diff --git a/ai-compliance-sdk/policies/payment_controls_v1.json b/ai-compliance-sdk/policies/payment_controls_v1.json index cdb5afe..ccd6652 100644 --- a/ai-compliance-sdk/policies/payment_controls_v1.json +++ b/ai-compliance-sdk/policies/payment_controls_v1.json @@ -92,6 +92,56 @@ "id": "REPORT", "name": "Reporting & Reconciliation", "description": "Berichte, Abgleich, Export, Audit Trail" + }, + { + "id": "BUILD", + "name": "Build Pipeline Security", + "description": "CI/CD Sicherheit, Artefakt-Integritaet, Abhaengigkeiten" + }, + { + "id": "DEPLOY", + "name": "Deployment Security", + "description": "Release-Management, Rollback, Umgebungstrennung" + }, + { + "id": "QUEUE", + "name": "Message Queue & Async", + "description": "Warteschlangen, Idempotenz, Dead-Letter, Reihenfolge" + }, + { + "id": "TENANT", + "name": "Multi-Tenancy Isolation", + "description": "Mandantentrennung, Cross-Tenant-Schutz, Cache-Isolation" + }, + { + "id": "TELEMETRY", + "name": "Telemetry & Observability", + "description": "Metriken, Tracing, Datenmaskierung in Observability" + }, + { + "id": "CONFIG", + "name": "Configuration Security", + "description": "Defaults, Validierung, Feature Flags, Laufzeitaenderungen" + }, + { + "id": "NETWORK", + "name": "Network Security", + "description": "Segmentierung, Firewall, TLS, Egress-Kontrolle" + }, + { + "id": "STORAGE", + "name": "Data Storage Security", + "description": "Persistenz, Backup, Schema-Integritaet, Zugriffskontrolle" + }, + { + "id": "MONITOR", + "name": "Monitoring & Alerting", + "description": "Alarmierung, Heartbeats, Schwellwerte, Incident Detection" + }, + { + "id": "OPS", + "name": "Operations & Runbooks", + "description": "Betriebsprozesse, Runbooks, Wartung, Recovery" } ], "controls": [ @@ -2689,6 +2739,1206 @@ "report_samples" ], "automation": "medium" + }, + { + "control_id": "BUILD-001", + "domain": "BUILD", + "title": "Build-Pipelines versioniert und nachvollziehbar", + "objective": "Auditierbarkeit des Entstehungsprozesses", + "check_target": "build", + "evidence": [ + "pipeline_config", + "version_control" + ], + "automation": "medium" + }, + { + "control_id": "BUILD-002", + "domain": "BUILD", + "title": "Build-Artefakte reproduzierbar erzeugt", + "objective": "Reduziert Risiko unerkannter Unterschiede", + "check_target": "build", + "evidence": [ + "build_pipeline", + "artifact_hashes" + ], + "automation": "low" + }, + { + "control_id": "BUILD-003", + "domain": "BUILD", + "title": "Abhaengigkeiten auf bekannte Schwachstellen geprueft", + "objective": "Reduziert verwundbare Komponenten", + "check_target": "dependency", + "evidence": [ + "dependency_scan", + "sbom" + ], + "automation": "high" + }, + { + "control_id": "BUILD-004", + "domain": "BUILD", + "title": "Keine nicht freigegebenen externen Quellen eingebunden", + "objective": "Reduziert Supply-Chain-Risiken", + "check_target": "build", + "evidence": [ + "pipeline_config", + "dependency_policy" + ], + "automation": "medium" + }, + { + "control_id": "BUILD-005", + "domain": "BUILD", + "title": "Kein Klartextzugriff auf produktive Geheimnisse in CI/CD", + "objective": "Verhindert Offenlegung im Build-Prozess", + "check_target": "build", + "evidence": [ + "pipeline_config", + "secret_scan" + ], + "automation": "high" + }, + { + "control_id": "BUILD-006", + "domain": "BUILD", + "title": "Build-Trigger fuer Produktionsartefakte autorisiert", + "objective": "Verhindert unautorisierte Releases", + "check_target": "build", + "evidence": [ + "pipeline_permissions", + "iam_config" + ], + "automation": "medium" + }, + { + "control_id": "BUILD-007", + "domain": "BUILD", + "title": "Signierte Artefakte eindeutig gekennzeichnet", + "objective": "Erleichtert Zuordnung gepruefter Artefakte", + "check_target": "build", + "evidence": [ + "artifact_metadata", + "release_docs" + ], + "automation": "medium" + }, + { + "control_id": "BUILD-008", + "domain": "BUILD", + "title": "Sicherheitstests zwingend im Release-Build", + "objective": "Erhoet Wahrscheinlichkeit dass Pruefungen nicht umgangen werden", + "check_target": "build", + "evidence": [ + "pipeline_config", + "quality_gates" + ], + "automation": "high" + }, + { + "control_id": "BUILD-009", + "domain": "BUILD", + "title": "Artefakte auf Konfigurationsfehler geprueft vor Veroeffentlichung", + "objective": "Verhindert Auslieferung unsicherer Defaults", + "check_target": "build", + "evidence": [ + "artifact_scan", + "config_scan" + ], + "automation": "high" + }, + { + "control_id": "BUILD-010", + "domain": "BUILD", + "title": "Sicherheitskritische Build-Schritte getrennt und nachvollziehbar", + "objective": "Erhoeht Transparenz bei sensitiven Artefakten", + "check_target": "build", + "evidence": [ + "pipeline_config", + "release_docs" + ], + "automation": "low" + }, + { + "control_id": "DEPLOY-001", + "domain": "DEPLOY", + "title": "Deployment-Konfigurationen versioniert", + "objective": "Auditierbarkeit produktiver Aenderungen", + "check_target": "config", + "evidence": [ + "deployment_manifests", + "version_control" + ], + "automation": "medium" + }, + { + "control_id": "DEPLOY-002", + "domain": "DEPLOY", + "title": "Produktionsdeployments erfordern Freigaben", + "objective": "Verhindert unautorisierte Aenderungen", + "check_target": "process", + "evidence": [ + "pipeline_permissions", + "release_workflows" + ], + "automation": "low" + }, + { + "control_id": "DEPLOY-003", + "domain": "DEPLOY", + "title": "Produktive und nichtproduktive Ziele strikt getrennt", + "objective": "Verhindert Umgebungsvermischung", + "check_target": "config", + "evidence": [ + "deployment_manifests", + "environment_config" + ], + "automation": "medium" + }, + { + "control_id": "DEPLOY-004", + "domain": "DEPLOY", + "title": "Secrets beim Deployment sicher injiziert", + "objective": "Verhindert Offenlegung in Images/Paketen", + "check_target": "config", + "evidence": [ + "deployment_manifests", + "secret_store_config" + ], + "automation": "high" + }, + { + "control_id": "DEPLOY-005", + "domain": "DEPLOY", + "title": "Rollback-Verfahren definiert und getestet", + "objective": "Kontrollierte Wiederherstellung", + "check_target": "process", + "evidence": [ + "release_docs", + "ops_runbooks" + ], + "automation": "low" + }, + { + "control_id": "DEPLOY-006", + "domain": "DEPLOY", + "title": "Konfigurationsaenderungen auditierbar", + "objective": "Nachvollziehbarkeit von Schutzwirkungsaenderungen", + "check_target": "system", + "evidence": [ + "audit_log_sample", + "config_registry" + ], + "automation": "medium" + }, + { + "control_id": "DEPLOY-007", + "domain": "DEPLOY", + "title": "Kompatibilitaet mit abhaengigen Schnittstellen validiert", + "objective": "Verhindert Betriebsstoerungen", + "check_target": "system", + "evidence": [ + "integration_test", + "contract_tests" + ], + "automation": "medium" + }, + { + "control_id": "DEPLOY-008", + "domain": "DEPLOY", + "title": "Zahlungsparameter vor Aktivierung plausibilisiert", + "objective": "Verhindert fehlerhafte produktive Einstellungen", + "check_target": "config", + "evidence": [ + "config_validation", + "deployment_checks" + ], + "automation": "medium" + }, + { + "control_id": "DEPLOY-009", + "domain": "DEPLOY", + "title": "Post-Deployment Smoke-Checks", + "objective": "Erkennt Fehlzustaende nach Inbetriebnahme", + "check_target": "system", + "evidence": [ + "smoke_tests", + "pipeline_config" + ], + "automation": "medium" + }, + { + "control_id": "DEPLOY-010", + "domain": "DEPLOY", + "title": "Canary/gestufte Rollouts fuer risikoreiche Aenderungen", + "objective": "Reduziert grossflaechige Auswirkungen", + "check_target": "process", + "evidence": [ + "deployment_strategy", + "ops_docs" + ], + "automation": "low" + }, + { + "control_id": "QUEUE-001", + "domain": "QUEUE", + "title": "Nachrichten in Warteschlangen eindeutig identifizierbar", + "objective": "Nachverfolgung und Duplikaterkennung", + "check_target": "code", + "evidence": [ + "source_code", + "message_schema" + ], + "automation": "medium" + }, + { + "control_id": "QUEUE-002", + "domain": "QUEUE", + "title": "Nachrichtenverarbeitung idempotent", + "objective": "Verhindert Mehrfachverarbeitung", + "check_target": "code", + "evidence": [ + "source_code", + "queue_tests" + ], + "automation": "medium" + }, + { + "control_id": "QUEUE-003", + "domain": "QUEUE", + "title": "Fehlerhafte Nachrichten kontrolliert isoliert (Dead Letter)", + "objective": "Verhindert Stau durch Poison Messages", + "check_target": "system", + "evidence": [ + "queue_config", + "dead_letter_config" + ], + "automation": "medium" + }, + { + "control_id": "QUEUE-004", + "domain": "QUEUE", + "title": "Nachrichten enthalten keine unnoetig sensitiven Daten", + "objective": "Reduziert Exposition in async Pfaden", + "check_target": "code", + "evidence": [ + "message_schema", + "source_code" + ], + "automation": "medium" + }, + { + "control_id": "QUEUE-005", + "domain": "QUEUE", + "title": "Nachrichtenreihenfolge fuer kritische Ablaeufe beruecksichtigt", + "objective": "Verhindert inkonsistente Zustaende", + "check_target": "architecture", + "evidence": [ + "design_docs", + "source_code" + ], + "automation": "low" + }, + { + "control_id": "QUEUE-006", + "domain": "QUEUE", + "title": "Veraltete Nachrichten nicht unkontrolliert verarbeitet", + "objective": "Verhindert spaete Ausfuehrung ueberholter Aktionen", + "check_target": "code", + "evidence": [ + "message_schema", + "source_code" + ], + "automation": "medium" + }, + { + "control_id": "QUEUE-007", + "domain": "QUEUE", + "title": "Consumer validieren Schema und Pflichtfelder", + "objective": "Verhindert Verarbeitung manipulierten Inhalts", + "check_target": "code", + "evidence": [ + "source_code", + "schema_tests" + ], + "automation": "high" + }, + { + "control_id": "QUEUE-008", + "domain": "QUEUE", + "title": "Mandantenbezug in async Pfaden erhalten", + "objective": "Verhindert Cross-Tenant-Verarbeitung", + "check_target": "code", + "evidence": [ + "message_schema", + "tenant_tests" + ], + "automation": "medium" + }, + { + "control_id": "QUEUE-009", + "domain": "QUEUE", + "title": "Queue-Berechtigungen auf notwendige Rollen beschraenkt", + "objective": "Reduziert Missbrauch", + "check_target": "config", + "evidence": [ + "iam_config", + "queue_config" + ], + "automation": "low" + }, + { + "control_id": "QUEUE-010", + "domain": "QUEUE", + "title": "Retry unterscheidet technische von fachlichen Fehlern", + "objective": "Verhindert Wiederholung irreversibler Vorgaenge", + "check_target": "code", + "evidence": [ + "source_code", + "retry_logic" + ], + "automation": "medium" + }, + { + "control_id": "TENANT-001", + "domain": "TENANT", + "title": "Mandantenkontext serverseitig gesetzt und validiert", + "objective": "Verhindert Client-seitige Manipulation", + "check_target": "code", + "evidence": [ + "source_code", + "tenant_tests" + ], + "automation": "high" + }, + { + "control_id": "TENANT-002", + "domain": "TENANT", + "title": "Datenabfragen mandantenbeschraenkt und gefiltert", + "objective": "Verhindert Cross-Tenant-Datenzugriff", + "check_target": "code", + "evidence": [ + "source_code", + "tenant_tests" + ], + "automation": "medium" + }, + { + "control_id": "TENANT-003", + "domain": "TENANT", + "title": "Mandantenuebergreifende Verwaltung besonders geschuetzt", + "objective": "Reduziert Risiko privilegierter Fehlzugriffe", + "check_target": "code", + "evidence": [ + "source_code", + "authorization_tests" + ], + "automation": "medium" + }, + { + "control_id": "TENANT-004", + "domain": "TENANT", + "title": "Mandantenkontext in Logs und Queues konsistent", + "objective": "Belastbare Zuordnung", + "check_target": "system", + "evidence": [ + "log_samples", + "queue_samples" + ], + "automation": "medium" + }, + { + "control_id": "TENANT-005", + "domain": "TENANT", + "title": "Mandanten-Konfigurationen gegenseitig geschuetzt", + "objective": "Verhindert Ueberschreibungen", + "check_target": "code", + "evidence": [ + "source_code", + "tenant_tests" + ], + "automation": "medium" + }, + { + "control_id": "TENANT-006", + "domain": "TENANT", + "title": "Caching beruecksichtigt Mandantenkontext", + "objective": "Verhindert Datenlecks durch geteilte Caches", + "check_target": "code", + "evidence": [ + "source_code", + "cache_config" + ], + "automation": "medium" + }, + { + "control_id": "TENANT-007", + "domain": "TENANT", + "title": "Mandantenbezogene Schluessel logisch getrennt", + "objective": "Reduziert laterale Auswirkungen", + "check_target": "architecture", + "evidence": [ + "key_registry", + "architecture_doc" + ], + "automation": "low" + }, + { + "control_id": "TENANT-008", + "domain": "TENANT", + "title": "Datenexporte erzwingen Mandantenisolation", + "objective": "Verhindert Cross-Tenant-Exporte", + "check_target": "code", + "evidence": [ + "source_code", + "tenant_tests" + ], + "automation": "medium" + }, + { + "control_id": "TENANT-009", + "domain": "TENANT", + "title": "Loeschvorgaenge ohne Seiteneffekte auf andere Mandanten", + "objective": "Verhindert Fremdbeeintraechtigung", + "check_target": "code", + "evidence": [ + "source_code", + "tenant_tests" + ], + "automation": "low" + }, + { + "control_id": "TENANT-010", + "domain": "TENANT", + "title": "Isolationstests automatisiert abgedeckt", + "objective": "Beweisbarkeit korrekter Trennung", + "check_target": "test", + "evidence": [ + "tenant_tests", + "coverage_reports" + ], + "automation": "medium" + }, + { + "control_id": "TELEMETRY-001", + "domain": "TELEMETRY", + "title": "Telemetriedaten ohne sensitive Zahlungsdaten", + "objective": "Verhindert Abfluss ueber Monitoring", + "check_target": "code", + "evidence": [ + "source_code", + "telemetry_samples" + ], + "automation": "medium" + }, + { + "control_id": "TELEMETRY-002", + "domain": "TELEMETRY", + "title": "Tracing maskiert identifizierende Felder", + "objective": "Beobachtbarkeit ohne Offenlegung", + "check_target": "code", + "evidence": [ + "trace_config", + "trace_samples" + ], + "automation": "medium" + }, + { + "control_id": "TELEMETRY-003", + "domain": "TELEMETRY", + "title": "Metriken ohne hochkartesische sensitive Labels", + "objective": "Verhindert indirekte Offenlegung", + "check_target": "code", + "evidence": [ + "source_code", + "metrics_config" + ], + "automation": "medium" + }, + { + "control_id": "TELEMETRY-004", + "domain": "TELEMETRY", + "title": "Telemetrie-Endpunkte abgesichert", + "objective": "Reduziert Angriffsflaeche", + "check_target": "config", + "evidence": [ + "gateway_config", + "auth_config" + ], + "automation": "medium" + }, + { + "control_id": "TELEMETRY-005", + "domain": "TELEMETRY", + "title": "Debug-Telemetrie in Produktion begrenzt", + "objective": "Verhindert exzessive Datenerhebung", + "check_target": "config", + "evidence": [ + "telemetry_config", + "ops_docs" + ], + "automation": "medium" + }, + { + "control_id": "TELEMETRY-006", + "domain": "TELEMETRY", + "title": "Fehlertelemetrie nach Prioritaet klassifiziert", + "objective": "Zielgerichtete Reaktion", + "check_target": "code", + "evidence": [ + "source_code", + "alert_rules" + ], + "automation": "low" + }, + { + "control_id": "TELEMETRY-007", + "domain": "TELEMETRY", + "title": "Export externer Telemetrie explizit freigegeben", + "objective": "Verhindert unbeabsichtigten Abfluss", + "check_target": "process", + "evidence": [ + "ops_docs", + "telemetry_config" + ], + "automation": "low" + }, + { + "control_id": "TELEMETRY-008", + "domain": "TELEMETRY", + "title": "Telemetrie-Pipelines gegen Manipulation geschuetzt", + "objective": "Vertrauenswuerdigkeit operativer Signale", + "check_target": "system", + "evidence": [ + "iam_config", + "pipeline_config" + ], + "automation": "low" + }, + { + "control_id": "TELEMETRY-009", + "domain": "TELEMETRY", + "title": "Telemetrie-Ausfall beeintraechtigt Zahlungsbetrieb nicht", + "objective": "Verhindert uebermaessige Kopplung", + "check_target": "architecture", + "evidence": [ + "design_docs", + "chaos_tests" + ], + "automation": "low" + }, + { + "control_id": "TELEMETRY-010", + "domain": "TELEMETRY", + "title": "Kontextanreicherung nur soweit erforderlich", + "objective": "Reduziert unnoetige Anreicherung sensitiver Systeme", + "check_target": "architecture", + "evidence": [ + "telemetry_schema", + "data_flow_docs" + ], + "automation": "low" + }, + { + "control_id": "CONFIG-001", + "domain": "CONFIG", + "title": "Sichere Standardwerte fuer sicherheitsrelevante Konfigurationen", + "objective": "Reduziert unsichere Default-Betriebsmodi", + "check_target": "config", + "evidence": [ + "config", + "source_code" + ], + "automation": "medium" + }, + { + "control_id": "CONFIG-002", + "domain": "CONFIG", + "title": "Konfigurationswerte auf Typ und Plausibilitaet geprueft", + "objective": "Verhindert Fehlverhalten durch ungueltige Einstellungen", + "check_target": "code", + "evidence": [ + "source_code", + "config_validation" + ], + "automation": "high" + }, + { + "control_id": "CONFIG-003", + "domain": "CONFIG", + "title": "Unbekannte Konfigurationsschluessel nicht stillschweigend ignoriert", + "objective": "Verhindert Fehlannahmen", + "check_target": "code", + "evidence": [ + "source_code", + "config_validation" + ], + "automation": "medium" + }, + { + "control_id": "CONFIG-004", + "domain": "CONFIG", + "title": "Keine Test-/Demoendpunkte in Produktionskonfiguration", + "objective": "Verhindert versehentliche Kommunikation", + "check_target": "config", + "evidence": [ + "config", + "deployment_manifests" + ], + "automation": "high" + }, + { + "control_id": "CONFIG-005", + "domain": "CONFIG", + "title": "Dynamische Aenderungen autorisiert und auditierbar", + "objective": "Kontrolle ueber Laufzeitaenderungen", + "check_target": "system", + "evidence": [ + "audit_log_sample", + "config_registry" + ], + "automation": "medium" + }, + { + "control_id": "CONFIG-006", + "domain": "CONFIG", + "title": "Sicherheitsconfig nicht ueber APIs ueberschreibbar", + "objective": "Verhindert Manipulation ueber Verwaltungspfade", + "check_target": "code", + "evidence": [ + "source_code", + "authorization_tests" + ], + "automation": "medium" + }, + { + "control_id": "CONFIG-007", + "domain": "CONFIG", + "title": "Feature-Flags fuer Sicherheit restriktiv verwaltet", + "objective": "Verhindert unbeabsichtigte Deaktivierung", + "check_target": "process", + "evidence": [ + "feature_flag_config", + "ops_docs" + ], + "automation": "low" + }, + { + "control_id": "CONFIG-008", + "domain": "CONFIG", + "title": "Konfigurationsquellen und Prioritaeten eindeutig", + "objective": "Verhindert unerwartete Ueberschreibungen", + "check_target": "architecture", + "evidence": [ + "design_docs", + "config_docs" + ], + "automation": "low" + }, + { + "control_id": "CONFIG-009", + "domain": "CONFIG", + "title": "Schwellwerte und Timeouts explizit konfiguriert", + "objective": "Nachvollziehbare Parametrisierung", + "check_target": "code", + "evidence": [ + "source_code", + "config" + ], + "automation": "medium" + }, + { + "control_id": "CONFIG-010", + "domain": "CONFIG", + "title": "Zahlungslogik-Config vor Aktivierung fachlich validiert", + "objective": "Verhindert betriebsgefaehrdende Einstellungen", + "check_target": "system", + "evidence": [ + "validation_rules", + "ops_docs" + ], + "automation": "low" + }, + { + "control_id": "NETWORK-001", + "domain": "NETWORK", + "title": "Netzwerkverbindungen auf notwendige Ziele begrenzt", + "objective": "Reduziert Angriffsflaeche", + "check_target": "network", + "evidence": [ + "network_policies", + "firewall_rules" + ], + "automation": "medium" + }, + { + "control_id": "NETWORK-002", + "domain": "NETWORK", + "title": "Ausgehende Verbindungen auf erlaubte Protokolle beschraenkt", + "objective": "Verhindert Datenabfluss", + "check_target": "network", + "evidence": [ + "firewall_rules", + "egress_policies" + ], + "automation": "medium" + }, + { + "control_id": "NETWORK-003", + "domain": "NETWORK", + "title": "Verwaltungsdienste nicht ungeschuetzt aus Produktivnetzen erreichbar", + "objective": "Reduziert seitliche Bewegungen", + "check_target": "network", + "evidence": [ + "network_policies", + "gateway_config" + ], + "automation": "low" + }, + { + "control_id": "NETWORK-004", + "domain": "NETWORK", + "title": "Kein stiller Fallback auf unverschluesselte Pfade", + "objective": "Verhindert Schutzverlust", + "check_target": "code", + "evidence": [ + "source_code", + "network_config" + ], + "automation": "medium" + }, + { + "control_id": "NETWORK-005", + "domain": "NETWORK", + "title": "Timeouts fuer kritische Kommunikationspfade definiert", + "objective": "Verhindert unklare Zustaende", + "check_target": "config", + "evidence": [ + "network_config", + "source_code" + ], + "automation": "medium" + }, + { + "control_id": "NETWORK-006", + "domain": "NETWORK", + "title": "Vertrauensanker konfigurierbar, nicht hartkodiert", + "objective": "Kontrollierte Vertrauensverwaltung", + "check_target": "code", + "evidence": [ + "source_code", + "tls_config" + ], + "automation": "medium" + }, + { + "control_id": "NETWORK-007", + "domain": "NETWORK", + "title": "Interne Ports minimiert und dokumentiert", + "objective": "Reduziert unnoetige Offenheit", + "check_target": "network", + "evidence": [ + "network_policies", + "port_inventory" + ], + "automation": "low" + }, + { + "control_id": "NETWORK-008", + "domain": "NETWORK", + "title": "Netzwerksegmente logisch getrennt", + "objective": "Reduziert seitliche Ausbreitung", + "check_target": "architecture", + "evidence": [ + "network_diagrams", + "firewall_rules" + ], + "automation": "low" + }, + { + "control_id": "NETWORK-009", + "domain": "NETWORK", + "title": "Kritische Netzwerkfehler an Monitoring weitergegeben", + "objective": "Schnelle Reaktion auf Kommunikationsprobleme", + "check_target": "system", + "evidence": [ + "alert_rules", + "log_samples" + ], + "automation": "medium" + }, + { + "control_id": "NETWORK-010", + "domain": "NETWORK", + "title": "DNS/Service Discovery fuer kritische Komponenten kontrolliert", + "objective": "Verhindert Fehlroutung", + "check_target": "system", + "evidence": [ + "dns_config", + "service_registry" + ], + "automation": "low" + }, + { + "control_id": "STORAGE-001", + "domain": "STORAGE", + "title": "Persistente Speicherorte dokumentiert", + "objective": "Gezielte Schutz- und Pruefmassnahmen", + "check_target": "architecture", + "evidence": [ + "data_flow_docs", + "storage_inventory" + ], + "automation": "low" + }, + { + "control_id": "STORAGE-002", + "domain": "STORAGE", + "title": "Schreibzugriffe rollenbasiert begrenzt", + "objective": "Reduziert unautorisierte Manipulation", + "check_target": "config", + "evidence": [ + "iam_config", + "db_permissions" + ], + "automation": "medium" + }, + { + "control_id": "STORAGE-003", + "domain": "STORAGE", + "title": "Temporaere Dateien ohne sensitive Daten", + "objective": "Verhindert Schattenpersistenz", + "check_target": "code", + "evidence": [ + "source_code", + "artifact_scan" + ], + "automation": "medium" + }, + { + "control_id": "STORAGE-004", + "domain": "STORAGE", + "title": "Datenbankschemata erzwingen Integritaetsbedingungen", + "objective": "Reduziert inkonsistente Datensaetze", + "check_target": "database", + "evidence": [ + "db_schema", + "migration_scripts" + ], + "automation": "medium" + }, + { + "control_id": "STORAGE-005", + "domain": "STORAGE", + "title": "Aenderungen an Zahlungszustaenden nachvollziehbar", + "objective": "Auditierbarkeit", + "check_target": "system", + "evidence": [ + "audit_log_sample", + "db_schema" + ], + "automation": "low" + }, + { + "control_id": "STORAGE-006", + "domain": "STORAGE", + "title": "Backups folgen selben Schutzanforderungen wie Primaerdaten", + "objective": "Verhindert Schutzluecken in Sekundaerspeichern", + "check_target": "process", + "evidence": [ + "backup_config", + "storage_policy" + ], + "automation": "low" + }, + { + "control_id": "STORAGE-007", + "domain": "STORAGE", + "title": "Persistenzlogik behandelt Teilfehler kontrolliert", + "objective": "Robustheit bei DB-Fehlern", + "check_target": "code", + "evidence": [ + "source_code", + "error_mode_tests" + ], + "automation": "medium" + }, + { + "control_id": "STORAGE-008", + "domain": "STORAGE", + "title": "Storage-Migrationen getestet und reversibel bewertet", + "objective": "Reduziert fehlerhafte Schemaenderungen", + "check_target": "database", + "evidence": [ + "migration_scripts", + "test_reports" + ], + "automation": "medium" + }, + { + "control_id": "STORAGE-009", + "domain": "STORAGE", + "title": "Lesezugriffe fuer Reporting umgehen keine Filterlogik", + "objective": "Verhindert Datenabfluss ueber Sekundaerzugriffe", + "check_target": "code", + "evidence": [ + "source_code", + "authorization_tests" + ], + "automation": "medium" + }, + { + "control_id": "STORAGE-010", + "domain": "STORAGE", + "title": "Dateibasierte Speicher gegen unautorisierte Aenderung geschuetzt", + "objective": "Reduziert Manipulationsrisiko", + "check_target": "system", + "evidence": [ + "filesystem_permissions", + "integrity_checks" + ], + "automation": "low" + }, + { + "control_id": "MONITOR-001", + "domain": "MONITOR", + "title": "Sicherheitskritische Ereignisse haben Alarmierungsregeln", + "objective": "Zeitnahe Reaktion auf Vorfaelle", + "check_target": "system", + "evidence": [ + "alert_rules", + "monitoring_config" + ], + "automation": "medium" + }, + { + "control_id": "MONITOR-002", + "domain": "MONITOR", + "title": "Ausfaelle von Zahlungspfaden werden entdeckt", + "objective": "Reduziert unbemerkte Stoerungen", + "check_target": "system", + "evidence": [ + "monitoring_config", + "synthetic_checks" + ], + "automation": "medium" + }, + { + "control_id": "MONITOR-003", + "domain": "MONITOR", + "title": "Monitoring differenziert Verfuegbarkeit/Sicherheit/Fachfehler", + "objective": "Bessere Priorisierung", + "check_target": "system", + "evidence": [ + "alert_rules", + "metric_samples" + ], + "automation": "low" + }, + { + "control_id": "MONITOR-004", + "domain": "MONITOR", + "title": "Schwellenwerte fuer kritische Funktionen definiert", + "objective": "Verhindert ad-hoc Ereigniserkennung", + "check_target": "process", + "evidence": [ + "ops_docs", + "monitoring_config" + ], + "automation": "low" + }, + { + "control_id": "MONITOR-005", + "domain": "MONITOR", + "title": "Alarmierungswege dokumentiert und wirksam", + "objective": "Reaktionsfaehigkeit im Vorfall", + "check_target": "process", + "evidence": [ + "incident_docs", + "alert_config" + ], + "automation": "low" + }, + { + "control_id": "MONITOR-006", + "domain": "MONITOR", + "title": "Wiederkehrende Fehler aggregiert und als Muster erkennbar", + "objective": "Fruehwarnung bei systemischen Problemen", + "check_target": "system", + "evidence": [ + "monitoring_dashboards", + "alert_rules" + ], + "automation": "low" + }, + { + "control_id": "MONITOR-007", + "domain": "MONITOR", + "title": "Queue-Monitoring erfasst Stau, Alter, Fehlerquoten", + "objective": "Kontrolle verteilter Verarbeitungswege", + "check_target": "system", + "evidence": [ + "queue_metrics", + "monitoring_dashboards" + ], + "automation": "medium" + }, + { + "control_id": "MONITOR-008", + "domain": "MONITOR", + "title": "Monitoring gegen triviale Deaktivierung geschuetzt", + "objective": "Vertrauenswuerdigkeit betrieblicher Kontrollen", + "check_target": "system", + "evidence": [ + "iam_config", + "audit_log_sample" + ], + "automation": "low" + }, + { + "control_id": "MONITOR-009", + "domain": "MONITOR", + "title": "Stille Fehlzustaende durch Heartbeats/Synthetic Checks adressiert", + "objective": "Verhindert truegerischen Anschein", + "check_target": "system", + "evidence": [ + "synthetic_checks", + "heartbeat_config" + ], + "automation": "medium" + }, + { + "control_id": "MONITOR-010", + "domain": "MONITOR", + "title": "Monitoring-Nachweise reproduzierbar abrufbar", + "objective": "Belastbare Betriebsnachweise", + "check_target": "process", + "evidence": [ + "dashboard_exports", + "ops_docs" + ], + "automation": "low" + }, + { + "control_id": "OPS-001", + "domain": "OPS", + "title": "Betriebsrollen und Verantwortlichkeiten dokumentiert", + "objective": "Klare Zustaendigkeit", + "check_target": "process", + "evidence": [ + "ops_docs", + "role_model" + ], + "automation": "low" + }, + { + "control_id": "OPS-002", + "domain": "OPS", + "title": "Runbooks fuer typische Stoerungen vorhanden", + "objective": "Reaktionsgeschwindigkeit und Konsistenz", + "check_target": "process", + "evidence": [ + "runbooks", + "incident_docs" + ], + "automation": "low" + }, + { + "control_id": "OPS-003", + "domain": "OPS", + "title": "Sicherheitsmassnahmen nicht an Einzelpersonen gebunden", + "objective": "Reduziert Abhaengigkeit von implizitem Wissen", + "check_target": "process", + "evidence": [ + "ops_docs", + "training_records" + ], + "automation": "low" + }, + { + "control_id": "OPS-004", + "domain": "OPS", + "title": "Notfallzugriffe zeitlich begrenzt und auditierbar", + "objective": "Reduziert Missbrauch von Sonderzugaengen", + "check_target": "system", + "evidence": [ + "audit_log_sample", + "iam_config" + ], + "automation": "low" + }, + { + "control_id": "OPS-005", + "domain": "OPS", + "title": "Schluessel-/Zertifikats-/Geraetewechsel-Prozesse definiert", + "objective": "Verhindert ungeordnete Sicherheitsuebergaenge", + "check_target": "process", + "evidence": [ + "ops_docs", + "runbooks" + ], + "automation": "low" + }, + { + "control_id": "OPS-006", + "domain": "OPS", + "title": "Wartungsfenster fachlich und technisch abgestimmt", + "objective": "Verhindert ueberraschende Auswirkungen", + "check_target": "process", + "evidence": [ + "ops_docs", + "change_docs" + ], + "automation": "low" + }, + { + "control_id": "OPS-007", + "domain": "OPS", + "title": "Betriebsparameter regelmaessig auf Sollzustand geprueft", + "objective": "Erkennt schleichende Drift", + "check_target": "system", + "evidence": [ + "ops_checks", + "config_registry" + ], + "automation": "medium" + }, + { + "control_id": "OPS-008", + "domain": "OPS", + "title": "Wiederanlauf nach Ausfall folgt definierten Prioritaeten", + "objective": "Verhindert ungeordnete Recovery", + "check_target": "process", + "evidence": [ + "runbooks", + "recovery_tests" + ], + "automation": "low" + }, + { + "control_id": "OPS-009", + "domain": "OPS", + "title": "Drittabhaengigkeiten dokumentiert und ueberwacht", + "objective": "Transparenz ueber externe Ausfallrisiken", + "check_target": "process", + "evidence": [ + "vendor_inventory", + "monitoring_docs" + ], + "automation": "low" + }, + { + "control_id": "OPS-010", + "domain": "OPS", + "title": "Betriebsnachweise fuer Ausschreibungen strukturiert abrufbar", + "objective": "Belastbare Compliance-Antworten", + "check_target": "process", + "evidence": [ + "evidence_registry", + "reporting_docs" + ], + "automation": "low" } ] } \ No newline at end of file