Labels

Next step: clarification or information from Compliance

Next step: FedRAMP Product Manager updates, reviews, moves, or closes this issue

Next step: product group or subject matter expert reviews issue and identifies next steps

FedRAMP PM and Compliance have determined this issue is not required to satisfy FedRAMP controls. (It may be needed for other reasons.) Only FedRAMP PM or Compliance should apply this label.

Next step: implement the change. This indicates that no further FedRAMP control analysis is currently required.

This issue has been identified as a vulnerability that has completed and accepted by the PO&AM Vulnerability Deviation Request Process. The team does not need to perform any further action.

This issue has been identified as a vulnerability that has completed and denied by the PO&AM Vulnerability Deviation Request Process. The team must resolve this.

This issue has been identified as a vulnerability that has started the PO&AM Vulnerability Deviation Request Procedure

Apply label to container scan vulnerabilities of FedRAMP/FIPS images https://internal-handbook.gitlab.io/handbook/engineering/infrastructure/platforms/gitlab-dedicated/us-public-sector-services/architecture/fedramp-boundary-vulnerability-scanning/. Previously titled as FedRAMP Milestone::Vuln Remediation

Next Step: Wait for vendor to issue fix, ensure to checkin with vendor every 30 days. Open DR request if near breach.

Issues that are fillers for the current milestone in case the team completes their deliverables early

Issues related to Zuora.

to track SKU issues whether new SKUs, deprecated or updates to SKUs.

Used to track work related to the first mile i.e. required signup steps

Issues to be scheduled for future release

To identify Fulfillment section priority issues planned for Q4 of FY22