edits

CHANGELOG.adoc

@@ -2,6 +2,8 @@
 
 This document provides a high-level view of the changes to the macOS Security Compliance Project.
 
+== [Big Sur, Revision 3] - 2021-07-XX
+
 == [Big Sur, Revision 2] - 2021-03-XX
 
 * Rules

README.adoc

@@ -21,9 +21,9 @@ image:https://badgen.net/badge/icon/apple?icon=apple&label[link="https://www.app
 image:https://badgen.net/badge/icon/11.0?icon=apple&label[link="https://www.apple.com/macos"]
 endif::[]
 
-The macOS Security Compliance Project is an link:LICENSE.md[open source] effort to provide a programmatic approach to generating security guidance. The configuration settings in this document were derived from National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, _Recommended Security Controls for Federal Information Systems and Organizations_, Revision 4. This is a joint project of federal operational IT Security staff from the National Institute of Standards and Technology (NIST), National Aeronautics and Space Administration (NASA), Defense Information Systems Agency (DISA), and Los Alamos National Laboratory (LANL).
+The macOS Security Compliance Project is an link:LICENSE.md[open source] effort to provide a programmatic approach to generating security guidance. The configuration settings in this document were derived from National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, _Security and Privacy Controls for Information Systems and Organizations_, Revision 5. This is a joint project of federal operational IT Security staff from the National Institute of Standards and Technology (NIST), National Aeronautics and Space Administration (NASA), Defense Information Systems Agency (DISA), and Los Alamos National Laboratory (LANL).
 
-This project can be used as a resource to easily create customized security baselines of technical security controls by leveraging a library of atomic actions which are mapped to the compliance requirements defined in NIST SP 800-53 (Rev. 4). It can also be used to develop customized guidance to meet the particular cybersecurity needs of any organization.  
+This project can be used as a resource to easily create customized security baselines of technical security controls by leveraging a library of atomic actions which are mapped to the compliance requirements defined in NIST SP 800-53 (Rev. 5). It can also be used to develop customized guidance to meet the particular cybersecurity needs of any organization.  
 
 To learn more about the project, please see the {uri-repo}/wiki[wiki].
 

rules/supplemental/supplemental_controls.yaml

@@ -1,9 +1,9 @@
 id: supplemental_controls
 title: "Out of Scope Supplemental"
 discussion: |
-  There are several requirements defined in National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, Recommended Security Controls for Federal Information Systems and Organizations, Revision 4 that can be met by making configuration changes to the operating system. However, NIST SP 800-53 (Rev. 4) contains a broad set of guidelines that attempt to address all aspects of an information system or systems within an organization. Because the macOS Security Compliance Project is tailored specifically to macOS, some requirements defined in NIST SP 800-53 (Rev. 4) are not applicable. 
+  There are several requirements defined in National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, Security and Privacy Controls for Information Systems and Organizations, Revision 5 that can be met by making configuration changes to the operating system. However, NIST SP 800-53 (Rev. 5) contains a broad set of guidelines that attempt to address all aspects of an information system or systems within an organization. Because the macOS Security Compliance Project is tailored specifically to macOS, some requirements defined in NIST SP 800-53 (Rev. 5) are not applicable. 
 
-  This supplemental contains those controls that are assigned to a baseline in NIST SP 800-53 (Rev. 4) which cannot be addressed with a technical configuration for macOS. These controls can be accomplished though administrative or procedural processes within an organization or via integration of the macOS system into enterprise information systems which are configured to protect the systems within.
+  This supplemental contains those controls that are assigned to a baseline in NIST SP 800-53 (Rev. 5) which cannot be addressed with a technical configuration for macOS. These controls can be accomplished though administrative or procedural processes within an organization or via integration of the macOS system into enterprise information systems which are configured to protect the systems within.
   
   [cols="15%h, 85%a"]
   |===

sections/not_applicable.yaml

@@ -1,3 +1,3 @@
   name: "Not Applicable"
   description: |
-    This section contains the controls that are defined in the NIST 800-53 revision 4 but are not applicable when configuring a macOS system.
+    This section contains the controls that are defined in the NIST 800-53 revision 5 but are not applicable when configuring a macOS system.

sections/permanent.yaml

@@ -1,3 +1,3 @@
   name: "Permanent Findings"
   description: |
-    This section contains the controls that are defined in NIST 800-53 revision 4 but are unable to be configured natively within macOS. It is recommended to implement a third-party solution to meet the controls in this section.
+    This section contains the controls that are defined in NIST 800-53 revision 5 but are unable to be configured natively within macOS. It is recommended to implement a third-party solution to meet the controls in this section.

templates/adoc_authors.adoc

@@ -9,5 +9,4 @@
 |Joshua Glemza|National Aeronautics and Space Administration
 |Elyse Anderson|National Aeronautics and Space Administration
 |Gary Gapinski|National Aeronautics and Space Administration
-|Paige Ramsey|Los Alamos National Laboratory
 |===

templates/adoc_foreword.adoc

@@ -1,7 +1,7 @@
 == Foreword
 
-The macOS Security Compliance Project is an open source effort to provide a programmatic approach to generating security guidance. The configuration settings in this document were derived from National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, _Recommended Security Controls for Federal Information Systems and Organizations_, Revision 4.
+The macOS Security Compliance Project is an open source effort to provide a programmatic approach to generating security guidance. The configuration settings in this document were derived from National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, _Security and Privacy Controls for Information Systems and Organizations_, Revision 5.
 
-This project can be used as a resource to easily create customized security baselines of technical security controls by leveraging a library of atomic actions which are mapped to the compliance requirements defined in NIST SP 800-53 (Rev. 4). It can also be used to develop customized guidance to meet the particular cybersecurity needs of any organization.  
+This project can be used as a resource to easily create customized security baselines of technical security controls by leveraging a library of atomic actions which are mapped to the compliance requirements defined in NIST SP 800-53 (Rev. 5). It can also be used to develop customized guidance to meet the particular cybersecurity needs of any organization.  
 
 The objective of this effort was to simplify and radically accelerate the process of producing up-to-date macOS security guidance that is also accessible to any organization and tailorable to meet each organization’s specific security needs.