </xsd:annotation>
</xsd:element>
Schema location BOE.xsd Copy and paste this link to your file browser, clicking the link MAY open in the browser. Opening in an XML aware editor is best.
Element boe:IdentifyingEventType / boe:ReviewingOrganization
Namespace urn:us:gov:ic:boe
Annotations

The organization responsible for the event where an organization is an entity of any size, complexity, or positioning within an organizational structure (e.g., a federal agency, or, as appropriate, any of its operational elements).

Source: CNSSI-1254 appendix C POA&M Data elements #3, NIST SP 800-37

Source: CNSSI-4009 (Organization)

Diagram
Diagram IC-ISM_xsd_Simple_Type_ShortStringType.tmp#ShortStringType IC-ISM_xsd_Attribute_Group_SecurityAttributesGroup.tmp#SecurityAttributesGroup IC-ISM_xsd_Complex_Type_ShortStringWithSecurityType.tmp#ShortStringWithSecurityType
Type ShortStringWithSecurityType
Type hierarchy
Properties
content complex
Attributes
QName Type Use Annotation
SchemaguideSecurityAttributesGroup xsd:NMTOKEN optional
This attribute is only a placeholder so that all the ISM attributes are not shown in the schemaGuide for every element. If you refer to the documentation of the attribute group it will say what attributes should be here.
Source
<xsd:element name="ReviewingOrganization" type="ism:ShortStringWithSecurityType">
  <xsd:annotation>
    <xsd:documentation>
      <p xmlns="http://www.w3.org/1999/xhtml" ism:classification="U" ism:ownerProducer="USA">The organization responsible for the event where an organization is an entity of any size, complexity, or positioning within an organizational structure (e.g., a federal agency, or, as appropriate, any of its operational elements).</p>
      <p xmlns="http://www.w3.org/1999/xhtml" ism:ownerProducer="USA" ism:classification="U">Source: CNSSI-1254 appendix C POA&M Data elements #3, NIST SP 800-37</p>
      <p xmlns="http://www.w3.org/1999/xhtml" ism:ownerProducer="USA" ism:classification="U">Source: CNSSI-4009 (Organization)</p>
    </xsd:documentation>
  </xsd:annotation>
</xsd:element>
Schema location BOE.xsd Copy and paste this link to your file browser, clicking the link MAY open in the browser. Opening in an XML aware editor is best.
Complex Type boe:IdentifyingEventType
Namespace urn:us:gov:ic:boe
Diagram
Diagram BOE_xsd_Complex_Type_boe_IdentifyingEventType.tmp#IdentifyingEventType_date IC-ISM_xsd_Attribute_Group_SecurityAttributesGroup.tmp#SecurityAttributesGroup BOE_xsd_Complex_Type_boe_IdentifyingEventType.tmp#IdentifyingEventType_Event BOE_xsd_Complex_Type_boe_IdentifyingEventType.tmp#IdentifyingEventType_ReviewingOrganization
Used by
Model
Children boe:Event , boe:ReviewingOrganization
Attributes
QName Type Use Annotation
SchemaguideSecurityAttributesGroup xsd:NMTOKEN optional
This attribute is only a placeholder so that all the ISM attributes are not shown in the schemaGuide for every element. If you refer to the documentation of the attribute group it will say what attributes should be here.
boe:date boe:DateWithoutTimezone optional

The date the weakness was identified.

Source: CNSSI-1254 appendix C POA&M Data elements #3, NIST SP 800-37

Source
<xsd:complexType name="IdentifyingEventType">
  <xsd:all>
    <xsd:element name="Event" type="ism:ShortStringWithSecurityType">
      <xsd:annotation>
        <xsd:documentation>
          <p xmlns="http://www.w3.org/1999/xhtml" ism:classification="U" ism:ownerProducer="USA">The event that identified the deficiency (e.g., security controls assessment, penetration test)</p>
          <p xmlns="http://www.w3.org/1999/xhtml" ism:ownerProducer="USA" ism:classification="U">Source: CNSSI-1254 appendix C POA&M Data elements #3, NIST SP 800-37</p>
        </xsd:documentation>
      </xsd:annotation>
    </xsd:element>
    <xsd:element name="ReviewingOrganization" type="ism:ShortStringWithSecurityType">
      <xsd:annotation>
        <xsd:documentation>
          <p xmlns="http://www.w3.org/1999/xhtml" ism:classification="U" ism:ownerProducer="USA">The organization responsible for the event where an organization is an entity of any size, complexity, or positioning within an organizational structure (e.g., a federal agency, or, as appropriate, any of its operational elements).</p>
          <p xmlns="http://www.w3.org/1999/xhtml" ism:ownerProducer="USA" ism:classification="U">Source: CNSSI-1254 appendix C POA&M Data elements #3, NIST SP 800-37</p>
          <p xmlns="http://www.w3.org/1999/xhtml" ism:ownerProducer="USA" ism:classification="U">Source: CNSSI-4009 (Organization)</p>
        </xsd:documentation>
      </xsd:annotation>
    </xsd:element>
  </xsd:all>
  <xsd:attribute name="date" type="boe:DateWithoutTimezone">
    <xsd:annotation>
      <xsd:documentation>
        <p xmlns="http://www.w3.org/1999/xhtml" ism:classification="U" ism:ownerProducer="USA">The date the weakness was identified.</p>
        <p xmlns="http://www.w3.org/1999/xhtml" ism:ownerProducer="USA" ism:classification="U">Source: CNSSI-1254 appendix C POA&M Data elements #3, NIST SP 800-37</p>
      </xsd:documentation>
    </xsd:annotation>
  </xsd:attribute>
  <xsd:attributeGroup ref="ism:SecurityAttributesGroup"/>
</xsd:complexType>
Schema location BOE.xsd Copy and paste this link to your file browser, clicking the link MAY open in the browser. Opening in an XML aware editor is best.
Attribute boe:IdentifyingEventType / @boe:date
Namespace urn:us:gov:ic:boe
Annotations

The date the weakness was identified.

Source: CNSSI-1254 appendix C POA&M Data elements #3, NIST SP 800-37

Type boe:DateWithoutTimezone
Properties
content simple
Facets
pattern \-?[0-9]{4}-[0-9]{2}-[0-9]{2}
Used by
Source
<xsd:attribute name="date" type="boe:DateWithoutTimezone">
  <xsd:annotation>
    <xsd:documentation>
      <p xmlns="http://www.w3.org/1999/xhtml" ism:classification="U" ism:ownerProducer="USA">The date the weakness was identified.</p>
      <p xmlns="http://www.w3.org/1999/xhtml" ism:ownerProducer="USA" ism:classification="U">Source: CNSSI-1254 appendix C POA&M Data elements #3, NIST SP 800-37</p>
    </xsd:documentation>
  </xsd:annotation>
</xsd:attribute>
Schema location BOE.xsd Copy and paste this link to your file browser, clicking the link MAY open in the browser. Opening in an XML aware editor is best.

This document has been approved for Public Release by the Office of the Director of National Intelligence. See Distribution Notice for details. Click Here