Community Model
CAIF is intended to be a community-owned public standard with Cyber Development providing stewardship, infrastructure, and coordination.
Contribution roles
- Members propose issues, standards, mappings, findings, and weaknesses.
- Authors own subject matter areas and maintain documentation quality.
- Reviewers validate evidence, consistency, and risk language.
- Maintainers merge accepted work and protect the official source of truth.
One source of truth
Fragmented forks weaken the standard. Contributors are encouraged to join the official repository, become named authors where appropriate, and review work in public.