devsecopsmaturitymodel
diff --git a/‎src/assets/YAML/default/BuildAndDeployment/Build.yaml‎
Lines changed: 10 additions & 8 deletions b/‎src/assets/YAML/default/BuildAndDeployment/Build.yaml‎
Lines changed: 10 additions & 8 deletions
diff --git a/‎src/assets/YAML/default/BuildAndDeployment/Deployment.yaml‎
Lines changed: 37 additions & 15 deletions b/‎src/assets/YAML/default/BuildAndDeployment/Deployment.yaml‎
Lines changed: 37 additions & 15 deletions
diff --git a/‎src/assets/YAML/default/BuildAndDeployment/PatchManagement.yaml‎
Lines changed: 9 additions & 6 deletions b/‎src/assets/YAML/default/BuildAndDeployment/PatchManagement.yaml‎
Lines changed: 9 additions & 6 deletions
diff --git a/‎src/assets/YAML/default/CultureAndOrganization/Design.yaml‎
Lines changed: 28 additions & 7 deletions b/‎src/assets/YAML/default/CultureAndOrganization/Design.yaml‎
Lines changed: 28 additions & 7 deletions
@@ -31,7 +31,7 @@ Build and Deployment:
         iso27001-2017:
         - 14.2.6
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 8.31
       isImplemented: false
       evidence: ""
       comments: ""
@@ -66,7 +66,8 @@ Build and Deployment:
         - 12.1.1
         - 14.2.2
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 5.37
+        - 8.32
       isImplemented: false
       evidence: ""
       comments: ""
@@ -97,7 +98,7 @@ Build and Deployment:
         iso27001-2017:
         - 14.2.6
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 8.31
       isImplemented: false
       evidence: ""
       comments: ""
@@ -119,10 +120,11 @@ Build and Deployment:
       references:
         samm2: []
         iso27001-2017:
-        - "8.1"
-        - "8.2"
+        - 8.1
+        - 8.2
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 5.9
+        - 5.12
       isImplemented: false
       evidence: ""
       comments: ""
@@ -148,7 +150,7 @@ Build and Deployment:
         iso27001-2017:
         - 14.2.6
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 8.31
       isImplemented: false
       evidence: ""
       comments: ""
@@ -173,7 +175,7 @@ Build and Deployment:
         iso27001-2017:
         - 14.2.6
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 8.31
       isImplemented: false
       evidence: ""
       comments: ""
 
@@ -27,7 +27,12 @@ Build and Deployment:
         - 12.5.1
         - 14.2.9
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 8.14
+        - 5.37
+        - 8.31
+        - 8.32
+        - 8.19
+        - 8.29
       isImplemented: false
       evidence: ""
       comments: ""
@@ -49,7 +54,7 @@ Build and Deployment:
         iso27001-2017:
         - 11.2.7
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 7.14
       isImplemented: false
       evidence: ""
       comments: ""
@@ -79,7 +84,8 @@ Build and Deployment:
         - 12.1.1
         - 14.2.2
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 5.37
+        - 8.32
       isImplemented: false
       evidence: ""
       comments: ""
@@ -108,7 +114,8 @@ Build and Deployment:
         - 9.4.5
         - 14.2.6
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 8.4
+        - 8.31
         d3f:
         - ApplicationConfigurationHardening
       isImplemented: false
@@ -142,7 +149,11 @@ Build and Deployment:
         - 9.4.1
         - 10.1.2
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 8.33
+        - 8.22
+        - 5.17
+        - 8.3
+        - 8.24
         d3f:
         - ApplicationConfigurationHardening
       isImplemented: false
@@ -170,10 +181,11 @@ Build and Deployment:
         samm2:
         - I-SD-2-A
         iso27001-2017:
-        - "8.1"
-        - "8.2"
+        - 8.1
+        - 8.2
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 5.9
+        - 5.12
       isImplemented: false
       evidence: ""
       comments: ""
@@ -195,10 +207,11 @@ Build and Deployment:
         samm2:
         - I-SD-2-A
         iso27001-2017:
-        - "8.1"
-        - "8.2"
+        - 8.1
+        - 8.2
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 5.9
+        - 5.12
       isImplemented: false
       evidence: ""
       comments: ""
@@ -225,7 +238,9 @@ Build and Deployment:
         - 14.2.2
         - 17.2.1
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 8.19
+        - 8.32
+        - 8.14
       isImplemented: false
       evidence: ""
       comments: ""
@@ -252,7 +267,9 @@ Build and Deployment:
         - 14.2.8
         - 12.1.4
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 8.33
+        - 8.29
+        - 8.31
       isImplemented: false
       evidence: ""
       comments: ""
@@ -280,7 +297,9 @@ Build and Deployment:
         - 14.2.9
         - 12.1.4
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 8.33
+        - 8.29
+        - 8.31
         d3f: 
         - ApplicationConfigurationHardening
       isImplemented: false
@@ -308,7 +327,10 @@ Build and Deployment:
         - 15.1.3
         - 14.1.3
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 5.19
+        - 5.20
+        - 5.21
+        - 8.26
       isImplemented: false
       evidence: ""
       comments: ""
 
@@ -20,7 +20,9 @@ Build and Deployment:
         - 12.5.1
         - 14.2.5
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 8.8
+        - 8.19
+        - 8.27
       isImplemented: false
       evidence: ""
       comments: ""
@@ -47,7 +49,8 @@ Build and Deployment:
         - 12.6.1
         - 14.2.5
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 8.8
+        - 8.27
       isImplemented: false
       evidence: ""
       comments: ""
@@ -70,7 +73,7 @@ Build and Deployment:
         iso27001-2017:
         - 12.6.1
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 8.8
       isImplemented: false
       evidence: ""
       comments: ""
@@ -95,7 +98,7 @@ Build and Deployment:
         - hardening is missing in ISO 27001
         - 14.2.1
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 8.25
       isImplemented: false
       evidence: ""
       comments: ""
@@ -121,7 +124,7 @@ Build and Deployment:
         iso27001-2017:
         - 12.6.1
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 8.8
       isImplemented: false
       evidence: ""
       comments: ""
@@ -144,7 +147,7 @@ Build and Deployment:
         iso27001-2017:
         - 12.6.1
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 8.8
       isImplemented: false
       evidence: ""
       comments: ""
 
@@ -44,7 +44,10 @@ Culture and Organization:
         - 8.2.1
         - 14.2.1
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - not explicitly covered by ISO 27001
+        - may be part of risk assessment
+        - 5.12
+        - 8.25
       isImplemented: false
       evidence: ""
       comments: ""
@@ -69,7 +72,10 @@ Culture and Organization:
         - 8.2.1
         - 14.2.1
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - not explicitly covered by ISO 27001
+        - may be part of risk assessment
+        - 5.12
+        - 8.25
       isImplemented: false
       evidence: ""
       comments: ""
@@ -143,7 +149,10 @@ Culture and Organization:
         - 8.2.1
         - 14.2.1
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - not explicitly covered by ISO 27001
+        - may be part of risk assessment
+        - 5.12
+        - 8.25
       isImplemented: false
       evidence: ""
       comments: ""
@@ -172,7 +181,11 @@ Culture and Organization:
         - may be part of risk assessment
         - 8.1.2
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - not explicitly covered by ISO 27001
+        - may be part of project management
+        - 5.8
+        - may be part of risk assessment
+        - 5.9
       isImplemented: false
       evidence: ""
       comments: ""
@@ -201,7 +214,11 @@ Culture and Organization:
         - may be part of risk assessment
         - 8.1.2
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - not explicitly covered by ISO 27001
+        - may be part of project management
+        - 5.8
+        - may be part of risk assessment
+        - 5.9
       isImplemented: false
       evidence: ""
       comments: ""
@@ -231,7 +248,10 @@ Culture and Organization:
         - 8.2.1
         - 14.2.1
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - not explicitly covered by ISO 27001
+        - may be part of risk assessment
+        - 5.12
+        - 8.25
       isImplemented: false
       evidence: ""
       comments: ""
@@ -254,7 +274,8 @@ Culture and Organization:
         - 5.1.1
         - 7.2.1
         iso27001-2022:
-        - ISO 27001:2022 mapping is missing
+        - 5.1
+        - 5.4
       isImplemented: false
       evidence: ""
       comments: ""