User:MrLavoie/Evaluate an Article

Which article are you evaluating?
A link to the evaluated article Security Content Automation Protocol (SCAP) can be found here.

Why you have chosen this article to evaluate?
This article was selected because it serves as a critical component of my doctoral research. The focus of my research is centered on furthering cybersecurity risk management practice through increased automation leveraging Artificial Intelligence and Machine Learning technologies.

My dissertation expounds on research conducted developing a SCAP version 2.0 in which cyber threat and risk management practices are automated and compiled providing an in-depth organization specific view into its security posture.

Evaluate the article
Evaluating Content:


 * The article provides relevant information regarding the topic. SCAP has not had any movement, in terms of further development, since 2018. Overall, nothing is distracting from the article, which might be attributed to its limited length.
 * The information would not be considered out of date as there have been no updates provided by NIST that reference development. There was mention of future development ideas for a version 2 of SCAP but there appears to be limited feedback from the community at large. Adding more resources within the page would reinforce the facts and sentiments expressed.
 * The article does not contain any equity gaps.
 * As previously mentioned, the addition of credible and pertinent sources would enhance the overall robustness.

Evaluating Tone:


 * The article is written in a manner that can be perceived as being neutral. No positions are presented that could be construed as taking a specific stance on the topic. However, the pronunciation of the acronym SCAP comes across as being more professional or industry specific versus being backed by an authoritative source. For example, NIST does not state that SCAP is annunciated in a specific manner whereas those familiar with the framework pronounce it "ess-cap".
 * Overrepresented or underrepresented viewpoints are not found within the page. As stated in the evaluation of the content, the article is limited in length which inherently decreases the possibility of such occurrences. As more development occurs within the article and SCAP as a framework, careful consideration should be made to its practicality and implementation.

Evaluating Sources:


 * Sources utilized in the article are relevant, support the facts presented, and are in working order. The IEEE article used as the primary supporting reference is a valid and authoritative source for the topic discussed.
 * No biases have been observed in the article. However, facts presented are particularly aligned to an in-text citation. Instead, links to existing Wikipedia pages that could be considered secondary sources are used or implementation of hyperlinks to supported claims have been inserted. For example, discussing SWID tags is not done in the article, instead it has been hyperlinked to an external website. A more comprehensive approach might be to summarize information from the external link and list it as a reference. This would allow the reader to gather more information within one visit to an article compared to having to visit several places due to lack of available data.
 * There is only one source used for the article. Therefore, diversity amongst authors has not been achieved. Two possible reasons may be lack of research conducted in development of the Wikipedia article or scarcity of available published work on the topic.

Checking the Talk Page:


 * No conversations are currently ongoing on the Talk page. I have been able to gather that revisions may have occurred around 2018 as it was the last time any updates are listed on the official SCAP NIST website for SWID Tags and the potential of further developments on a version 2.0.
 * The article is rated as C-class and of Low-importance. These parameters have been defined by the WikiProject Computing group. The WikiProject Computer Security group has rated the article as C-class and of Mid-importance.
 * The topic has not been covered in class as a sole subject rather it has been discussed in conjunction with security tools used within the cybersecurity, risk management, policy, and standardizations domains.