Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add missing compliance audit file #38

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

repo-mountie[bot]
Copy link

@repo-mountie repo-mountie bot commented Jan 17, 2020

TL;DR 🏎️

Your repo is missing a compliance audit file so I've created this PR with a template that you can update with the correct PIA and STRA status (status options in the table below). If you'd like me to do this for you, skip to the commands section below.

Compliance

Projects in our organization (bcgov) need to complete a Privacy Impact Assessment (PIA) and Security Threat & Risk Assessment (STRA) before they go live in production. Since every ministry has their own way of doing both the STRA and PIA we don't enforce that projects do them, only that they report on the current status.

To help with reporting, I've added a compliance audit file as part of this pull request. Please checkout this branch and edit update status as needed. Here is a table of possible states:

Status Description
TBD If you're surprised by this news, use this state. I'll let you talk to your MISO and check back later.
in-progress Use this state when your assessment(s) are underway.
completed Use this state when your assessment(s) are completed. 🙌 🎉
exempt The PIA or STRA isn't applicable to your project / repo.

Here is what a completed audit file might look like:

name: compliance
description: |
  This document is used to track a projects PIA and STRA
  compliance.
spec:
  - name: PIA
    status: in-progress
    last-updated: '2019-11-22T00:03:52.138Z'
  - name: STRA
    status: completed
    last-updated: '2019-11-22T00:03:52.138Z'

For more information check out the BC Policy Framework for GitHub.

Pro Tip 🤓

  • If you're not sure what to do add a comment below with the command @repo-mountie help in it; a real-live-person will reply back to help you out.

Commands 🤖

I can update the status of the PIA and STRA for you; you'll just need to merge the PR when I'm done. You can find the available status values in the table above. Below are some commands I understand:

Command Description
@repo-mountie help You're freaking out and want to talk to a person.
@repo-mountie update-pia STATUS You want me to update the PIA status.
@repo-mountie update-stra STATUS You want me to update the STRA status.

Examples

@repo-mountie update-pia completed
@repo-mountie update-stra in-progress

@sonarcloud
Copy link

sonarcloud bot commented Jan 17, 2020

Kudos, SonarCloud Quality Gate passed!

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities (and Security Hotspot 0 Security Hotspots to review)
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@repo-mountie
Copy link
Author

repo-mountie bot commented Jul 1, 2020

Hey, its been 90 days since this PR was last updated. I'm sure everyone is busy, however, it would be appreciated if someone from the team puts this issue to bed. Thanks in Advance.

@repo-mountie
Copy link
Author

repo-mountie bot commented Oct 2, 2020

Hey, its been 92 days since this PR was last updated. I'm sure everyone is busy, however, it would be appreciated if someone from the team puts this issue to bed. Thanks in Advance.

@repo-mountie
Copy link
Author

repo-mountie bot commented Jan 1, 2021

Hey, its been 90 days since this PR was last updated. I'm sure everyone is busy, however, it would be appreciated if someone from the team puts this issue to bed. Thanks in Advance.

@repo-mountie
Copy link
Author

repo-mountie bot commented May 1, 2021

Hey, its been 120 days since this PR was last updated. I'm sure everyone is busy, however, it would be appreciated if someone from the team puts this issue to bed. Thanks in Advance.

7 similar comments
@repo-mountie
Copy link
Author

repo-mountie bot commented Aug 30, 2021

Hey, its been 120 days since this PR was last updated. I'm sure everyone is busy, however, it would be appreciated if someone from the team puts this issue to bed. Thanks in Advance.

@repo-mountie
Copy link
Author

repo-mountie bot commented Dec 28, 2021

Hey, its been 120 days since this PR was last updated. I'm sure everyone is busy, however, it would be appreciated if someone from the team puts this issue to bed. Thanks in Advance.

@repo-mountie
Copy link
Author

repo-mountie bot commented Apr 27, 2022

Hey, its been 120 days since this PR was last updated. I'm sure everyone is busy, however, it would be appreciated if someone from the team puts this issue to bed. Thanks in Advance.

@repo-mountie
Copy link
Author

repo-mountie bot commented Aug 26, 2022

Hey, its been 120 days since this PR was last updated. I'm sure everyone is busy, however, it would be appreciated if someone from the team puts this issue to bed. Thanks in Advance.

@repo-mountie
Copy link
Author

repo-mountie bot commented Dec 25, 2022

Hey, its been 120 days since this PR was last updated. I'm sure everyone is busy, however, it would be appreciated if someone from the team puts this issue to bed. Thanks in Advance.

@repo-mountie
Copy link
Author

repo-mountie bot commented Apr 25, 2023

Hey, its been 120 days since this PR was last updated. I'm sure everyone is busy, however, it would be appreciated if someone from the team puts this issue to bed. Thanks in Advance.

@repo-mountie
Copy link
Author

repo-mountie bot commented Aug 23, 2023

Hey, its been 120 days since this PR was last updated. I'm sure everyone is busy, however, it would be appreciated if someone from the team puts this issue to bed. Thanks in Advance.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant