Contributions

Contribute with Impact - Evidence-Based and Community-Focused

We love seeing community contributions! All contributions should follow our governance principles to keep the framework reliable, relevant, and useful for everyone.

  • Continuous Improvement: Help the framework evolve with new needs, technologies, and cyber threats, while staying true to its core values.
  • Evidence-Based Evolution: Back up your contribution with solid evidence, peer-reviewed publications are ideal, but other credible sources are welcome too. Opinions alone are not enough.
  • Broad Applicability: Aim for improvements that benefit a wide range of organizations and contexts, rather than very narrow or niche cases.
  • Public Sector Priority: The framework focuses on public sector needs. Private sector considerations are welcome only if they don’t compromise public requirements.

See Governance section for additional information.

Please include a justification report with your contribution. This report should explain how your submission aligns with the principles above and include any supporting evidence. The Steering Committee will review this report before accepting your contribution.

See the Contribution Justification Report Template you should complete and add to your contribution.

Finally, before submitting, please make sure you have signed the Contributor License Agreement (CLA). The CLA ensures that your contributions can be legally incorporated into the project. It will appear when necessary but just for you to know this will be the content of the Contributor License Agreement

Your contributions help the framework grow stronger and more useful for everyone, thank you for helping us improve!

How to Contribute

Contributions should follow the standard open-source workflow:

  1. Fork the repository of the project you want to contribute to.
    Make sure you fork from the branch you want to contribute to (direct contributions to the master branch are not allowed).

  2. Make your changes in your fork.

  3. Once your changes are ready, go to the Create Pull Request option to submit your contribution to the official project.

  4. When creating the pull request:
    • Select the branch in your repository where you made the changes as the source.
    • Select the branch in the official repository where you want your changes to be merged as the target.
    • Provide a title for your contribution.
    • In the description, write the Contribution Justification Report, following the provided template.

  5. Sign the CLA: Before the pull request can be merged, a Contributor License Agreement (CLA) will appear for you to review and sign.

  6. Proceed to create the pull request.