Benjamin_Boenisch/breakpilot-compliance
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4d2f4f2d24ea6ae2a03c6da2663b2fa09f4ee9e2
breakpilot-compliance/ai-compliance-sdk/policies/obligations/v2/_tom_mapping.json
Benjamin Admin 38e278ee3c
All checks were successful
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Successful in 32s
Details
CI / test-python-backend-compliance (push) Successful in 29s
Details
CI / test-python-document-crawler (push) Successful in 20s
Details
CI / test-python-dsms-gateway (push) Successful in 18s
Details
feat(ucca): Pflichtendatenbank v2 (325 Obligations), Trigger-Engine, TOM-Control-Mapping 
- 9 Regulation-JSON-Dateien (DSGVO 80, AI Act 60, NIS2 40, BDSG 30, TTDSG 20, DSA 35, Data Act 25, EU-Maschinen 15, DORA 20)
- Condition-Tree-Engine fuer automatische Pflichtenselektion (all_of/any_of, 80+ Field-Paths)
- Generischer JSONRegulationModule-Loader mit YAML-Fallback
- Bidirektionales TOM-Control-Mapping (291 Obligation→Control, 92 Control→Obligation)
- Gap-Analyse-Engine (Compliance-%, Priority Actions, Domain Breakdown)
- ScopeDecision→UnifiedFacts Bridge fuer Auto-Profiling
- 4 neue API-Endpoints (assess-from-scope, tom-controls, gap-analysis, reverse-lookup)
- Frontend: Auto-Profiling Button, Regulation-Filter Chips, TOM-Panel, Gap-Analyse-View
- 18 Unit Tests (Condition Engine, v2 Loader, TOM Mapper)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-05 14:51:44 +01:00

1923 lines
35 KiB
JSON
Raw Blame History

{
"schema_version": "2.0",
"obligation_to_control": {
"AIACT-OBL-001": [
"TOM.GOV.01",
"TOM.GOV.02"
],
"AIACT-OBL-002": [
"TOM.GOV.03",
"TOM.GOV.04"
],
"AIACT-OBL-003": [
"TOM.DATA.01",
"TOM.DATA.02",
"TOM.DATA.03"
],
"AIACT-OBL-004": [
"TOM.GOV.05",
"TOM.SDLC.01"
],
"AIACT-OBL-005": [
"TOM.LOG.01",
"TOM.LOG.02",
"TOM.LOG.03"
],
"AIACT-OBL-006": [
"TOM.GOV.06",
"TOM.OPS.01"
],
"AIACT-OBL-007": [
"TOM.GOV.07",
"TOM.HR.01",
"TOM.OPS.02"
],
"AIACT-OBL-008": [
"TOM.SDLC.02",
"TOM.NET.01",
"TOM.CRYPTO.01"
],
"AIACT-OBL-009": [
"TOM.OPS.03",
"TOM.OPS.04",
"TOM.LOG.04"
],
"AIACT-OBL-010": [
"TOM.GOV.08",
"TOM.GOV.09"
],
"AIACT-OBL-011": [
"TOM.GOV.10",
"TOM.OPS.05"
],
"AIACT-OBL-012": [
"TOM.GOV.11",
"TOM.DATA.04"
],
"AIACT-OBL-013": [
"TOM.GOV.12",
"TOM.NET.02",
"TOM.SDLC.03"
],
"AIACT-OBL-014": [
"TOM.GOV.13"
],
"AIACT-OBL-015": [
"TOM.HR.02",
"TOM.HR.03"
],
"AIACT-OBL-016": [
"TOM.GOV.01",
"TOM.GOV.03"
],
"AIACT-OBL-017": [
"TOM.GOV.01"
],
"AIACT-OBL-018": [
"TOM.GOV.04",
"TOM.GOV.05"
],
"AIACT-OBL-019": [
"TOM.GOV.01",
"TOM.GOV.05",
"TOM.GOV.14"
],
"AIACT-OBL-020": [
"TOM.GOV.14",
"TOM.GOV.15",
"TOM.SDLC.04"
],
"AIACT-OBL-021": [
"TOM.DATA.05",
"TOM.DATA.06"
],
"AIACT-OBL-022": [
"TOM.GOV.04",
"TOM.GOV.14"
],
"AIACT-OBL-023": [
"TOM.LOG.01",
"TOM.LOG.05",
"TOM.LOG.06"
],
"AIACT-OBL-024": [
"TOM.OPS.06",
"TOM.BCP.01"
],
"AIACT-OBL-025": [
"TOM.GOV.06",
"TOM.GOV.13"
],
"AIACT-OBL-026": [
"TOM.GOV.01",
"TOM.VENDOR.01"
],
"AIACT-OBL-027": [
"TOM.VENDOR.02",
"TOM.VENDOR.03"
],
"AIACT-OBL-028": [
"TOM.DATA.07",
"TOM.DATA.08"
],
"AIACT-OBL-029": [
"TOM.LOG.04",
"TOM.LOG.07",
"TOM.OPS.07"
],
"AIACT-OBL-030": [
"TOM.GOV.10",
"TOM.OPS.05"
],
"AIACT-OBL-031": [
"TOM.GOV.08",
"TOM.GOV.09"
],
"AIACT-OBL-032": [
"TOM.GOV.01",
"TOM.GOV.03"
],
"AIACT-OBL-033": [
"TOM.VENDOR.04",
"TOM.VENDOR.05"
],
"AIACT-OBL-034": [
"TOM.VENDOR.06",
"TOM.VENDOR.07"
],
"AIACT-OBL-035": [
"TOM.GOV.14",
"TOM.GOV.15"
],
"AIACT-OBL-036": [
"TOM.GOV.05",
"TOM.GOV.14"
],
"AIACT-OBL-037": [
"TOM.GOV.05"
],
"AIACT-OBL-038": [
"TOM.GOV.13"
],
"AIACT-OBL-039": [
"TOM.GOV.10",
"TOM.OPS.05"
],
"AIACT-OBL-040": [
"TOM.SDLC.05",
"TOM.OPS.08"
],
"AIACT-OBL-041": [
"TOM.SDLC.05",
"TOM.SDLC.06"
],
"AIACT-OBL-042": [
"TOM.GOV.11",
"TOM.SDLC.07"
],
"AIACT-OBL-043": [
"TOM.GOV.11",
"TOM.DATA.09"
],
"AIACT-OBL-044": [
"TOM.DATA.04",
"TOM.DATA.10"
],
"AIACT-OBL-045": [
"TOM.SDLC.08",
"TOM.SDLC.09"
],
"AIACT-OBL-046": [
"TOM.GOV.03",
"TOM.GOV.12"
],
"AIACT-OBL-047": [
"TOM.NET.02",
"TOM.NET.03",
"TOM.CRYPTO.02"
],
"AIACT-OBL-048": [
"TOM.BCP.02",
"TOM.BCP.03"
],
"AIACT-OBL-049": [
"TOM.GOV.01"
],
"AIACT-OBL-050": [
"TOM.OPS.09",
"TOM.OPS.10"
],
"AIACT-OBL-051": [
"TOM.BCP.01",
"TOM.BCP.02",
"TOM.BCP.04"
],
"AIACT-OBL-052": [
"TOM.AC.01",
"TOM.IAM.01",
"TOM.CRYPTO.03"
],
"AIACT-OBL-053": [
"TOM.GOV.01",
"TOM.GOV.02"
],
"AIACT-OBL-054": [
"TOM.GOV.04",
"TOM.GOV.14"
],
"AIACT-OBL-055": [
"TOM.GOV.08",
"TOM.DATA.11",
"TOM.IAM.02"
],
"AIACT-OBL-056": [
"TOM.BCP.05",
"TOM.BCP.06",
"TOM.NET.04"
],
"AIACT-OBL-057": [
"TOM.GOV.08",
"TOM.DATA.12",
"TOM.HR.04"
],
"AIACT-OBL-058": [
"TOM.GOV.08",
"TOM.HR.05",
"TOM.DATA.13"
],
"AIACT-OBL-059": [
"TOM.GOV.08",
"TOM.GOV.09",
"TOM.AC.02"
],
"AIACT-OBL-060": [
"TOM.GOV.07",
"TOM.GOV.08",
"TOM.GOV.10"
],
"BDSG-OBL-001": [
"TOM.PHY.01",
"TOM.GOV.03"
],
"BDSG-OBL-002": [
"TOM.PHY.01"
],
"BDSG-OBL-003": [
"TOM.PHY.01",
"TOM.DEL.01"
],
"BDSG-OBL-004": [
"TOM.AC.01",
"TOM.CRY.01",
"TOM.GOV.04"
],
"BDSG-OBL-005": [
"TOM.CRY.01",
"TOM.CRY.02",
"TOM.AC.01"
],
"BDSG-OBL-006": [
"TOM.HR.01",
"TOM.GOV.01"
],
"BDSG-OBL-007": [
"TOM.HR.01",
"TOM.HR.02"
],
"BDSG-OBL-008": [
"TOM.HR.01",
"TOM.GOV.01"
],
"BDSG-OBL-009": [
"TOM.HR.01",
"TOM.DEL.01"
],
"BDSG-OBL-010": [
"TOM.GOV.02"
],
"BDSG-OBL-011": [
"TOM.GOV.02",
"TOM.GOV.03"
],
"BDSG-OBL-012": [
"TOM.DEL.01"
],
"BDSG-OBL-013": [
"TOM.DEL.01",
"TOM.AC.02"
],
"BDSG-OBL-014": [
"TOM.GOV.01",
"TOM.GOV.05"
],
"BDSG-OBL-015": [
"TOM.GOV.05"
],
"BDSG-OBL-016": [
"TOM.GOV.05"
],
"BDSG-OBL-017": [
"TOM.GOV.01"
],
"BDSG-OBL-018": [
"TOM.GOV.01",
"TOM.GOV.02"
],
"BDSG-OBL-019": [
"TOM.CRY.02",
"TOM.GOV.04"
],
"BDSG-OBL-020": [
"TOM.CRY.02"
],
"BDSG-OBL-021": [
"TOM.GOV.01",
"TOM.AC.01"
],
"BDSG-OBL-022": [
"TOM.LOG.01",
"TOM.AC.01"
],
"BDSG-OBL-023": [
"TOM.GOV.02"
],
"BDSG-OBL-024": [
"TOM.GOV.03",
"TOM.CRY.01"
],
"BDSG-OBL-025": [
"TOM.GOV.03"
],
"BDSG-OBL-026": [
"TOM.AC.01",
"TOM.GOV.01"
],
"BDSG-OBL-027": [
"TOM.GOV.01"
],
"BDSG-OBL-028": [
"TOM.GOV.01"
],
"BDSG-OBL-029": [
"TOM.HR.02",
"TOM.GOV.05"
],
"BDSG-OBL-030": [
"TOM.GOV.03",
"TOM.VEN.01"
],
"DATAACT-OBL-001": [
"TOM.OPS.01"
],
"DATAACT-OBL-002": [
"TOM.GOV.01"
],
"DATAACT-OBL-003": [
"TOM.OPS.01",
"TOM.OPS.02"
],
"DATAACT-OBL-004": [
"TOM.GOV.01"
],
"DATAACT-OBL-005": [
"TOM.OPS.01",
"TOM.OPS.02"
],
"DATAACT-OBL-006": [
"TOM.GOV.01"
],
"DATAACT-OBL-007": [
"TOM.GOV.01"
],
"DATAACT-OBL-008": [
"TOM.GOV.01"
],
"DATAACT-OBL-009": [
"TOM.GOV.01"
],
"DATAACT-OBL-010": [
"TOM.GOV.01"
],
"DATAACT-OBL-011": [
"TOM.GOV.01",
"TOM.OPS.01"
],
"DATAACT-OBL-012": [
"TOM.OPS.01",
"TOM.OPS.02"
],
"DATAACT-OBL-013": [
"TOM.GOV.01"
],
"DATAACT-OBL-014": [
"TOM.OPS.01"
],
"DATAACT-OBL-015": [
"TOM.OPS.01"
],
"DATAACT-OBL-016": [
"TOM.GOV.01",
"TOM.OPS.01"
],
"DATAACT-OBL-017": [
"TOM.GOV.01"
],
"DATAACT-OBL-018": [
"TOM.GOV.01"
],
"DATAACT-OBL-019": [
"TOM.OPS.01",
"TOM.GOV.01"
],
"DATAACT-OBL-020": [
"TOM.GOV.01"
],
"DATAACT-OBL-021": [
"TOM.GOV.01"
],
"DATAACT-OBL-022": [
"TOM.GOV.01",
"TOM.GOV.02"
],
"DATAACT-OBL-023": [
"TOM.OPS.01"
],
"DATAACT-OBL-024": [
"TOM.GOV.01"
],
"DATAACT-OBL-025": [
"TOM.GOV.01"
],
"DORA-OBL-005": [
"TOM.CRY.01",
"TOM.ACC.01"
],
"DSA-OBL-001": [
"TOM.GOV.01"
],
"DSA-OBL-002": [
"TOM.GOV.01"
],
"DSA-OBL-003": [
"TOM.GOV.01",
"TOM.OPS.01"
],
"DSA-OBL-004": [
"TOM.GOV.01"
],
"DSA-OBL-005": [
"TOM.GOV.01",
"TOM.GOV.02"
],
"DSA-OBL-006": [
"TOM.GOV.01"
],
"DSA-OBL-007": [
"TOM.GOV.01"
],
"DSA-OBL-008": [
"TOM.GOV.01",
"TOM.GOV.03"
],
"DSA-OBL-009": [
"TOM.GOV.01",
"TOM.GOV.03"
],
"DSA-OBL-010": [
"TOM.OPS.01",
"TOM.OPS.02"
],
"DSA-OBL-011": [
"TOM.OPS.01"
],
"DSA-OBL-012": [
"TOM.OPS.01",
"TOM.GOV.01"
],
"DSA-OBL-013": [
"TOM.OPS.01",
"TOM.OPS.02"
],
"DSA-OBL-014": [
"TOM.OPS.01"
],
"DSA-OBL-015": [
"TOM.OPS.01"
],
"DSA-OBL-016": [
"TOM.OPS.01",
"TOM.OPS.02"
],
"DSA-OBL-017": [
"TOM.GOV.01"
],
"DSA-OBL-018": [
"TOM.GOV.01",
"TOM.OPS.01"
],
"DSA-OBL-019": [
"TOM.OPS.01"
],
"DSA-OBL-020": [
"TOM.OPS.01"
],
"DSA-OBL-021": [
"TOM.OPS.01",
"TOM.GOV.01"
],
"DSA-OBL-022": [
"TOM.OPS.01",
"TOM.GOV.01"
],
"DSA-OBL-023": [
"TOM.OPS.01",
"TOM.GOV.03"
],
"DSA-OBL-024": [
"TOM.OPS.01"
],
"DSA-OBL-025": [
"TOM.OPS.01",
"TOM.GOV.03"
],
"DSA-OBL-026": [
"TOM.GOV.01",
"TOM.GOV.02",
"TOM.GOV.03"
],
"DSA-OBL-027": [
"TOM.GOV.01",
"TOM.GOV.02"
],
"DSA-OBL-028": [
"TOM.GOV.01",
"TOM.GOV.03"
],
"DSA-OBL-029": [
"TOM.GOV.01",
"TOM.GOV.02"
],
"DSA-OBL-030": [
"TOM.GOV.01",
"TOM.OPS.01"
],
"DSA-OBL-031": [
"TOM.OPS.01",
"TOM.GOV.03"
],
"DSA-OBL-032": [
"TOM.GOV.01"
],
"DSA-OBL-033": [
"TOM.GOV.01",
"TOM.OPS.01"
],
"DSA-OBL-034": [
"TOM.GOV.01"
],
"DSA-OBL-035": [
"TOM.GOV.01"
],
"DSGVO-OBL-001": [
"TOM.GOV.01",
"TOM.GOV.02"
],
"DSGVO-OBL-002": [
"TOM.CRYPTO.01",
"TOM.CRYPTO.02",
"TOM.IAM.01",
"TOM.AC.01",
"TOM.NET.01"
],
"DSGVO-OBL-003": [
"TOM.GOV.01",
"TOM.GOV.03"
],
"DSGVO-OBL-004": [
"TOM.GOV.01"
],
"DSGVO-OBL-005": [
"TOM.VENDOR.01",
"TOM.VENDOR.02"
],
"DSGVO-OBL-006": [
"TOM.GOV.02"
],
"DSGVO-OBL-007": [
"TOM.DATA.01",
"TOM.GOV.02"
],
"DSGVO-OBL-008": [
"TOM.GOV.02",
"TOM.DATA.01"
],
"DSGVO-OBL-009": [
"TOM.DATA.01",
"TOM.DATA.02"
],
"DSGVO-OBL-010": [
"TOM.VENDOR.01",
"TOM.VENDOR.03"
],
"DSGVO-OBL-011": [
"TOM.OPS.01",
"TOM.OPS.02",
"TOM.LOG.01"
],
"DSGVO-OBL-012": [
"TOM.GOV.01",
"TOM.GOV.02"
],
"DSGVO-OBL-013": [
"TOM.GOV.01"
],
"DSGVO-OBL-014": [
"TOM.DATA.01"
],
"DSGVO-OBL-015": [
"TOM.DATA.01"
],
"DSGVO-OBL-016": [
"TOM.GOV.01",
"TOM.GOV.02",
"TOM.LOG.01"
],
"DSGVO-OBL-017": [
"TOM.GOV.01"
],
"DSGVO-OBL-018": [
"TOM.GOV.01"
],
"DSGVO-OBL-019": [
"TOM.GOV.01",
"TOM.CRYPTO.01",
"TOM.AC.01"
],
"DSGVO-OBL-020": [
"TOM.CRYPTO.01",
"TOM.CRYPTO.02",
"TOM.AC.01",
"TOM.LOG.01"
],
"DSGVO-OBL-021": [
"TOM.GOV.01",
"TOM.AC.01"
],
"DSGVO-OBL-022": [
"TOM.GOV.02"
],
"DSGVO-OBL-023": [
"TOM.GOV.02"
],
"DSGVO-OBL-024": [
"TOM.DATA.01",
"TOM.GOV.02"
],
"DSGVO-OBL-025": [
"TOM.DATA.01"
],
"DSGVO-OBL-026": [
"TOM.DATA.01",
"TOM.DATA.02"
],
"DSGVO-OBL-027": [
"TOM.DATA.01",
"TOM.AC.01"
],
"DSGVO-OBL-028": [
"TOM.DATA.01",
"TOM.VENDOR.01"
],
"DSGVO-OBL-029": [
"TOM.DATA.01"
],
"DSGVO-OBL-030": [
"TOM.DATA.01",
"TOM.GOV.02"
],
"DSGVO-OBL-031": [
"TOM.GOV.01",
"TOM.GOV.03",
"TOM.LOG.01"
],
"DSGVO-OBL-032": [
"TOM.GOV.01",
"TOM.GOV.02",
"TOM.GOV.03"
],
"DSGVO-OBL-033": [
"TOM.SDLC.01",
"TOM.SDLC.02"
],
"DSGVO-OBL-034": [
"TOM.SDLC.01"
],
"DSGVO-OBL-035": [
"TOM.VENDOR.01"
],
"DSGVO-OBL-036": [
"TOM.GOV.01"
],
"DSGVO-OBL-037": [
"TOM.VENDOR.01",
"TOM.VENDOR.02"
],
"DSGVO-OBL-038": [
"TOM.VENDOR.01",
"TOM.VENDOR.02"
],
"DSGVO-OBL-039": [
"TOM.VENDOR.01"
],
"DSGVO-OBL-040": [
"TOM.GOV.01",
"TOM.GOV.02"
],
"DSGVO-OBL-041": [
"TOM.GOV.01"
],
"DSGVO-OBL-042": [
"TOM.CRYPTO.01",
"TOM.CRYPTO.02",
"TOM.CRYPTO.03"
],
"DSGVO-OBL-043": [
"TOM.NET.01",
"TOM.NET.02",
"TOM.BCP.01"
],
"DSGVO-OBL-044": [
"TOM.BCP.01",
"TOM.BCP.02",
"TOM.BCP.03"
],
"DSGVO-OBL-045": [
"TOM.GOV.03",
"TOM.OPS.03"
],
"DSGVO-OBL-046": [
"TOM.OPS.01",
"TOM.OPS.02"
],
"DSGVO-OBL-047": [
"TOM.OPS.01"
],
"DSGVO-OBL-048": [
"TOM.GOV.01",
"TOM.GOV.03"
],
"DSGVO-OBL-049": [
"TOM.GOV.01",
"TOM.GOV.03"
],
"DSGVO-OBL-050": [
"TOM.GOV.01"
],
"DSGVO-OBL-051": [
"TOM.GOV.01"
],
"DSGVO-OBL-052": [
"TOM.GOV.01"
],
"DSGVO-OBL-053": [
"TOM.GOV.01"
],
"DSGVO-OBL-054": [
"TOM.GOV.01",
"TOM.GOV.03"
],
"DSGVO-OBL-055": [
"TOM.VENDOR.01",
"TOM.VENDOR.03"
],
"DSGVO-OBL-056": [
"TOM.VENDOR.01",
"TOM.VENDOR.03"
],
"DSGVO-OBL-057": [
"TOM.GOV.01",
"TOM.VENDOR.03"
],
"DSGVO-OBL-058": [
"TOM.GOV.01",
"TOM.GOV.03"
],
"DSGVO-OBL-059": [
"TOM.HR.01",
"TOM.HR.02",
"TOM.AC.01"
],
"DSGVO-OBL-060": [
"TOM.HR.01",
"TOM.HR.02"
],
"DSGVO-OBL-061": [
"TOM.HR.01"
],
"DSGVO-OBL-062": [
"TOM.GOV.02",
"TOM.DATA.01"
],
"DSGVO-OBL-063": [
"TOM.GOV.01",
"TOM.GOV.02"
],
"DSGVO-OBL-064": [
"TOM.GOV.02"
],
"DSGVO-OBL-065": [
"TOM.GOV.01",
"TOM.GOV.02",
"TOM.AC.01"
],
"DSGVO-OBL-066": [
"TOM.CRYPTO.01",
"TOM.CRYPTO.02",
"TOM.AC.01",
"TOM.LOG.01"
],
"DSGVO-OBL-067": [
"TOM.CRYPTO.01",
"TOM.AC.01",
"TOM.LOG.01"
],
"DSGVO-OBL-068": [
"TOM.DATA.01",
"TOM.DATA.02"
],
"DSGVO-OBL-069": [
"TOM.OPS.01",
"TOM.OPS.02",
"TOM.LOG.01"
],
"DSGVO-OBL-070": [
"TOM.LOG.01",
"TOM.LOG.02"
],
"DSGVO-OBL-071": [
"TOM.GOV.01",
"TOM.GOV.03"
],
"DSGVO-OBL-072": [
"TOM.GOV.01"
],
"DSGVO-OBL-073": [
"TOM.GOV.02"
],
"DSGVO-OBL-074": [
"TOM.GOV.01"
],
"DSGVO-OBL-075": [
"TOM.GOV.03",
"TOM.OPS.03"
],
"DSGVO-OBL-076": [
"TOM.BCP.01",
"TOM.BCP.02"
],
"DSGVO-OBL-077": [
"TOM.NET.01",
"TOM.NET.02",
"TOM.NET.03"
],
"DSGVO-OBL-078": [
"TOM.AC.01",
"TOM.AC.02"
],
"DSGVO-OBL-079": [
"TOM.GOV.02",
"TOM.DATA.01"
],
"DSGVO-OBL-080": [
"TOM.AC.01",
"TOM.LOG.01",
"TOM.DATA.02"
],
"NIS2-OBL-001": [
"TOM.GOV.01",
"TOM.GOV.02"
],
"NIS2-OBL-002": [
"TOM.GOV.01",
"TOM.GOV.02",
"TOM.GOV.03",
"TOM.OPS.01"
],
"NIS2-OBL-003": [
"TOM.GOV.01",
"TOM.GOV.04",
"TOM.GOV.05"
],
"NIS2-OBL-004": [
"TOM.HR.01",
"TOM.HR.02",
"TOM.GOV.06"
],
"NIS2-OBL-005": [
"TOM.OPS.08",
"TOM.OPS.09",
"TOM.OPS.10",
"TOM.LOG.01"
],
"NIS2-OBL-006": [
"TOM.BCP.01",
"TOM.BCP.02",
"TOM.BCP.03",
"TOM.BCP.04"
],
"NIS2-OBL-007": [
"TOM.VENDOR.01",
"TOM.VENDOR.02",
"TOM.VENDOR.03",
"TOM.VENDOR.04"
],
"NIS2-OBL-008": [
"TOM.OPS.04",
"TOM.OPS.05",
"TOM.SDLC.01",
"TOM.SDLC.02"
],
"NIS2-OBL-009": [
"TOM.IAM.01",
"TOM.IAM.02",
"TOM.IAM.03",
"TOM.AC.01",
"TOM.AC.02"
],
"NIS2-OBL-010": [
"TOM.CRYPTO.01",
"TOM.CRYPTO.02",
"TOM.CRYPTO.03"
],
"NIS2-OBL-011": [
"TOM.HR.01",
"TOM.HR.02",
"TOM.HR.03",
"TOM.HR.04"
],
"NIS2-OBL-012": [
"TOM.GOV.07",
"TOM.GOV.08"
],
"NIS2-OBL-013": [
"TOM.NET.01",
"TOM.NET.02",
"TOM.NET.03",
"TOM.NET.04"
],
"NIS2-OBL-014": [
"TOM.LOG.01",
"TOM.LOG.02",
"TOM.LOG.03",
"TOM.LOG.04"
],
"NIS2-OBL-015": [
"TOM.GOV.09",
"TOM.GOV.10",
"TOM.OPS.06"
],
"NIS2-OBL-016": [
"TOM.GOV.03",
"TOM.GOV.11"
],
"NIS2-OBL-017": [
"TOM.GOV.12"
],
"NIS2-OBL-018": [
"TOM.OPS.09",
"TOM.OPS.10"
],
"NIS2-OBL-019": [
"TOM.GOV.13",
"TOM.VENDOR.05"
],
"NIS2-OBL-020": [
"TOM.OPS.04",
"TOM.OPS.05",
"TOM.SDLC.03"
],
"NIS2-OBL-021": [
"TOM.OPS.11",
"TOM.GOV.14"
],
"NIS2-OBL-022": [
"TOM.OPS.04",
"TOM.OPS.05"
],
"NIS2-OBL-023": [
"TOM.OPS.09"
],
"NIS2-OBL-024": [
"TOM.GOV.07",
"TOM.GOV.08"
],
"NIS2-OBL-025": [
"TOM.GOV.07",
"TOM.GOV.08"
],
"NIS2-OBL-026": [
"TOM.GOV.01",
"TOM.GOV.15"
],
"NIS2-OBL-027": [
"TOM.GOV.01",
"TOM.GOV.15"
],
"NIS2-OBL-028": [
"TOM.GOV.01"
],
"NIS2-OBL-029": [
"TOM.GOV.03",
"TOM.GOV.11"
],
"NIS2-OBL-030": [
"TOM.GOV.01",
"TOM.GOV.02",
"TOM.GOV.03",
"TOM.OPS.01",
"TOM.BCP.01",
"TOM.VENDOR.01",
"TOM.SDLC.01",
"TOM.HR.01",
"TOM.CRYPTO.01",
"TOM.IAM.01"
],
"NIS2-OBL-031": [
"TOM.GOV.07",
"TOM.GOV.08"
],
"NIS2-OBL-032": [
"TOM.GOV.02"
],
"NIS2-OBL-033": [
"TOM.GOV.01",
"TOM.GOV.02"
],
"NIS2-OBL-034": [
"TOM.GOV.04",
"TOM.GOV.05"
],
"NIS2-OBL-035": [
"TOM.GOV.04",
"TOM.GOV.05",
"TOM.GOV.06"
],
"NIS2-OBL-036": [
"TOM.GOV.04",
"TOM.GOV.05",
"TOM.GOV.06",
"TOM.HR.01"
],
"NIS2-OBL-037": [
"TOM.GOV.07",
"TOM.GOV.08",
"TOM.GOV.09"
],
"NIS2-OBL-038": [
"TOM.GOV.01",
"TOM.GOV.15"
],
"NIS2-OBL-039": [
"TOM.GOV.01",
"TOM.GOV.15"
],
"NIS2-OBL-040": [
"TOM.SDLC.01",
"TOM.SDLC.02",
"TOM.SDLC.03",
"TOM.SDLC.04",
"TOM.SDLC.05"
],
"TTDSG-OBL-001": [
"TOM.CRY.01",
"TOM.AC.01"
],
"TTDSG-OBL-002": [
"TOM.CRY.01",
"TOM.NET.01"
],
"TTDSG-OBL-003": [
"TOM.GOV.01",
"TOM.AC.01"
],
"TTDSG-OBL-004": [
"TOM.GOV.02",
"TOM.LOG.01"
],
"TTDSG-OBL-005": [
"TOM.DEL.01",
"TOM.GOV.01"
],
"TTDSG-OBL-006": [
"TOM.GOV.02"
],
"TTDSG-OBL-007": [
"TOM.CRY.02"
],
"TTDSG-OBL-008": [
"TOM.GOV.01"
],
"TTDSG-OBL-009": [
"TOM.GOV.01",
"TOM.DEL.01"
],
"TTDSG-OBL-010": [
"TOM.CRY.01",
"TOM.NET.01"
],
"TTDSG-OBL-011": [
"TOM.NET.01"
],
"TTDSG-OBL-012": [
"TOM.GOV.02",
"TOM.WEB.01"
],
"TTDSG-OBL-013": [
"TOM.WEB.01"
],
"TTDSG-OBL-014": [
"TOM.WEB.01",
"TOM.GOV.02"
],
"TTDSG-OBL-015": [
"TOM.GOV.02"
],
"TTDSG-OBL-016": [
"TOM.GOV.02"
],
"TTDSG-OBL-017": [
"TOM.GOV.02"
],
"TTDSG-OBL-018": [
"TOM.GOV.01"
],
"TTDSG-OBL-019": [
"TOM.HR.02",
"TOM.AC.01"
],
"TTDSG-OBL-020": [
"TOM.GOV.02"
]
},
"control_to_obligation": {
"TOM.AC.01": [
"DSGVO-OBL-002",
"DSGVO-OBL-019",
"DSGVO-OBL-020",
"DSGVO-OBL-021",
"DSGVO-OBL-027",
"DSGVO-OBL-059",
"DSGVO-OBL-065",
"DSGVO-OBL-066",
"DSGVO-OBL-067",
"DSGVO-OBL-078",
"DSGVO-OBL-080",
"AIACT-OBL-052",
"NIS2-OBL-009",
"BDSG-OBL-004",
"BDSG-OBL-005",
"BDSG-OBL-021",
"BDSG-OBL-022",
"BDSG-OBL-026",
"TTDSG-OBL-001",
"TTDSG-OBL-003",
"TTDSG-OBL-019"
],
"TOM.AC.02": [
"DSGVO-OBL-078",
"AIACT-OBL-059",
"NIS2-OBL-009",
"BDSG-OBL-013"
],
"TOM.ACC.01": [
"DORA-OBL-005"
],
"TOM.BCP.01": [
"DSGVO-OBL-043",
"DSGVO-OBL-044",
"DSGVO-OBL-076",
"AIACT-OBL-024",
"AIACT-OBL-051",
"NIS2-OBL-006",
"NIS2-OBL-030"
],
"TOM.BCP.02": [
"DSGVO-OBL-044",
"DSGVO-OBL-076",
"AIACT-OBL-048",
"AIACT-OBL-051",
"NIS2-OBL-006"
],
"TOM.BCP.03": [
"DSGVO-OBL-044",
"AIACT-OBL-048",
"NIS2-OBL-006"
],
"TOM.BCP.04": [
"AIACT-OBL-051",
"NIS2-OBL-006"
],
"TOM.BCP.05": [
"AIACT-OBL-056"
],
"TOM.BCP.06": [
"AIACT-OBL-056"
],
"TOM.CRY.01": [
"BDSG-OBL-004",
"BDSG-OBL-005",
"BDSG-OBL-024",
"TTDSG-OBL-001",
"TTDSG-OBL-002",
"TTDSG-OBL-010",
"DORA-OBL-005"
],
"TOM.CRY.02": [
"BDSG-OBL-005",
"BDSG-OBL-019",
"BDSG-OBL-020",
"TTDSG-OBL-007"
],
"TOM.CRYPTO.01": [
"DSGVO-OBL-002",
"DSGVO-OBL-019",
"DSGVO-OBL-020",
"DSGVO-OBL-042",
"DSGVO-OBL-066",
"DSGVO-OBL-067",
"AIACT-OBL-008",
"NIS2-OBL-010",
"NIS2-OBL-030"
],
"TOM.CRYPTO.02": [
"DSGVO-OBL-002",
"DSGVO-OBL-020",
"DSGVO-OBL-042",
"DSGVO-OBL-066",
"AIACT-OBL-047",
"NIS2-OBL-010"
],
"TOM.CRYPTO.03": [
"DSGVO-OBL-042",
"AIACT-OBL-052",
"NIS2-OBL-010"
],
"TOM.DATA.01": [
"DSGVO-OBL-007",
"DSGVO-OBL-008",
"DSGVO-OBL-009",
"DSGVO-OBL-014",
"DSGVO-OBL-015",
"DSGVO-OBL-024",
"DSGVO-OBL-025",
"DSGVO-OBL-026",
"DSGVO-OBL-027",
"DSGVO-OBL-028",
"DSGVO-OBL-029",
"DSGVO-OBL-030",
"DSGVO-OBL-062",
"DSGVO-OBL-068",
"DSGVO-OBL-079",
"AIACT-OBL-003"
],
"TOM.DATA.02": [
"DSGVO-OBL-009",
"DSGVO-OBL-026",
"DSGVO-OBL-068",
"DSGVO-OBL-080",
"AIACT-OBL-003"
],
"TOM.DATA.03": [
"AIACT-OBL-003"
],
"TOM.DATA.04": [
"AIACT-OBL-012",
"AIACT-OBL-044"
],
"TOM.DATA.05": [
"AIACT-OBL-021"
],
"TOM.DATA.06": [
"AIACT-OBL-021"
],
"TOM.DATA.07": [
"AIACT-OBL-028"
],
"TOM.DATA.08": [
"AIACT-OBL-028"
],
"TOM.DATA.09": [
"AIACT-OBL-043"
],
"TOM.DATA.10": [
"AIACT-OBL-044"
],
"TOM.DATA.11": [
"AIACT-OBL-055"
],
"TOM.DATA.12": [
"AIACT-OBL-057"
],
"TOM.DATA.13": [
"AIACT-OBL-058"
],
"TOM.DEL.01": [
"BDSG-OBL-003",
"BDSG-OBL-009",
"BDSG-OBL-012",
"BDSG-OBL-013",
"TTDSG-OBL-005",
"TTDSG-OBL-009"
],
"TOM.GOV.01": [
"DSGVO-OBL-001",
"DSGVO-OBL-003",
"DSGVO-OBL-004",
"DSGVO-OBL-012",
"DSGVO-OBL-013",
"DSGVO-OBL-016",
"DSGVO-OBL-017",
"DSGVO-OBL-018",
"DSGVO-OBL-019",
"DSGVO-OBL-021",
"DSGVO-OBL-031",
"DSGVO-OBL-032",
"DSGVO-OBL-036",
"DSGVO-OBL-040",
"DSGVO-OBL-041",
"DSGVO-OBL-048",
"DSGVO-OBL-049",
"DSGVO-OBL-050",
"DSGVO-OBL-051",
"DSGVO-OBL-052",
"DSGVO-OBL-053",
"DSGVO-OBL-054",
"DSGVO-OBL-057",
"DSGVO-OBL-058",
"DSGVO-OBL-063",
"DSGVO-OBL-065",
"DSGVO-OBL-071",
"DSGVO-OBL-072",
"DSGVO-OBL-074",
"AIACT-OBL-001",
"AIACT-OBL-016",
"AIACT-OBL-017",
"AIACT-OBL-019",
"AIACT-OBL-026",
"AIACT-OBL-032",
"AIACT-OBL-049",
"AIACT-OBL-053",
"NIS2-OBL-001",
"NIS2-OBL-002",
"NIS2-OBL-003",
"NIS2-OBL-026",
"NIS2-OBL-027",
"NIS2-OBL-028",
"NIS2-OBL-030",
"NIS2-OBL-033",
"NIS2-OBL-038",
"NIS2-OBL-039",
"BDSG-OBL-006",
"BDSG-OBL-008",
"BDSG-OBL-014",
"BDSG-OBL-017",
"BDSG-OBL-018",
"BDSG-OBL-021",
"BDSG-OBL-026",
"BDSG-OBL-027",
"BDSG-OBL-028",
"TTDSG-OBL-003",
"TTDSG-OBL-005",
"TTDSG-OBL-008",
"TTDSG-OBL-009",
"TTDSG-OBL-018",
"DSA-OBL-001",
"DSA-OBL-002",
"DSA-OBL-003",
"DSA-OBL-004",
"DSA-OBL-005",
"DSA-OBL-006",
"DSA-OBL-007",
"DSA-OBL-008",
"DSA-OBL-009",
"DSA-OBL-012",
"DSA-OBL-017",
"DSA-OBL-018",
"DSA-OBL-021",
"DSA-OBL-022",
"DSA-OBL-026",
"DSA-OBL-027",
"DSA-OBL-028",
"DSA-OBL-029",
"DSA-OBL-030",
"DSA-OBL-032",
"DSA-OBL-033",
"DSA-OBL-034",
"DSA-OBL-035",
"DATAACT-OBL-002",
"DATAACT-OBL-004",
"DATAACT-OBL-006",
"DATAACT-OBL-007",
"DATAACT-OBL-008",
"DATAACT-OBL-009",
"DATAACT-OBL-010",
"DATAACT-OBL-011",
"DATAACT-OBL-013",
"DATAACT-OBL-016",
"DATAACT-OBL-017",
"DATAACT-OBL-018",
"DATAACT-OBL-019",
"DATAACT-OBL-020",
"DATAACT-OBL-021",
"DATAACT-OBL-022",
"DATAACT-OBL-024",
"DATAACT-OBL-025"
],
"TOM.GOV.02": [
"DSGVO-OBL-001",
"DSGVO-OBL-006",
"DSGVO-OBL-007",
"DSGVO-OBL-008",
"DSGVO-OBL-012",
"DSGVO-OBL-016",
"DSGVO-OBL-022",
"DSGVO-OBL-023",
"DSGVO-OBL-024",
"DSGVO-OBL-030",
"DSGVO-OBL-032",
"DSGVO-OBL-040",
"DSGVO-OBL-062",
"DSGVO-OBL-063",
"DSGVO-OBL-064",
"DSGVO-OBL-065",
"DSGVO-OBL-073",
"DSGVO-OBL-079",
"AIACT-OBL-001",
"AIACT-OBL-053",
"NIS2-OBL-001",
"NIS2-OBL-002",
"NIS2-OBL-030",
"NIS2-OBL-032",
"NIS2-OBL-033",
"BDSG-OBL-010",
"BDSG-OBL-011",
"BDSG-OBL-018",
"BDSG-OBL-023",
"TTDSG-OBL-004",
"TTDSG-OBL-006",
"TTDSG-OBL-012",
"TTDSG-OBL-014",
"TTDSG-OBL-015",
"TTDSG-OBL-016",
"TTDSG-OBL-017",
"TTDSG-OBL-020",
"DSA-OBL-005",
"DSA-OBL-026",
"DSA-OBL-027",
"DSA-OBL-029",
"DATAACT-OBL-022"
],
"TOM.GOV.03": [
"DSGVO-OBL-003",
"DSGVO-OBL-031",
"DSGVO-OBL-032",
"DSGVO-OBL-045",
"DSGVO-OBL-048",
"DSGVO-OBL-049",
"DSGVO-OBL-054",
"DSGVO-OBL-058",
"DSGVO-OBL-071",
"DSGVO-OBL-075",
"AIACT-OBL-002",
"AIACT-OBL-016",
"AIACT-OBL-032",
"AIACT-OBL-046",
"NIS2-OBL-002",
"NIS2-OBL-016",
"NIS2-OBL-029",
"NIS2-OBL-030",
"BDSG-OBL-001",
"BDSG-OBL-011",
"BDSG-OBL-024",
"BDSG-OBL-025",
"BDSG-OBL-030",
"DSA-OBL-008",
"DSA-OBL-009",
"DSA-OBL-023",
"DSA-OBL-025",
"DSA-OBL-026",
"DSA-OBL-028",
"DSA-OBL-031"
],
"TOM.GOV.04": [
"AIACT-OBL-002",
"AIACT-OBL-018",
"AIACT-OBL-022",
"AIACT-OBL-054",
"NIS2-OBL-003",
"NIS2-OBL-034",
"NIS2-OBL-035",
"NIS2-OBL-036",
"BDSG-OBL-004",
"BDSG-OBL-019"
],
"TOM.GOV.05": [
"AIACT-OBL-004",
"AIACT-OBL-018",
"AIACT-OBL-019",
"AIACT-OBL-036",
"AIACT-OBL-037",
"NIS2-OBL-003",
"NIS2-OBL-034",
"NIS2-OBL-035",
"NIS2-OBL-036",
"BDSG-OBL-014",
"BDSG-OBL-015",
"BDSG-OBL-016",
"BDSG-OBL-029"
],
"TOM.GOV.06": [
"AIACT-OBL-006",
"AIACT-OBL-025",
"NIS2-OBL-004",
"NIS2-OBL-035",
"NIS2-OBL-036"
],
"TOM.GOV.07": [
"AIACT-OBL-007",
"AIACT-OBL-060",
"NIS2-OBL-012",
"NIS2-OBL-024",
"NIS2-OBL-025",
"NIS2-OBL-031",
"NIS2-OBL-037"
],
"TOM.GOV.08": [
"AIACT-OBL-010",
"AIACT-OBL-031",
"AIACT-OBL-055",
"AIACT-OBL-057",
"AIACT-OBL-058",
"AIACT-OBL-059",
"AIACT-OBL-060",
"NIS2-OBL-012",
"NIS2-OBL-024",
"NIS2-OBL-025",
"NIS2-OBL-031",
"NIS2-OBL-037"
],
"TOM.GOV.09": [
"AIACT-OBL-010",
"AIACT-OBL-031",
"AIACT-OBL-059",
"NIS2-OBL-015",
"NIS2-OBL-037"
],
"TOM.GOV.10": [
"AIACT-OBL-011",
"AIACT-OBL-030",
"AIACT-OBL-039",
"AIACT-OBL-060",
"NIS2-OBL-015"
],
"TOM.GOV.11": [
"AIACT-OBL-012",
"AIACT-OBL-042",
"AIACT-OBL-043",
"NIS2-OBL-016",
"NIS2-OBL-029"
],
"TOM.GOV.12": [
"AIACT-OBL-013",
"AIACT-OBL-046",
"NIS2-OBL-017"
],
"TOM.GOV.13": [
"AIACT-OBL-014",
"AIACT-OBL-025",
"AIACT-OBL-038",
"NIS2-OBL-019"
],
"TOM.GOV.14": [
"AIACT-OBL-019",
"AIACT-OBL-020",
"AIACT-OBL-022",
"AIACT-OBL-035",
"AIACT-OBL-036",
"AIACT-OBL-054",
"NIS2-OBL-021"
],
"TOM.GOV.15": [
"AIACT-OBL-020",
"AIACT-OBL-035",
"NIS2-OBL-026",
"NIS2-OBL-027",
"NIS2-OBL-038",
"NIS2-OBL-039"
],
"TOM.HR.01": [
"DSGVO-OBL-059",
"DSGVO-OBL-060",
"DSGVO-OBL-061",
"AIACT-OBL-007",
"NIS2-OBL-004",
"NIS2-OBL-011",
"NIS2-OBL-030",
"NIS2-OBL-036",
"BDSG-OBL-006",
"BDSG-OBL-007",
"BDSG-OBL-008",
"BDSG-OBL-009"
],
"TOM.HR.02": [
"DSGVO-OBL-059",
"DSGVO-OBL-060",
"AIACT-OBL-015",
"NIS2-OBL-004",
"NIS2-OBL-011",
"BDSG-OBL-007",
"BDSG-OBL-029",
"TTDSG-OBL-019"
],
"TOM.HR.03": [
"AIACT-OBL-015",
"NIS2-OBL-011"
],
"TOM.HR.04": [
"AIACT-OBL-057",
"NIS2-OBL-011"
],
"TOM.HR.05": [
"AIACT-OBL-058"
],
"TOM.IAM.01": [
"DSGVO-OBL-002",
"AIACT-OBL-052",
"NIS2-OBL-009",
"NIS2-OBL-030"
],
"TOM.IAM.02": [
"AIACT-OBL-055",
"NIS2-OBL-009"
],
"TOM.IAM.03": [
"NIS2-OBL-009"
],
"TOM.LOG.01": [
"DSGVO-OBL-011",
"DSGVO-OBL-016",
"DSGVO-OBL-020",
"DSGVO-OBL-031",
"DSGVO-OBL-066",
"DSGVO-OBL-067",
"DSGVO-OBL-069",
"DSGVO-OBL-070",
"DSGVO-OBL-080",
"AIACT-OBL-005",
"AIACT-OBL-023",
"NIS2-OBL-005",
"NIS2-OBL-014",
"BDSG-OBL-022",
"TTDSG-OBL-004"
],
"TOM.LOG.02": [
"DSGVO-OBL-070",
"AIACT-OBL-005",
"NIS2-OBL-014"
],
"TOM.LOG.03": [
"AIACT-OBL-005",
"NIS2-OBL-014"
],
"TOM.LOG.04": [
"AIACT-OBL-009",
"AIACT-OBL-029",
"NIS2-OBL-014"
],
"TOM.LOG.05": [
"AIACT-OBL-023"
],
"TOM.LOG.06": [
"AIACT-OBL-023"
],
"TOM.LOG.07": [
"AIACT-OBL-029"
],
"TOM.NET.01": [
"DSGVO-OBL-002",
"DSGVO-OBL-043",
"DSGVO-OBL-077",
"AIACT-OBL-008",
"NIS2-OBL-013",
"TTDSG-OBL-002",
"TTDSG-OBL-010",
"TTDSG-OBL-011"
],
"TOM.NET.02": [
"DSGVO-OBL-043",
"DSGVO-OBL-077",
"AIACT-OBL-013",
"AIACT-OBL-047",
"NIS2-OBL-013"
],
"TOM.NET.03": [
"DSGVO-OBL-077",
"AIACT-OBL-047",
"NIS2-OBL-013"
],
"TOM.NET.04": [
"AIACT-OBL-056",
"NIS2-OBL-013"
],
"TOM.OPS.01": [
"DSGVO-OBL-011",
"DSGVO-OBL-046",
"DSGVO-OBL-047",
"DSGVO-OBL-069",
"AIACT-OBL-006",
"NIS2-OBL-002",
"NIS2-OBL-030",
"DSA-OBL-003",
"DSA-OBL-010",
"DSA-OBL-011",
"DSA-OBL-012",
"DSA-OBL-013",
"DSA-OBL-014",
"DSA-OBL-015",
"DSA-OBL-016",
"DSA-OBL-018",
"DSA-OBL-019",
"DSA-OBL-020",
"DSA-OBL-021",
"DSA-OBL-022",
"DSA-OBL-023",
"DSA-OBL-024",
"DSA-OBL-025",
"DSA-OBL-030",
"DSA-OBL-031",
"DSA-OBL-033",
"DATAACT-OBL-001",
"DATAACT-OBL-003",
"DATAACT-OBL-005",
"DATAACT-OBL-011",
"DATAACT-OBL-012",
"DATAACT-OBL-014",
"DATAACT-OBL-015",
"DATAACT-OBL-016",
"DATAACT-OBL-019",
"DATAACT-OBL-023"
],
"TOM.OPS.02": [
"DSGVO-OBL-011",
"DSGVO-OBL-046",
"DSGVO-OBL-069",
"AIACT-OBL-007",
"DSA-OBL-010",
"DSA-OBL-013",
"DSA-OBL-016",
"DATAACT-OBL-003",
"DATAACT-OBL-005",
"DATAACT-OBL-012"
],
"TOM.OPS.03": [
"DSGVO-OBL-045",
"DSGVO-OBL-075",
"AIACT-OBL-009"
],
"TOM.OPS.04": [
"AIACT-OBL-009",
"NIS2-OBL-008",
"NIS2-OBL-020",
"NIS2-OBL-022"
],
"TOM.OPS.05": [
"AIACT-OBL-011",
"AIACT-OBL-030",
"AIACT-OBL-039",
"NIS2-OBL-008",
"NIS2-OBL-020",
"NIS2-OBL-022"
],
"TOM.OPS.06": [
"AIACT-OBL-024",
"NIS2-OBL-015"
],
"TOM.OPS.07": [
"AIACT-OBL-029"
],
"TOM.OPS.08": [
"AIACT-OBL-040",
"NIS2-OBL-005"
],
"TOM.OPS.09": [
"AIACT-OBL-050",
"NIS2-OBL-005",
"NIS2-OBL-018",
"NIS2-OBL-023"
],
"TOM.OPS.10": [
"AIACT-OBL-050",
"NIS2-OBL-005",
"NIS2-OBL-018"
],
"TOM.OPS.11": [
"NIS2-OBL-021"
],
"TOM.PHY.01": [
"BDSG-OBL-001",
"BDSG-OBL-002",
"BDSG-OBL-003"
],
"TOM.SDLC.01": [
"DSGVO-OBL-033",
"DSGVO-OBL-034",
"AIACT-OBL-004",
"NIS2-OBL-008",
"NIS2-OBL-030",
"NIS2-OBL-040"
],
"TOM.SDLC.02": [
"DSGVO-OBL-033",
"AIACT-OBL-008",
"NIS2-OBL-008",
"NIS2-OBL-040"
],
"TOM.SDLC.03": [
"AIACT-OBL-013",
"NIS2-OBL-020",
"NIS2-OBL-040"
],
"TOM.SDLC.04": [
"AIACT-OBL-020",
"NIS2-OBL-040"
],
"TOM.SDLC.05": [
"AIACT-OBL-040",
"AIACT-OBL-041",
"NIS2-OBL-040"
],
"TOM.SDLC.06": [
"AIACT-OBL-041"
],
"TOM.SDLC.07": [
"AIACT-OBL-042"
],
"TOM.SDLC.08": [
"AIACT-OBL-045"
],
"TOM.SDLC.09": [
"AIACT-OBL-045"
],
"TOM.VEN.01": [
"BDSG-OBL-030"
],
"TOM.VENDOR.01": [
"DSGVO-OBL-005",
"DSGVO-OBL-010",
"DSGVO-OBL-028",
"DSGVO-OBL-035",
"DSGVO-OBL-037",
"DSGVO-OBL-038",
"DSGVO-OBL-039",
"DSGVO-OBL-055",
"DSGVO-OBL-056",
"AIACT-OBL-026",
"NIS2-OBL-007",
"NIS2-OBL-030"
],
"TOM.VENDOR.02": [
"DSGVO-OBL-005",
"DSGVO-OBL-037",
"DSGVO-OBL-038",
"AIACT-OBL-027",
"NIS2-OBL-007"
],
"TOM.VENDOR.03": [
"DSGVO-OBL-010",
"DSGVO-OBL-055",
"DSGVO-OBL-056",
"DSGVO-OBL-057",
"AIACT-OBL-027",
"NIS2-OBL-007"
],
"TOM.VENDOR.04": [
"AIACT-OBL-033",
"NIS2-OBL-007"
],
"TOM.VENDOR.05": [
"AIACT-OBL-033",
"NIS2-OBL-019"
],
"TOM.VENDOR.06": [
"AIACT-OBL-034"
],
"TOM.VENDOR.07": [
"AIACT-OBL-034"
],
"TOM.WEB.01": [
"TTDSG-OBL-012",
"TTDSG-OBL-013",
"TTDSG-OBL-014"
]
}
}
Reference in New Issue View Git Blame Copy Permalink