The General Services Administrationâs 18F organization has developed a tool that aims to help federal information security personnel continuously update their system security plans with code in an effort to manage risks and protect data infrastructure from network intrusions.
Mossadeq Zia,Â Gabriel Ramirez andÂ Noah Kunin write in a blog post published Friday that the Compliance Masonry tool works to help executives and security operations personnel use searchable content to produce assurance reports.
Compliance Masonry functions as a content management framework designed to handle SSP documentation for 18Fâs cloud.gov.
18F also noted that Compliance Masonry is built on open-source software in order to encourage agencies, service providers and developers to use as well as introduce updates to the tool.
Zia,Â Ramirez and Kunin addedÂ that 18F designed the toolÂ based on system component models and OpenControl Schema, which is designed toÂ store SSP documentation and data in machine readable format such as YAML and JSON.