Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

OSCAL

The Open Security Controls Assessment Language (OSCAL) enables automation of the authorization to operate (ATO) process. OSCAL is an emerging NIST standard for exchanging ATO package information in a machine-readable format.

The Federal Risk and Authorization Management Program (FedRAMP) is enabling stakeholders to create and submit their packages in OSCAL.

In this tech talk you will learn more about the benefits of OSCAL, what is available today, how it applies to both cloud and legacy data center ATOs, and how you can get started.

tech.gsa.gov / Office of the CTO

An official website of the U.S. General Services Administration

Looking for U.S. government information and services?
Visit USA.gov