Thanks for helping improve this checklist.
- Fork the repository and create a feature branch.
- Keep changes focused and scoped (one concern per pull request).
- Update
checklist.yamlandREADME.mdwhen adding or changing controls. - Add or update examples under
examples/when relevant. - Submit a pull request with a clear problem statement and rationale.
- Prefer explicit, testable control language.
- Use consistent IDs and priority levels.
- Avoid vendor lock-in unless the section is provider-specific.
Use concise, descriptive commit messages, for example:
add CLOUD-03 encryption at rest controlupdate CI-02 secret management guidance