CTF Documentation Examples
Each Product Team must have a Plan of Action on file for their CtF Application.
Plan of Action for [Your Application Name]
- Kick-off Date: MM/DD/YYYY
- Inception Date: MM/DD/YYYY
- MVP Date: MM/DD/YYYY
- CtF Expiration Date: MM/DD/YYYY
Vision
- Describe the overarching vision for your application. This may include benefits the application provides, improvements made to the user's workflow or where the application intends to go and what you hope to achieve when you get there.
Strategy
- Articulate the mission objectives and expectations that the application aims to achieve. This section may include goals, purpose or current and target audience. This section typically aligns with the overall vision and focus of the mission it supports.
Summary
- Provide an brief overall statement and purpose of the application. You may include who uses this application, what it is used for and when, why and how is used.
Goals and Metrics
Release Focus:
- Addition of deconfliction data, notifications, and role-based access
Release Functionality:
- Scheduling of engagement movement between Planned, Staged, and Current states
- Scheduling of events
- Logging of events
- Support for Assessment
System Integration Considerations:
- Interfaces with MongoDB database
- Interfaces with app Assessment and frontend applications as a data access and mutation provider
- Requires access to Keycloak for authentication & authorization
System Security Plan:
Complete all bolded items
markdown
# Full name of the system.
system-name: **Your Application Name**
# Shortname or abbreviation.
short-name: **YAN**
# Deployment version or release number.
version: **v4.2.1**
# Operational Environments: production, test, research and development, tactical, deployed, or other.
environment: **IL2 Staging, IL4 production**
# Authorization Status: CtF
authorization: **Active**
# List of deployable Pipeline urls included in CtF.
pipeline urls:
- **https://code.il4.dso.mil/platform-one/products/YOURAPPLICATIONLINK/backend/-/pipelines**
- **https://code.il4.dso.mil/platform-one/products/YOURAPPLICATIONLINK/frontend/-/pipelines**
# Current CtF Expiration
expiration date: **date** or **NA**
# Security Re-Assess Interval. Period for re-assessment after updates
assess-interval: **12 months**
# Authorization boundary diagram. Include URL.
system-architecture: **https://gitlab.(yourdiagramlink).pdf**
# Categorization: H/M/L
Confidentiality: **M**
Integrity: **M**
Availability: **M**
# Classification: **UNCLASSIFIED, SECRET//NOFORN, TS/SCI**
# Personally Identifiable Information: **Y/N**
Privacy Impact Assessment(PIA): **Y/N**
Material Leader's approval:
DoD Information Technology (IT) Portfolio Repository(DITPR)/Information Technology Investment Portfolio Suite (ITIPS): **DITPR/ITIPS Number**
Application team's Program Office maintained: **Y/N**
# Data-types:
- **JSON**
- **HTML**
- **text**
- **CSV**
# Deployment-sites:
-** https://yourapplicationlink**
# Programming-languages:
- **React/Typescript**
# Dependencies:
- **Java 11**
# Databases:
- **MongoDB**
# Platform One External-Systems Hostname:
- **Hostname**
Role-Identification:
Authorizing-Official:
name: Brian Kropa
title: Authorizing Official
org: Air Force Command & Control
email: brian.kropa@us.af.mil
phone: 781-225-1118
System-Owner:
name: Brian Viola
title: Material Leader
org: AFLCMC/HNCX
email: brian.viola@us.af.mil
phone: 210-421-1458
Chief-Information-Security-Officer:
name:
title: CISO
org:
email:
phone:
Product-Manager:
name:
title:
org:
email:
phone:Architecture Diagram:
