I am afraid it is not that simple.
The NCM Policy report import requires an XML structure specific to NCM Policy Reporting functionality.
How these were generated previously (by CourtesyIT) was to spend the time and effort to map these requirements into the config commands relevant for each OS and create the policy within NCM. These were then shared.
Installation | Consultancy | Training | Licenses
You will not be able to import directly from DISA as they use a version of xml, xccdf, etc. to develop and publish the STIGs.
You will need to download the appropriate guides from Thwack and import. Then you will need to review each finding to ensure it lines up with your organizational requirements.
These might help you out: