Check PIA and PTA

[ohsh6o]

Extended Description

As a FedRAMP reviewer, to ensure proper completion of necessary supporting artifacts for a complete SSP and overall FedRAMP package, I want validations to check and indicate errors when the Privacy Impact Assessment and/or Privacy Threshold Analysis is not properly defined.

(Part of #98)

Preconditions

• None at this time

Acceptance Critera

• A clear, explanatory validation message with an associated test indicating the Privacy Impact Assessment and/or Privacy Threshold Analysis is or is not properly defined in OSCAL.
• Indication that a PIA and PTA was checked for, but not required given other OSCAL SSP data that negates required use of a PIA and PTA for the information system.

Definition of Done

• Unit test coverage of our code > 90% (from QASP) this may be fuzzy and hard to prove
• Code quality checks passed - Enable html tidy with XML code standards as part of the build (from QASP)
• Code reviewed - Code reviewed by at least one other team members (or developed by a pair)
• Source code merged - Code that’s demoed must be in source control and merged
• Code refactored for clarity - Code must be clean, self-documenting