UAF 1.3 RTF Avatar
  1. OMG Issue

UAF13 — Non-Security Risks

  • Key: UAF13-99
  • Status: open  
  • Source: RTX ( Mr. Sam Biller)
  • Summary:

    The EA Guide and the formal UAF documents suggest that UAF can be used to capture non-security risks at various levels of abstraction of the AD. The view specifications and UAFML limit the mitigation of a risk to a security control. It appears that an operational or resource mitigation should be elements that are able to mitigate a risk. The current metamodel only allows risks to affect those elements. Some rework in this area would improve the ability to capture non-security risks for ADs. Please see attached pdf for additional information.

  • Reported: UAF 1.2 — Wed, 8 Nov 2023 21:44 GMT
  • Updated: Sat, 2 Dec 2023 15:11 GMT
  • Attachments: