Small tweaks (usnistgov#311) including a new favicon

wendellpiez · May 2, 2019 · 24ad330 · 24ad330
1 parent e153fc8
commit 24ad330
Show file tree

Hide file tree

Showing 8 changed files with 29 additions and 22 deletions.
diff --git a/docs/_data/favicons.yml b/docs/_data/favicons.yml
@@ -2,24 +2,29 @@
 
 - rel: shortcut icon
   type: image/ico
-  # href: /assets/uswds/img/favicons/favicon.ico
-  href: /assets/img/favicon-32x32.png
+  href: /assets/img/oscal-favicon.png
+  # href: /assets/img/favicon-32x32.png
 - rel: icon
   type: image/png
-  # href: /assets/uswds/img/favicons/favicon.png
-  href: /assets/img/favicon-32x32.png
+  href: /assets/img/oscal-favicon-32x32.png
+  # href: /assets/img/favicon-32x32.png
 - rel: icon
   type: image/png
   sizes: 192x192
-  href: /assets/uswds/img/favicons/favicon-192.png
+  href: /assets/img/oscal-favicon.png
+# href: /assets/uswds/img/favicons/favicon-192.png
 - rel: apple-touch-icon-precomposed
-  href: /assets/uswds/img/favicons/favicon-57.png
+  href: /assets/img/oscal-favicon.png
+# href: /assets/uswds/img/favicons/favicon-57.png
 - rel: apple-touch-icon-precomposed
   sizes: 72x72
-  href: /assets/uswds/img/favicons/favicon-72.png
+  href: /assets/img/oscal-favicon.png
+# href: /assets/uswds/img/favicons/favicon-72.png
 - rel: apple-touch-icon-precomposed
   sizes: 114x114
-  href: /assets/uswds/img/favicons/favicon-114.png
+  href: /assets/img/oscal-favicon.png
+# href: /assets/uswds/img/favicons/favicon-114.png
 - rel: apple-touch-icon-precomposed
   sizes: 144x144
-  href: /assets/uswds/img/favicons/favicon-144.png
+  href: /assets/img/oscal-favicon.png
+# href: /assets/uswds/img/favicons/favicon-144.png
diff --git a/docs/_data/navigation.yml b/docs/_data/navigation.yml
@@ -28,7 +28,7 @@ primary:
 secondary:
   - text: Get Involved
     href: /community/
-  - text: Contact
+  - text: Contact Us
     href: /contact/
 
 resources:

diff --git a/docs/assets/img/oscal-favicon-32x32.png b/docs/assets/img/oscal-favicon-32x32.png
diff --git a/docs/assets/img/oscal-favicon.png b/docs/assets/img/oscal-favicon.png
diff --git a/docs/content/home.md b/docs/content/home.md
@@ -20,7 +20,7 @@ hero:
 tagline: Automating Security Assessment & Continuous Monitoring
 
 intro: |
-  NIST is developing the Open Security Controls Assessment Language (OSCAL) "standard for standards". It consists of a set of models expressed in standard notations (XML, JSON), offering machine-readable representations of information pertaining to the publication, implementation, and assessment of security and privacy controls. By promoting transparency and interoperability along with rigorous validation of data in context, OSCAL formats provide a foundation for automation and machine assistance of many tasks and activities related to systems security.
+  NIST is developing the Open Security Controls Assessment Language (OSCAL): a set of models expressed in standard notations (XML, JSON), offering machine-readable representations of information pertaining to the publication, implementation, and assessment of security and privacy controls. By promoting transparency and interoperability along with rigorous validation of data in context, OSCAL formats provide a foundation for automation and machine assistance of many tasks and activities related to systems security.
 
   OSCAL is being developed through a collaborative approach with the public. It is designed to improve system security planning, assessment, and monitoring, with a technology that is both user- and developer-friendly.
   

diff --git a/docs/content/learnmore/index.md b/docs/content/learnmore/index.md
@@ -19,16 +19,21 @@ subnav:
 
 ## What is OSCAL?
 
-NIST is developing the Open Security Controls Assessment Language (OSCAL) as a standardized, data-centric framework that can be applied to an information system for documenting and assessing its security controls. Today, security controls and control baselines are represented in proprietary ways and are expressed in prose format rather than being machine readable. This can lead to imprecise differences in interpretation, and requires manual effort to implement the controls. An important goal of OSCAL is to move the security controls and control baselines from a text-based and manual approach (using word processors or spreadsheets) to a set of standardized and machine-readable formats that improve both the User Experience (UX) and Machine Experience (MX) of system security planning, assessment and authorization. By representing control information in OSCAL, providing authoritative reference data sets, this information can better support automated processes allowing security professionals will be able to do better work with less effort.
+NIST is developing the Open Security Controls Assessment Language (OSCAL) as a standardized, data-centric framework that can be applied to an information system for documenting and assessing its security controls. Today, security controls and control baselines are represented in proprietary formats, requiring data conversion and manual effort to describe their implementation. An important goal of OSCAL is to move the security controls and control baselines from a text-based and manual approach (using word processors or spreadsheets) to a set of standardized and machine-readable formats. With systems security information represented in OSCAL, security professionals will be able to automate security assessment, auditing, and continuous monitoring processes.
 
 ## Why OSCAL?
 
-There are a number of factors contributing to the challenges faced by information system security professionals today: multiple regulatory compliance standards and frameworks (e.g., [NIST FISMA](https://www.nist.gov/programs-projects/federal-information-security-management-act-fisma-implementation-project), [PCI](https://www.pcisecuritystandards.org/pci_security/), [HIPAA](https://www.hhs.gov/hipaa/index.html), [ISO 27001](https://www.iso.org/isoiec-27001-information-security.html)), which change over time; their overlapping scope and the requirement to manage them together; and the size, complexity and ongoing development of the systems being documented. To provide assurance of a system's compliance posture, the implementation of security systems must be both correctly described, and validated against relevant security controls. This is resource-intensive and often infeasible within budget constraints given the complexity of the problem.
+There are a number of factors contributing to the challenges faced by information system security professionals today:
 
-The ability of OSCAL to streamline and standardize the security control documentation, implementation, and assessment process will reduce complexity, decrease implementation costs, and enable the continuous assessment of system security against multiple sets of requirements simultaneously. This approach has the added benefit of significantly reducing the paperwork associated with current processes, helping government agencies meet the goals of the [Paperwork Reduction Act](https://en.wikipedia.org/wiki/Paperwork_Reduction_Act).
+* multiple regulatory standards and frameworks (e.g., [NIST FISMA](https://www.nist.gov/programs-projects/federal-information-security-management-act-fisma-implementation-project), [PCI](https://www.pcisecuritystandards.org/pci_security/), [HIPAA](https://www.hhs.gov/hipaa/index.html), [ISO 27001](https://www.iso.org/isoiec-27001-information-security.html)), which change over time;
+* their overlapping scope and the requirement to manage them together; and
+* the size, complexity and ongoing development of the systems being documented.
 
-## How OSCAL Supports Your Role
+To provide assurance of a system's security posture, the implementation of security systems must be both correctly described, assessed and authorized against relevant security controls. Typically this process is resource-intensive, and often challenging within budget constraints given the complexity of the problem.
+
+By streamlining and standardizing the processes of documenting, implementing and assessing security controls, OSCAL will reduce complexity, decrease implementation costs, and enable the simultaneous, continuous assessment of system security against multiple sets of requirements. Additionally, paperwork will be significantly reduced.
 
+## How OSCAL Supports Your Role
 
 Our stakeholders are segmented, as is our industry, into constituencies with various needs. Please decide which category or categories you fit into, then go from there.
 

diff --git a/docs/content/resources/examples/catalogs.md b/docs/content/resources/examples/catalogs.md
@@ -2,14 +2,12 @@
 title: Catalogs
 description: OSCAL Catalog Examples
 permalink: /resources/examples/catalogs/
-
 layout: post
 topnav: resources
 sidenav: resources
 subnav:
   - text: Catalogs
     href: /resources/examples/catalogs/
-    current: true
   - text: Profiles
     href: /resources/examples/profiles/
 ---

diff --git a/docs/content/resources/examples/profiles.md b/docs/content/resources/examples/profiles.md
@@ -6,11 +6,10 @@ layout: post
 topnav: resources
 sidenav: resources
 subnav:
-  - text: Catalogs
-    href: /resources/examples/catalogs/
-  - text: Profiles
-    href: /resources/examples/profiles/
-    current: true
+ - text: Catalogs
+   href: /resources/examples/catalogs/
+ - text: Profiles
+   href: /resources/examples/profiles/
 ---
 
 Profiles currently available are early work; while we do not believe they have errors, they should be regarded as testing documents until authoritative versions can be published.