Documentation Summary#
Document |
Description |
Produced By |
Disclosure(s) |
|---|---|---|---|
Registered Technology Provider Request (excluding Organizational Security Audit) |
Information submitted by RTP to the Administrator |
Registered Technology Provider |
Public |
Organizational Security Audit |
Information submitted by RTP to the Administrator annually |
Registered Technology Provider |
Subscribers |
Subscriber Agreement |
The agreement completed by the Subscriber to be given access to sensitive information. |
Subscriber |
List of subscribers will be maintained on the RABET-V Portal |
Product Goals |
Overview of what the product is intended to do |
Registered Technology Provider |
Public |
Expected Usage |
Statements of how the product is intended to be used |
Registered Technology Provider |
Public |
Security Claims |
Claims of which requirements are met by the product |
Registered Technology Provider |
Subscribers |
Process Descriptions |
Descriptions of how the provider does product development |
Registered Technology Provider |
RABET-V Administrator only |
Architecture Documentation and Diagrams |
Documentation on how the product is constructed |
Registered Technology Provider |
RABET-V Administrator only |
Third-Party Component Details |
Listing of the 3rd party software packages used by or included in the product |
Registered Technology Provider |
RABET-V Administrator only |
User Documentation |
Documentation intended to help non-technical users use the product |
Registered Technology Provider |
Subscribers |
Product Revision Submission Artifacts |
Outputs of the providers internal product development process |
Registered Technology Provider |
RABET-V Administrator only |
Submission Review Checklist |
Checklist completed during the Submission Review activity |
RABET-V Administrator, or agent |
Registered Technology Provider |
SAMM Toolkit and interview session notes |
Interview and scoring toolkit used for the Process Assessment |
RABET-V Administrator, or agent |
Registered Technology Provider |
Reliable Artifacts Evaluation |
Produced by the Process Assessment and used for Testing Rules |
RABET-V Administrator, or agent |
Registered Technology Provider |
Security Service Architecture |
Produced by the Architecture Review and used for maturity evaluation |
RABET-V Administrator, or agent |
Registered Technology Provider |
List of Applicable and Not Applicable Security Requirements |
A determination made during the Security Claims Review based on the product goals and expected usage |
RABET-V Administrator, or agent |
Registered Technology Provider, Subscribers |
Security Service Architectural Maturity Scores |
Scores developed during the Architecture Review activity |
RABET-V Administrator, or agent |
Registered Technology Provider, Subscribers |
Software Development Maturity Scores |
Scores developed during the Process Assessment activity |
RABET-V Administrator, or agent |
Registered Technology Provider, Subscribers |
Testing Rules Decision Tree |
Decision formula for determining how to test product changes |
RABET-V Administrator, or agent |
Registered Technology Provider, Subscribers |
Product Verification Test Results |
Results produced by testing the product against the requirements |
RABET-V Administrator, or agent |
Registered Technology Provider, Subscribers |
Security Service Capability Maturity Scores |
Scores developed based on the results of the Product Verification activity |
RABET-V Administrator, or agent |
Registered Technology Provider, Subscribers |
RABET-V Product Provider Report |
Report which captures the main outputs of the RABET-V iteration |
RABET-V Administrator, or agent |
Registered Technology Provider, Subscribers |
RABET-V Product Public Report |
Report which captures the main outputs of the RABET-V iteration |
RABET-V Administrator, or agent |
Public |