Implementing Policies
Assets compliance requirements can be enforced in OER with the utilization of Policies. Policies can be applied to one or many Assets. An Asset can have more than one policy attached to it. A policy in OER consists of one-to-many Policy Assertions. When a policy is applied to an Asset, all of the assertions within the policy must be true in order for Asset to comply with the policy.
Each assertion has a name, a description, and includes a technical definition. Technical definitions support additional metadata that may be needed to validate the assertion (for example, a particular Asset must have less than 1 percent defects before the service can be deployed to the next environment).
According to the use case the following Policies are needed in to order to support the target governance model:
Note that for your organization, you may define as many Policies as you required. For the purposes of this chapter we simplified it.
Requirement Compliance Enforcement Policy: This...
