Import and export custom compliance frameworks using OSCAL-formatted YAML files in Compliance Management.
Compliance Management supports importing and exporting custom compliance frameworks
using Open Security Controls Assessment Language (OSCAL)-formatted YAML files. Importing
frameworks eliminates the need to build frameworks from scratch. Exporting frameworks
allows you to share and reuse standardized frameworks across different
TrendAI Vision One™ instances.
Import a custom framework
-
Go to .
-
On the Overview tab, click Create custom framework and select Import framework.
-
Upload an OSCAL-formatted YAML file.
Note
The uploaded file must be in OSCAL-compliant YAML format. The framework title, description, control families, and controls are parsed from the file content. -
Review the imported framework details, including the title, description, and control families.
-
Click Save.The imported framework appears in your list of custom frameworks.
Export a custom framework
-
Go to .
-
On the Overview tab, locate the custom framework you want to export.
-
Click the more button next to the framework and select Export framework.
-
Save the exported OSCAL-formatted YAML file to your local machine.The exported file can be imported into another TrendAI Vision One™ instance to reuse the framework across environments.
Review imported controls
After importing a framework, verify that the controls were imported correctly.
-
Go to .
-
Click Settings and select Select Frameworks and Standards.
-
Click the more button next to the custom framework and select Edit.The custom framework builder displays the imported control families and controls for review.
-
Verify that the control families, controls, and mappings are correct.
|
NoteYou can also verify controls from the Overview tab. Click the custom framework and select Compliance Analysis, then click Check configurations to confirm that compliance results reflect the imported controls.
|