Body Of Evidence

Body Of Evidence

Chief Information Officer

IC Technical Specifications

XML Data Encoding Specification for Body Of Evidence


This XML Data Encoding Specification for Body of Evidence (BOE.XML) defines detailed implementation guidance for the XML-encoding of elements to convey a system's body of evidence, where body of evidence is the set of data that documents the information system’s adherence to the security controls applied as defined in National Information Assurance (IA) Glossary (CNSSI 4009).


This specification is intended to provide the data fields necessary to capture and convey the relevant information that would be used to facilitate the acceptance and reciprocity of established systems and their security authorizations. To facilitate this exchange, this specification has been closely aligned with Risk Management Framework Documentation, Data Element Standards, and Reciprocity Process for National Security Systems (CNSSI 1254), associated policies, and the concepts and terminology within. It seeks to encourage an exchange of CNSSI compliant system security information and authorization to promote reciprocity between agencies/organizations in XML.


This specification is maintained by the IC Chief Information Officer via the Data Standards Coordination Activity (DSCA) and Common Metadata Standards Tiger Team (CMSTT).


Technical Specification Downloads


Latest Approved Public Release:


Mission Requirements


Information sharing with the national intelligence enterprise is increasingly dependent on the exchange of information about an exchange format. Systems, users, and developers all need a more consistent machine processable format for exchanging information describing data. This specification is a reaction to that need.