UCF Analyst - Phase 1 - Lean PRD

Partner Adoption

• Number of OEM partners adopting the API for AD and Control data.

  • Target: TBD

Revenue Growth

• Revenue generated from enriched AD and control data.

  • Target: TBD

1

API Endpoints

Develop key API endpoints to support the first focus of the Preference-Driven AI System.

• Fully functional API endpoints:

  • Glossary Endpoint

  • Vendors/Organization Endpoint

  • Assets Endpoint

  • Configurable Items Endpoint

  • Configuration Settings Endpoint

  • Configuration Methods Endpoint

• Comprehensive API documentation for seamless integration.

• Moving data from Legacy system into NextGen for the above endpoints.

As a GRC professional, I would like to see the Framework References I have Common Control support for, and the mandates extracted from them.

Exists

• ADs Endpoint

• Citations Endpoint- for single AD

• Mandates Endpoint- for single AD

• Common Controls Endpoint -for single AD

Does not Exist

• UI

• Citations Endpoint for multiple ADs

• Mandates Endpoing for Multiple ADs

• Common Controls Endpoint for multiple ADs

As a GRC professional, I would like to select a set of Frameworks and compare the Common Control coverage - for both licensed and nonlicensed Frameworks.

Does not Exist

• UI

• Common Control to ADs Endpoint

  • Possible Metadata only for ADs?

As a GRC professional, I would like to see how the Common Controls are mapped back to the Frameworks I am licensed to.

Does not Exist

• Common Controls to Tagged Mandates Endpoint

• Common Controls to Citations Endpoint

As a GRC professional, I would like to see a list of Control Implementations for the Common Common controls I am licensed to use.

Does not Exist

• Common Controls Implementations Endpoint

  • (Children Controls of the Matched Common Control)

AD Frameworks to Common Controls User Interface

Build an interface for users to view a list of Common Controls for all licensed Authority Documents.

Considerations

• Ability to hide ADs and their controls from list (no save view at this time)

• Ability to highlight controls for specific ADs

Common Controls to Assets User Interface

Build an interface for users to view all Assests associated with the Common Controls for all their licensed Authority Documents.

Common Controls to Config Information User Interface

Build an interface for users to view all Configuration information for each Assets associated with the Common Controls for all their licensed Authority Documents.

AD Frameworks to Common Controls Common Controls to unlicensed ADs interface

(Compare)

Build an interface for users to view all the Unlicensed, publicly searchable, ADs overlapping with the Common Controls for all their licensed Authority Documents.

Considerations

• Filters for unlicensed ADs (Geography, Subject Matter, Originator)

Implement, test, and monitor performance standards

 Support serving content via HTTP/3

Security headers are included in every HTTP response

Compress all HTTP responses.

Included etags, caching, and cache busting for all HTTP API endpoint responses, webpages, and webpage assets.

Glossary Endpoint

Vendors/Organization Endpoint

Retrieves vendor-related information for assets.

Assets Endpoint

Retrieves asset information.

Configurable Items Endpoint

Retrieves of configuration items relevant to assets.

Configuration Settings Endpoint

Retrieves configuration settings tied to assets and configurable Items.

Configuration Methods Endpoint

Retrieves methods tied to configurable assets items.

Common Control to licensed ADs Endpoint

Common Control to AD Catalog Endpoint

Common Controls to Tagged Mandates Endpoint

Common Controls to Citations Endpoint

Common Controls Implementations Endpoint

Citations Endpoint for multiple ADs

Mandates Endpoint for Multiple ADs

Common Controls Endpoint for multiple ADs

Bulk Mandate Endpoint

Bulk Common Control Endpoint

Bulk Citations Endpoint