ato.md

The ATO process for this project is documented here.

Here are major components, with links to the resulting artifacts:

• Set up monitoring
  • Downtime alerts - Set to go to [email protected]
  • Error alerts

2. Add an .about.yml for the main repository
3. Security scans
   • Set up static analysis service - Code Climate | Gemnasium
     • Add service badges to the README
   • Perform dynamic vulnerability scanning
     1. Resolve any visible security issues, re-running the scan as needed
     2. Add the issue-free scan report or documentation about false positives to the ATOs folder in Google Drive
4. Update relevant documentation, primarily the README
5. Add a System Security Plan to the repository
6. Set up Compliance Masonry documentation
7. Implement the controls