Skip to content

Commit 1166f78

Browse files
jonashirnerjonashirner
committed
ISO 27001:2022 mapping for CultureAndOrganization
1 parent 8555557 commit 1166f78

3 files changed

Lines changed: 68 additions & 29 deletions

File tree

src/assets/YAML/default/CultureAndOrganization/Design.yaml

Lines changed: 28 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,10 @@ Culture and Organization:
4444
- 8.2.1
4545
- 14.2.1
4646
iso27001-2022:
47-
- ISO 27001:2022 mapping is missing
47+
- not explicitly covered by ISO 27001
48+
- may be part of risk assessment
49+
- 5.12
50+
- 8.25
4851
isImplemented: false
4952
evidence: ""
5053
comments: ""
@@ -69,7 +72,10 @@ Culture and Organization:
6972
- 8.2.1
7073
- 14.2.1
7174
iso27001-2022:
72-
- ISO 27001:2022 mapping is missing
75+
- not explicitly covered by ISO 27001
76+
- may be part of risk assessment
77+
- 5.12
78+
- 8.25
7379
isImplemented: false
7480
evidence: ""
7581
comments: ""
@@ -143,7 +149,10 @@ Culture and Organization:
143149
- 8.2.1
144150
- 14.2.1
145151
iso27001-2022:
146-
- ISO 27001:2022 mapping is missing
152+
- not explicitly covered by ISO 27001
153+
- may be part of risk assessment
154+
- 5.12
155+
- 8.25
147156
isImplemented: false
148157
evidence: ""
149158
comments: ""
@@ -172,7 +181,11 @@ Culture and Organization:
172181
- may be part of risk assessment
173182
- 8.1.2
174183
iso27001-2022:
175-
- ISO 27001:2022 mapping is missing
184+
- not explicitly covered by ISO 27001
185+
- may be part of project management
186+
- 5.8
187+
- may be part of risk assessment
188+
- 5.9
176189
isImplemented: false
177190
evidence: ""
178191
comments: ""
@@ -201,7 +214,11 @@ Culture and Organization:
201214
- may be part of risk assessment
202215
- 8.1.2
203216
iso27001-2022:
204-
- ISO 27001:2022 mapping is missing
217+
- not explicitly covered by ISO 27001
218+
- may be part of project management
219+
- 5.8
220+
- may be part of risk assessment
221+
- 5.9
205222
isImplemented: false
206223
evidence: ""
207224
comments: ""
@@ -231,7 +248,10 @@ Culture and Organization:
231248
- 8.2.1
232249
- 14.2.1
233250
iso27001-2022:
234-
- ISO 27001:2022 mapping is missing
251+
- not explicitly covered by ISO 27001
252+
- may be part of risk assessment
253+
- 5.12
254+
- 8.25
235255
isImplemented: false
236256
evidence: ""
237257
comments: ""
@@ -254,7 +274,8 @@ Culture and Organization:
254274
- 5.1.1
255275
- 7.2.1
256276
iso27001-2022:
257-
- ISO 27001:2022 mapping is missing
277+
- 5.1
278+
- 5.4
258279
isImplemented: false
259280
evidence: ""
260281
comments: ""

src/assets/YAML/default/CultureAndOrganization/EducationAndGuidance.yaml

Lines changed: 31 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ Culture and Organization:
2222
iso27001-2017:
2323
- 7.2.2
2424
iso27001-2022:
25-
- ISO 27001:2022 mapping is missing
25+
- 6.3
2626
isImplemented: false
2727
evidence: ""
2828
comments: ""
@@ -46,7 +46,7 @@ Culture and Organization:
4646
iso27001-2017:
4747
- 7.1.1
4848
iso27001-2022:
49-
- ISO 27001:2022 mapping is missing
49+
- 6.1
5050
isImplemented: false
5151
evidence: ""
5252
comments: ""
@@ -71,7 +71,7 @@ Culture and Organization:
7171
iso27001-2017:
7272
- 7.2.2
7373
iso27001-2022:
74-
- ISO 27001:2022 mapping is missing
74+
- 6.3
7575
isImplemented: false
7676
evidence: ""
7777
comments: ""
@@ -98,7 +98,11 @@ Culture and Organization:
9898
- 12.6.1
9999
- 12.7.1
100100
iso27001-2022:
101-
- ISO 27001:2022 mapping is missing
101+
- Mutual review of source code is not explicitly required in ISO 27001 may
102+
be
103+
- 6.3
104+
- 8.8
105+
- 8.34
102106
isImplemented: false
103107
evidence: ""
104108
comments: ""
@@ -121,7 +125,8 @@ Culture and Organization:
121125
- Mutual security testing is not explicitly required in ISO 27001 may be
122126
- 7.2.2
123127
iso27001-2022:
124-
- ISO 27001:2022 mapping is missing
128+
- Mutual security testing is not explicitly required in ISO 27001 may be
129+
- 6.3
125130
isImplemented: false
126131
evidence: ""
127132
comments: ""
@@ -141,12 +146,15 @@ Culture and Organization:
141146
samm2:
142147
- G-EG-2-A
143148
iso27001-2017:
144-
- ware games are not explicitly required in ISO 27001 may be
149+
- War games are not explicitly required in ISO 27001 may be
145150
- 7.2.2
146-
- "16.1"
151+
- 16.1
147152
- 16.1.5
148153
iso27001-2022:
149-
- ISO 27001:2022 mapping is missing
154+
- War games are not explicitly required in ISO 27001 may be
155+
- 6.3
156+
- 5.24
157+
- 5.26
150158
isImplemented: false
151159
evidence: ""
152160
comments: ""
@@ -187,11 +195,13 @@ Culture and Organization:
187195
- G-EG-1-B
188196
- G-EG-2-B
189197
iso27001-2017:
190-
- security champions are missing in ISO 27001 most likely
198+
- Security champions are missing in ISO 27001 most likely
191199
- 7.2.1
192200
- 7.2.2
193201
iso27001-2022:
194-
- ISO 27001:2022 mapping is missing
202+
- Security champions are missing in ISO 27001 most likely
203+
- 5.4
204+
- 6.3
195205
isImplemented: false
196206
evidence: ""
197207
comments: ""
@@ -222,7 +232,7 @@ Culture and Organization:
222232
iso27001-2017:
223233
- 7.2.2
224234
iso27001-2022:
225-
- ISO 27001:2022 mapping is missing
235+
- 6.3
226236
isImplemented: false
227237
evidence: ""
228238
comments: ""
@@ -245,7 +255,7 @@ Culture and Organization:
245255
iso27001-2017:
246256
- 7.2.2
247257
iso27001-2022:
248-
- ISO 27001:2022 mapping is missing
258+
- 6.3
249259
isImplemented: false
250260
evidence: ""
251261
comments: ""
@@ -270,10 +280,11 @@ Culture and Organization:
270280
- D-TA-2-B
271281
- G-EG-1-A
272282
iso27001-2017:
273-
- security champions are missing in ISO 27001
283+
- Security champions are missing in ISO 27001
274284
- 7.2.2
275285
iso27001-2022:
276-
- ISO 27001:2022 mapping is missing
286+
- Security champions are missing in ISO 27001
287+
- 6.3
277288
isImplemented: false
278289
evidence: ""
279290
comments: ""
@@ -362,7 +373,10 @@ Culture and Organization:
362373
- 6.1.4
363374
- 6.1.5
364375
iso27001-2022:
365-
- ISO 27001:2022 mapping is missing
376+
- Security consulting is missing in ISO 27001 may be
377+
- 5.2
378+
- 5.6
379+
- 5.8
366380
isImplemented: false
367381
evidence: ""
368382
comments: ""
@@ -384,7 +398,7 @@ Culture and Organization:
384398
iso27001-2017:
385399
- 16.1.6
386400
iso27001-2022:
387-
- ISO 27001:2022 mapping is missing
401+
- 5.27
388402
isImplemented: false
389403
evidence: ""
390404
comments: ""
@@ -423,7 +437,7 @@ Culture and Organization:
423437
iso27001-2017:
424438
- 7.2.2
425439
iso27001-2022:
426-
- ISO 27001:2022 mapping is missing
440+
- 6.3
427441
isImplemented: false
428442
evidence: ""
429443
comments: ""

src/assets/YAML/default/CultureAndOrganization/Process.yaml

Lines changed: 9 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -17,11 +17,13 @@ Culture and Organization:
1717
references:
1818
samm2: []
1919
iso27001-2017:
20-
- peer review - four eyes principle is not explicitly required by ISO 27001
20+
- Peer review - four eyes principle is not explicitly required by ISO 27001
2121
- 6.1.2
2222
- 14.2.1
2323
iso27001-2022:
24-
- ISO 27001:2022 mapping is missing
24+
- Peer review - four eyes principle is not explicitly required by ISO 27001
25+
- 5.3
26+
- 8.25
2527
isImplemented: false
2628
evidence: ""
2729
comments: ""
@@ -43,7 +45,8 @@ Culture and Organization:
4345
- 12.1.2
4446
- 12.4.1
4547
iso27001-2022:
46-
- ISO 27001:2022 mapping is missing
48+
- 8.32
49+
- 8.15
4750
isImplemented: false
4851
evidence: ""
4952
comments: ""
@@ -67,7 +70,7 @@ Culture and Organization:
6770
iso27001-2017:
6871
- 17.1.1
6972
iso27001-2022:
70-
- ISO 27001:2022 mapping is missing
73+
- 5.29
7174
isImplemented: false
7275
evidence: ""
7376
comments: ""
@@ -92,7 +95,8 @@ Culture and Organization:
9295
- 12.5.1
9396
- 12.6.1
9497
iso27001-2022:
95-
- ISO 27001:2022 mapping is missing
98+
- 8.19
99+
- 8.8
96100
isImplemented: false
97101
evidence: ""
98102
comments: ""

0 commit comments

Comments
 (0)