Merge remote-tracking branch 'origin/main' into feat/obligation-aggregation
This commit is contained in:
Benjamin Admin
@@ -0,0 +1,71 @@
|
|||||||
|
{
|
||||||
|
"schema_version": "controls_for_obligation_mapping_v1",
|
||||||
|
"purpose": "Accepted CRA->OWASP controls (Compliance Execution Graph) for the Obligation Registry to propose the SEMANTIC control->obligation_id, replacing the coarse citation_unit interim join. Fill proposed_obligation_id per control, then we adopt it into control_mapping.obligation_id.",
|
||||||
|
"source": "ai-compliance-sdk control_mappings, mapping_status=accepted, reviewed_by=benjamin 2026-06-25",
|
||||||
|
"count": 7,
|
||||||
|
"controls": [
|
||||||
|
{
|
||||||
|
"framework": "OWASP ASVS",
|
||||||
|
"control": "V6.3.1",
|
||||||
|
"source_norm": "CRA Annex I Part I (2)(c) — Schutz vor unbefugtem Zugriff",
|
||||||
|
"citation_unit": "Annex I (2)(c)",
|
||||||
|
"family": "auth",
|
||||||
|
"mapping_type": "supports",
|
||||||
|
"proposed_obligation_id": ""
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"framework": "OWASP ASVS",
|
||||||
|
"control": "V6.1.1",
|
||||||
|
"source_norm": "CRA Annex I Part I (2)(c) — Schutz vor unbefugtem Zugriff",
|
||||||
|
"citation_unit": "Annex I (2)(c)",
|
||||||
|
"family": "auth",
|
||||||
|
"mapping_type": "supports",
|
||||||
|
"proposed_obligation_id": ""
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"framework": "OWASP ASVS",
|
||||||
|
"control": "V11.2.1",
|
||||||
|
"source_norm": "CRA Annex I Part I (2)(d) — Vertraulichkeit / Verschluesselung",
|
||||||
|
"citation_unit": "Annex I (2)(d)",
|
||||||
|
"family": "crypto",
|
||||||
|
"mapping_type": "supports",
|
||||||
|
"proposed_obligation_id": ""
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"framework": "OWASP ASVS",
|
||||||
|
"control": "V11.7.1",
|
||||||
|
"source_norm": "CRA Annex I Part I (2)(d) — Vertraulichkeit / Verschluesselung",
|
||||||
|
"citation_unit": "Annex I (2)(d)",
|
||||||
|
"family": "crypto",
|
||||||
|
"mapping_type": "supports",
|
||||||
|
"proposed_obligation_id": ""
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"framework": "OWASP ASVS",
|
||||||
|
"control": "V16.3.3",
|
||||||
|
"source_norm": "CRA Annex I Part I (2)(k) — Sicherheitsrelevante Ereignisse / Logging",
|
||||||
|
"citation_unit": "Annex I (2)(k)",
|
||||||
|
"family": "logging",
|
||||||
|
"mapping_type": "supports",
|
||||||
|
"proposed_obligation_id": ""
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"framework": "OWASP ASVS",
|
||||||
|
"control": "V16.3.4",
|
||||||
|
"source_norm": "CRA Annex I Part I (2)(k) — Sicherheitsrelevante Ereignisse / Logging",
|
||||||
|
"citation_unit": "Annex I (2)(k)",
|
||||||
|
"family": "logging",
|
||||||
|
"mapping_type": "supports",
|
||||||
|
"proposed_obligation_id": ""
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"framework": "OWASP ASVS",
|
||||||
|
"control": "V16.1.1",
|
||||||
|
"source_norm": "CRA Annex I Part I (2)(k) — Sicherheitsrelevante Ereignisse / Logging",
|
||||||
|
"citation_unit": "Annex I (2)(k)",
|
||||||
|
"family": "logging",
|
||||||
|
"mapping_type": "supports",
|
||||||
|
"proposed_obligation_id": ""
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user