Viewing Checklist History and Changes
Any changes to checklists are tracked with version control history. A change could be editing a vulnerability through OpenRMF® Professional. It can be uploading an updated checklist or SCAP scan through the upload feature. Or it can be the Upgrade process where you upgrade your checklist to the latest STIG version and release of a checklist.
OpenRMF® Professional tracks a revision number and shows a History button when a checklist has older versions. This allows showing progress, showing what checklists were edit, and allows forensics in case of questions or issues on checklist data.
Tracking Checklist Score History
The checklist score history is displayed on the Checklist History page. It will show the starting “data revision” of the checklist and all changes up to the current point. The history shows the last 20 updates including the most recent version. As with any chart you can click on the legend at the bottom to turn on/off that data in the chart. Move your mouse over the chart to get more detailed information on the score for that date/time.
When vulnerability information is edited through the checklist interface and saved, the “Reason Updated” will update for the history tracking to show the individual fields (Status, Comments, Finding Details, Severity Override) that changed to allow easier tracking and tracing of changes.
Viewing Historical Checklist Records
You can also view each versioned checklist record and see the reason that checklist was created or updated. Its relevant checklist score is also shown. Click on the linked title to actually open that checklist in the regular checklist page layout to view all pertinent data in read-only mode.
From this page you can view the older checklist record as well as download the .ckl file or export an .xlsx file of the historical checklist data.
