https://objects.monarc.lu/objects.atom 2024-05-02T13:22:55.370772+00:00 https://opensource.nc3.lu/ opensource@nc3.lu python-feedgen https://objects.monarc.lu/object/get/5122 2024-05-02T13:22:55.438039+00:00 MONARC { "a": true, "c": false, "code": "COVID-19", "description": "Corona virus", "i": false, "label": "Corona virus", "language": "EN", "theme": "Loss of essential services", "uuid": "1d5d4e81-1b8a-46eb-a00f-6c6d35ef816d" } 2021-04-13T13:06:49.310656+00:00 https://objects.monarc.lu/object/get/5203 2024-05-02T13:22:55.437809+00:00 MONARC { "authors": [ "The MONARC project" ], "label": "Preventive measures to avoid the contanination and to lower the impact of a contamination of an employee with COVID-19", "language": "EN", "refs": [ "https://gouvernement.lu/coronavirus" ], "uuid": "8e0715b2-192e-4535-b0cb-d62f71e33ce1", "values": [ { "code": "COVID-19_Rec-1", "description": "Wash your hands regularly and properly.", "importance": 3, "uuid": "43a89c13-8660-4ee4-83e5-98fda07031cf" }, { "code": "COVID-19_Rec-2", "description": "Do you cough or sneeze? Do it in a tissue or in the crease of the elbow. Throw the tissue in a bin with a lid.", "importance": 3, "uuid": "6031a6a6-f840-4e9a-8487-c8ac7d63db9f" }, { "code": "COVID-19_Rec-3", "description": "Avoid shaking hands or kissing.", "importance": 3, "uuid": "9dc7bc8f-5433-4518-8261-a00ec0c8fd6a" }, { "code": "COVID-19_Rec-4", "description": "Avoid close contact with sick people (keep a distance of at least 2 meters).", "importance": 3, "uuid": "5e9f15cb-cf84-44b7-8388-d7c063e45eff" }, { "code": "COVID-19_Rec-5", "description": "Stay home if you are sick. Don't go to work!", "importance": 3, "uuid": "b505aa3e-369f-49e4-b65a-3a8c0f2d3ce2" }, { "code": "COVID-19_Rec-6", "description": "Avoid touching your face with your hands as much as possible.", "importance": 3, "uuid": "880e6e99-c4a1-4f5f-82f8-41c6609a7ff1" }, { "code": "COVID-19_Rec-7", "description": "Keep up-to-date documentation of workflows.", "importance": 3, "uuid": "67bbd888-c5d7-4ccb-804a-befee66eea49" }, { "code": "COVID-19_Rec-8", "description": "Regularly train employees in order to prevent single point of failure.", "importance": 3, "uuid": "69fd1d1c-c848-4c0b-b3d9-92e9b03984a4" } ], "version": 1 } 2021-04-13T13:07:02.477106+00:00 https://objects.monarc.lu/object/get/5200 2024-05-02T13:22:55.436629+00:00 MISP { "authors": [ "Various" ], "label": "Preventive Measure", "uuid": "1a8e55eb-a0ff-425b-80e0-30df866f8f65", "values": [ { "code": "Backup and Restore Process", "description": "Make sure to have adequate backup processes on place and frequently test a restore of these backups.(Schr\u00f6dinger's backup - it is both existent and non-existent until you've tried a restore", "importance": 0, "uuid": "5f942376-ea5b-4b23-9c26-81d3aeba7fb4" }, { "code": "Block Macros", "description": "Disable macros in Office files downloaded from the Internet. This can be configured to work in two different modes:A.) Open downloaded documents in 'Protected View'B.) Open downloaded documents and block all macros", "importance": 0, "uuid": "79563662-8d92-4fd1-929a-9b8926a62685" }, { "code": "Disable WSH", "description": "Disable Windows Script Host", "importance": 0, "uuid": "e6df1619-f8b3-476c-b5cf-22b4c9e9dd7f" }, { "code": "Filter Attachments Level 1", "description": "Filter the following attachments on your mail gateway:.ade, .adp, .ani, .bas, .bat, .chm, .cmd, .com, .cpl, .crt, .exe, .hlp, .ht, .hta, .inf, .ins, .isp, .jar, .job, .js, .jse, .lnk, .mda, .mdb, .mde, .mdz, .msc, .msi, .msp, .mst, .ocx, .pcd, .ps1, .reg, .scr, .sct, .shs, .svg, .url, .vb, .vbe, .vbs, .wbk, .wsc, .ws, .wsf, .wsh, .exe, .pif, .pub", "importance": 0, "uuid": "7055b72b-b113-4f93-8387-e6f58ce5fc92" }, { "code": "Filter Attachments Level 2", "description": "Filter the following attachments on your mail gateway:(Filter expression of Level 1 plus) .doc, .xls, .rtf, .docm, .xlsm, .pptm", "importance": 0, "uuid": "8c9bbbf5-a321-4eb1-8c03-a399a9687687" }, { "code": "Restrict program execution", "description": "Block all program executions from the %LocalAppData% and %AppData% folder", "importance": 0, "uuid": "6a234b1d-8e86-49c4-91d6-cc3be3d04f74" }, { "code": "Show File Extensions", "description": "Set the registry key \"HideFileExt\" to 0 in order to show all file extensions, even of known file types. This helps avoiding cloaking tricks that use double extensions. (e.g. \"not_a_virus.pdf.exe\")", "importance": 0, "uuid": "5b911d46-66c8-4180-ab97-663a0868264e" }, { "code": "Enforce UAC Prompt", "description": "Enforce administrative users to confirm an action that requires elevated rights", "importance": 0, "uuid": "3f8c55db-611e-4831-b624-f9cbdc3b0e11" }, { "code": "Remove Admin Privileges", "description": "Remove and restrict administrative rights whenever possible. Malware can only modify files that users have write access to.", "importance": 0, "uuid": "168f94d3-4ffc-4ea6-8f2e-8ba699f0fef6" }, { "code": "Restrict Workstation Communication", "description": "Activate the Windows Firewall to restrict workstation to workstation communication", "importance": 0, "uuid": "fb25c345-0cee-4ae7-ab31-c1c801cde1c2" }, { "code": "Sandboxing Email Input", "description": "Using sandbox that opens email attachments and removes attachments based on behavior analysis", "importance": 0, "uuid": "7960740f-71a5-42db-8a1a-1c7ccbf83349" }, { "code": "Execution Prevention", "description": "Software that allows to control the execution of processes - sometimes integrated in Antivirus softwareFree: AntiHook, ProcessGuard, System Safety Monitor", "importance": 0, "uuid": "bfda0c9e-1303-4861-b028-e0506dd8861c" }, { "code": "Change Default \"Open With\" to Notepad", "description": "Force extensions primarily used for infections to open up in Notepad rather than Windows Script Host or Internet Explorer", "importance": 0, "uuid": "3b7bc1b2-e04f-4492-b3b1-87bb6701635b" }, { "code": "File Screening", "description": "Server-side file screening with the help of File Server Resource Manager", "importance": 0, "uuid": "79769940-7cd2-4aaa-80da-b90c0372b898" }, { "code": "Restrict program execution #2", "description": "Block program executions (AppLocker)", "importance": 0, "uuid": "feb6cddb-4182-4515-94dc-0eadffcdc098" }, { "code": "EMET", "description": "Detect and block exploitation techniques", "importance": 0, "uuid": "5f0a749f-88f2-4e6e-8fd8-46307f8439f6" }, { "code": "Sysmon", "description": "Detect Ransomware in an early stage with new Sysmon 5 File/Registry monitoring", "importance": 0, "uuid": "1b1e5664-4250-459b-adbb-f0b33f64bf7e" }, { "code": "Blacklist-phone-numbers", "description": "Filter the numbers at phone routing level including PABX", "importance": 0, "uuid": "123e20c5-8f44-4de5-a183-6890788e5a81" }, { "code": "ACL", "description": "Restrict access to shares users should not be allowed to write to", "importance": 0, "uuid": "3e7a7fb5-8db2-4033-8f4f-d76721819765" } ], "version": 3 } 2021-04-13T13:08:05.850559+00:00 https://objects.monarc.lu/object/get/5204 2024-05-02T13:22:55.436379+00:00 MONARC { "authors": [ "MITRE ATT&CK\u00ae" ], "label": "MITRE ATT&CK - Mobile Mitigations", "language": "EN", "refs": [ "https://attack.mitre.org/mitigations/mobile/" ], "uuid": "f3caa83b-28fb-49fd-b7ad-6e4cd1aaad07", "values": [ { "code": "M1013 - Application Developer Guidance", "description": "This mitigation describes any guidance or training given to developers of applications to avoid introducing security weaknesses that an adversary may be able to take advantage of.", "importance": 0, "uuid": "90624dfc-21b6-4172-8848-a4042860656b" }, { "code": "M1005 - Application Vetting", "description": "Enterprises can vet applications for exploitable vulnerabilities or unwanted (privacy-invasive or malicious) behaviors. Enterprises can inspect applications themselves or use a third-party service.", "importance": 0, "uuid": "7fd9df45-7351-420c-8116-57d48fa23c40" }, { "code": "M1002 - Attestation", "description": "Enable remote attestation capabilities when available (such as Android SafetyNet or Samsung Knox TIMA Attestation) and prohibit devices that fail the attestation from accessing enterprise resources.", "importance": 0, "uuid": "5617161e-a40d-461a-ae8e-6a0650392e3a" }, { "code": "M1007 - Caution with Device Administrator Access", "description": "Warn device users not to accept requests to grant Device Administrator access to applications without good reason.", "importance": 0, "uuid": "63138250-3821-45f3-a820-55d0ffa30367" }, { "code": "M1010 - Deploy Compromised Device Detection Method", "description": "A variety of methods exist that can be used to enable enterprises to identify compromised (e.g. rooted/jailbroken) devices, whether using security mechanisms built directly into the device, third-party mobile security applications, enterprise mobility management (EMM)/mobile device management (MDM) capabilities, or other methods. Some methods may be trivial to evade while others may be more sophisticated.", "importance": 0, "uuid": "6501d616-1a60-4b38-a40a-847ad5d28058" }, { "code": "M1009 - Encrypt Network Traffic", "description": "Application developers should encrypt all of their application network traffic using the Transport Layer Security (TLS) protocol to ensure protection of sensitive data and deter network-based attacks. If desired, application developers could perform message-based encryption of data before passing it for TLS encryption.", "importance": 0, "uuid": "c591b8fd-5f57-4064-b5c5-f0acd38ae41f" }, { "code": "M1012 - Enterprise Policy", "description": "An enterprise mobility management (EMM), also known as mobile device management (MDM), system can be used to provision policies to mobile devices to control aspects of their allowed behavior.", "importance": 0, "uuid": "b141135f-2c2f-4588-9d4c-6c7abd243e23" }, { "code": "M1014 - Interconnection Filtering", "description": "In order to mitigate Signaling System 7 (SS7) exploitation, the Communications, Security, Reliability, and Interoperability Council (CSRIC) describes filtering interconnections between network operators to block inappropriate requests.", "importance": 0, "uuid": "6066f816-7914-4228-96b6-155f4501d70c" }, { "code": "M1003 - Lock Bootloader", "description": "On devices that provide the capability to unlock the bootloader (hence allowing any operating system code to be flashed onto the device), perform periodic checks to ensure that the bootloader is locked.", "importance": 0, "uuid": "148c35e1-7837-42a2-9884-4e475a48e6a3" }, { "code": "M1001 - Security Updates", "description": "Install security updates in response to discovered vulnerabilities.", "importance": 0, "uuid": "057adb3d-1eeb-4f04-a9c6-c08b514bc785" }, { "code": "M1004 - System Partition Integrity", "description": "Ensure that Android devices being used include and enable the Verified Boot capability, which cryptographically ensures the integrity of the system partition.", "importance": 0, "uuid": "daa42611-836d-464e-aab5-80d41da314cf" }, { "code": "M1006 - Use Recent OS Version", "description": "New mobile operating system versions bring not only patches against discovered vulnerabilities but also often bring security architecture improvements that provide resilience against potential vulnerabilities or weaknesses that have not yet been discovered. They may also bring improvements that block use of observed adversary techniques.", "importance": 0, "uuid": "f4bbe273-dc6c-4b5d-8c66-286effded2c7" }, { "code": "M1011 - User Guidance", "description": "Describes any guidance or training given to users to set particular configuration settings or avoid specific potentially risky behaviors.", "importance": 0, "uuid": "8f023e31-b83d-4323-ba0e-888ec025b35f" } ], "version": 6.3 } 2021-04-13T13:09:24.093861+00:00 https://objects.monarc.lu/object/get/5205 2024-05-02T13:22:55.435921+00:00 MONARC { "authors": [ "MITRE ATT&CK\u00ae" ], "label": "MITRE ATT&CK - Enterprise Mitigations", "language": "EN", "refs": [ "https://attack.mitre.org/mitigations/enterprise/" ], "uuid": "355a1506-4d46-4ace-a044-234ba5cc00e4", "values": [ { "code": "M1036 - Account Use Policies", "description": "Configure features related to account use like login attempt lockouts, specific login times, etc.", "importance": 0, "uuid": "5fc7d0fc-e28d-4f7a-a403-7e7bdda88e0d" }, { "code": "M1015 - Active Directory Configuration", "description": "Configure Active Directory to prevent use of certain techniques; use SID Filtering, etc.", "importance": 0, "uuid": "4aa9409f-bf4c-43c4-985b-a1435854c378" }, { "code": "M1049 - Antivirus/Antimalware", "description": "Use signatures or heuristics to detect malicious software.", "importance": 0, "uuid": "26347771-8c53-40f8-8416-de6ebce40d52" }, { "code": "M1013 - Application Developer Guidance", "description": "This mitigation describes any guidance or training given to developers of applications to avoid introducing security weaknesses that an adversary may be able to take advantage of.", "importance": 0, "uuid": "a45f1b4e-169a-4ce9-b1a8-aa3a06eda460" }, { "code": "M1048 - Application Isolation and Sandboxing", "description": "Restrict execution of code to a virtual environment on or in transit to an endpoint system.", "importance": 0, "uuid": "b01fca12-12d0-498b-a2ea-d6d526094393" }, { "code": "M1047 - Audit", "description": "Perform audits or scans of systems, permissions, insecure software, insecure configurations, etc. to identify potential weaknesses.", "importance": 0, "uuid": "fe0afbce-14d2-4fc0-b9d9-0ded2d2d46bf" }, { "code": "M1040 - Behavior Prevention on Endpoint", "description": "Use capabilities to prevent suspicious behavior patterns from occurring on endpoint systems. This could include suspicious process, file, API call, etc. behavior.", "importance": 0, "uuid": "2d4bd512-601b-428d-8c96-93eb0f8ab270" }, { "code": "M1046 - Boot Integrity", "description": "Use secure methods to boot a system and verify the integrity of the operating system and loading mechanisms.", "importance": 0, "uuid": "7b98e144-2052-4365-a644-e439dd0b50f3" }, { "code": "M1045 - Code Signing", "description": "Enforce binary and application integrity with digital signature verification to prevent untrusted code from executing.", "importance": 0, "uuid": "b1bf2dc7-78a8-42d5-8912-3aff922f2c53" }, { "code": "M1043 - Credential Access Protection", "description": "Use capabilities to prevent successful credential access by adversaries; including blocking forms of credential dumping.", "importance": 0, "uuid": "645905d3-2e47-45e8-b61d-35ee230d162c" }, { "code": "M1053 - Data Backup", "description": "Take and store data backups from end user systems and critical servers. Ensure backup and storage systems are hardened and kept separate from the corporate network to prevent compromise.", "importance": 0, "uuid": "f687063a-4811-4782-9e6d-47368554818c" }, { "code": "M1042 - Disable or Remove Feature or Program", "description": "Remove or deny access to unnecessary and potentially vulnerable software to prevent abuse by adversaries.", "importance": 0, "uuid": "479cf2d6-6772-4b07-9e3d-748c3c64acdd" }, { "code": "M1055 - Do Not Mitigate", "description": "This category is to associate techniques that mitigation might increase risk of compromise and therefore mitigation is not recommended.", "importance": 0, "uuid": "a5927ec6-60da-4367-8e4e-a6db261c2433" }, { "code": "M1041 - Encrypt Sensitive Information", "description": "Protect sensitive information with strong encryption.", "importance": 0, "uuid": "5c4c5b69-fc94-4922-b9a3-c7a621faaca8" }, { "code": "M1039 - Environment Variable Permissions", "description": "Prevent modification of environment variables by unauthorized users and groups.", "importance": 0, "uuid": "2ffd3b45-aa5f-4363-a6e9-c9c8dec111b6" }, { "code": "M1038 - Execution Prevention", "description": "Block execution of code on a system through application whitelisting, blacklisting, and/or script blocking.", "importance": 0, "uuid": "4d4ea32d-ec56-4eba-b22a-0ef3a1946a21" }, { "code": "M1050 - Exploit Protection", "description": "Use capabilities to detect and block conditions that may lead to or be indicative of a software exploit occurring.", "importance": 0, "uuid": "25a8c89c-382f-4431-87ea-3b886e07c1ab" }, { "code": "M1037 - Filter Network Traffic", "description": "Use network appliances to filter ingress or egress traffic and perform protocol-based filtering. Configure software on endpoints to filter network traffic.", "importance": 0, "uuid": "c50e3dd7-d87b-498c-892c-d0683c38b1e1" }, { "code": "M1035 - Limit Access to Resource Over Network", "description": "Prevent access to file shares, remote access to systems, unnecessary services. Mechanisms to limit access may include use of network concentrators, RDP gateways, etc.", "importance": 0, "uuid": "bb516ce1-5241-428b-ad41-ef292ef4b691" }, { "code": "M1034 - Limit Hardware Installation", "description": "Block users or groups from installing or using unapproved hardware on systems, including USB devices.", "importance": 0, "uuid": "ac4469fb-cfa0-4979-8a0e-d5137e1cf750" }, { "code": "M1033 - Limit Software Installation", "description": "Block users or groups from installing unapproved software.", "importance": 0, "uuid": "cdddeaa0-0ff7-4dda-8d8d-2836bd65862f" }, { "code": "M1032 - Multi-factor Authentication", "description": "Use two or more pieces of evidence to authenticate to a system; such as username and password in addition to a token from a physical smart card or token generator.", "importance": 0, "uuid": "65bcbe9f-e7cb-4262-b5d4-dddc79bb4740" }, { "code": "M1031 - Network Intrusion Prevention", "description": "Use intrusion detection signatures to block traffic at network boundaries.", "importance": 0, "uuid": "cd1c61bb-0655-4d10-93a8-4f19fe409802" }, { "code": "M1030 - Network Segmentation", "description": "Architect sections of the network to isolate critical systems, functions, or resources. Use physical and logical segmentation to prevent access to potentially sensitive systems and information. Use a DMZ to contain any internet-facing services that should not be exposed from the internal network.", "importance": 0, "uuid": "992b2dff-d6d5-4af8-adf6-e05a21c48fcb" }, { "code": "M1028 - Operating System Configuration", "description": "Make configuration changes related to the operating system or a common feature of the operating system that result in system hardening against techniques.", "importance": 0, "uuid": "33242a01-d66e-4361-9cd0-6c84e5ed405a" }, { "code": "M1027 - Password Policies", "description": "Set and enforce secure password policies for accounts.", "importance": 0, "uuid": "87f7ae7d-d7af-40e5-8e26-ed046e49ecec" }, { "code": "M1026 - Privileged Account Management", "description": "Manage the creation, modification, use, and permissions associated to privileged accounts, including SYSTEM and root.", "importance": 0, "uuid": "237dc8eb-d3e8-4561-80c9-d6c10f3101dd" }, { "code": "M1025 - Privileged Process Integrity", "description": "Protect processes with high privileges that can be used to interact with critical system components through use of protected process light, anti-process injection defenses, or other process integrity enforcement measures.", "importance": 0, "uuid": "4f82cb16-f43a-4032-bebb-63e901dc669d" }, { "code": "M1029 - Remote Data Storage", "description": "Use remote security log and sensitive file storage where access can be controlled better to prevent exposure of intrusion detection log data or sensitive information.", "importance": 0, "uuid": "cb442fee-310a-4bd4-a5ac-0607a1132d80" }, { "code": "M1022 - Restrict File and Directory Permissions", "description": "Restrict access by setting directory and file permissions that are not specific to users or privileged accounts.", "importance": 0, "uuid": "556d2fa4-ec80-4012-8d42-cf2aa003883c" }, { "code": "M1044 - Restrict Library Loading", "description": "Prevent abuse of library loading mechanisms in the operating system and software to load untrusted code by configuring appropriate library loading mechanisms and investigating potential vulnerable software.", "importance": 0, "uuid": "81ff3e62-c8a5-437d-90af-a90a77a7240b" }, { "code": "M1024 - Restrict Registry Permissions", "description": "Restrict the ability to modify certain hives or keys in the Windows Registry.", "importance": 0, "uuid": "4a464358-5cb8-471b-8f42-b222cff6ee23" }, { "code": "M1021 - Restrict Web-Based Content", "description": "Restrict use of certain websites, block downloads/attachments, block Javascript, restrict browser extensions, etc.", "importance": 0, "uuid": "0874d800-bded-4bd1-a5a8-d68f83db734e" }, { "code": "M1054 - Software Configuration", "description": "Implement configuration changes to software (other than the operating system) to mitigate security risks associated to how the software operates.", "importance": 0, "uuid": "7a99e33f-0fb4-487a-b965-f19d7c6d0977" }, { "code": "M1020 - SSL/TLS Inspection", "description": "Break and inspect SSL/TLS sessions to look at encrypted web traffic for adversary activity.", "importance": 0, "uuid": "e4cf1546-a2cb-4d8d-8bd2-a88bd60b2fb4" }, { "code": "M1019 - Threat Intelligence Program", "description": "A threat intelligence program helps an organization generate their own threat intelligence information and track trends to inform defensive priorities to mitigate risk.", "importance": 0, "uuid": "1af3aa74-5d49-4285-a9d1-a15cc9fb84b9" }, { "code": "M1051 - Update Software", "description": "Perform regular software updates to mitigate exploitation risk.", "importance": 0, "uuid": "541d848f-2672-42f6-be1c-6b1b0f76100e" }, { "code": "M1052 - User Account Control", "description": "Configure Windows User Account Control to mitigate risk of adversaries obtaining elevated process access.", "importance": 0, "uuid": "3d3be1de-7d06-4f89-a8a5-c73e06384f4d" }, { "code": "M1018 - User Account Management", "description": "Manage the creation, modification, use, and permissions associated to user accounts.", "importance": 0, "uuid": "8d1fcda5-0e35-43c8-aab5-2b2bebf97c4c" }, { "code": "M1017 - User Training", "description": "Train users to to be aware of access or manipulation attempts by an adversary to reduce the risk of successful spearphishing, social engineering, and other techniques that involve user interaction.", "importance": 0, "uuid": "9e318f0b-0864-4150-a50c-6e1118dd69e7" }, { "code": "M1016 - Vulnerability Scanning", "description": "Vulnerability scanning is used to find potentially exploitable software vulnerabilities to remediate them.", "importance": 0, "uuid": "406160f2-9c33-44c2-b1d2-852478fe050d" } ], "version": 6.3 } 2021-04-13T13:10:22.882035+00:00 https://objects.monarc.lu/object/get/5207 2024-05-02T13:22:55.434615+00:00 Various contributors { "authors": [ "S3cN3tSys" ], "label": "CIS Controls v8 safeguards", "language": "EN", "refs": [ "https://www.cisecurity.org/controls/v8/" ], "uuid": "e104cdf4-2fff-4989-9636-c16ddd8b2a78", "values": [ { "code": "1.1-Devices-Identify-IG1", "description": "Inventory and control of enterprise assets-Establish and maintain detailed enterprise asset inventory", "importance": 0, "uuid": "bddbfd9a-bd01-4818-9b0f-59b876243c90" }, { "code": "1.2-Devices-Respond-IG1", "description": "Inventory and control of enterprise assets-Address unauthorized assets", "importance": 0, "uuid": "df7b8cf0-93ef-49ce-bb41-3ae405ed0953" }, { "code": "1.3-Devices-Detect-IG2", "description": "Inventory and control of enterprise assets-Utilize an active discovery tool", "importance": 0, "uuid": "0a290b75-f9a0-4103-a5ee-95900765c420" }, { "code": "1.4-Devices-Identify-IG2", "description": "Inventory and control of enterprise assets-Use dynamic host configuration protocol (DHCP) logging to update enterprise asset inventory", "importance": 0, "uuid": "b511f821-a439-4591-b3ae-018e4669ecd2" }, { "code": "1.5-Devices-Detect-IG3", "description": "Inventory and control of enterprise assets-Use a passive asset discovery tool", "importance": 0, "uuid": "e087cb99-8458-46e9-a685-d8b9c1d90309" }, { "code": "10.1-Devices-Protect-IG1", "description": "Malware defenses-Deploy and maintain anti-malware software", "importance": 0, "uuid": "3dc09e1e-964f-465d-81b3-e7bee3dc4fc2" }, { "code": "10.2-Devices-Protect-IG1", "description": "Malware defenses-Configure automatic anti-malware signature updates", "importance": 0, "uuid": "d6c49f98-6204-42e6-a1f4-f0f7206e2485" }, { "code": "10.3-Devices-Protect-IG1", "description": "Malware defenses-Disable autorun and autoplay for removable media", "importance": 0, "uuid": "d25cd6be-da2a-4262-9949-168cdd555c36" }, { "code": "10.4-Devices-Detect-IG2", "description": "Malware defenses-Configure automatic anti-malware scanning of removable media", "importance": 0, "uuid": "0f85c704-796b-4620-ab3b-307d870cf02e" }, { "code": "10.5-Devices-Protect-IG2", "description": "Malware defenses-Enable anti-exploitation features", "importance": 0, "uuid": "71bcef8a-b0f9-4a9d-8736-7106eed100aa" }, { "code": "10.6-Devices-Protect-IG2", "description": "Malware defenses-Centrally manage anti-malware software", "importance": 0, "uuid": "992326df-4230-4411-8369-271031da8fd3" }, { "code": "10.7-Devices-Detect-IG2", "description": "Malware defenses-Use behavior-based anti-malware software", "importance": 0, "uuid": "5ff9342c-ef4b-4a94-846b-116449b816cc" }, { "code": "11.1-Data-Recover-IG1", "description": "Data recovery-Establish and maintain a data recovery process", "importance": 0, "uuid": "a13ea0ef-ffb0-40b1-ad2a-12575023abc3" }, { "code": "11.2-Data-Recover-IG1", "description": "Data recovery-Perform automated backups", "importance": 0, "uuid": "5d962f76-f06c-4ac8-8719-1e076bc045fa" }, { "code": "11.3-Data-Protect-IG1", "description": "Data recovery-Protect recovery data", "importance": 0, "uuid": "8f1aea43-f84d-42f8-963b-f022bc26e0f0" }, { "code": "11.4-Data-Recover-IG1", "description": "Data recovery-Establish and maintain an isolated instance of recovery data", "importance": 0, "uuid": "1856b595-3895-4dff-9ceb-558abec393f2" }, { "code": "11.5-Data-Recover-IG2", "description": "Data recovery-Test data recovery", "importance": 0, "uuid": "d54a8077-661a-4aaa-b90e-f61e23764513" }, { "code": "12.1-Network-Protect-IG1", "description": "Network infrastructure management-Ensure network infrastructure is up-to-date", "importance": 0, "uuid": "6f3c9210-54be-4aef-a326-c46389d34e5a" }, { "code": "12.2-Network-Protect-IG2", "description": "Network infrastructure management-Establish and maintain a secure network architecture", "importance": 0, "uuid": "3b941a78-f75b-4b7d-9565-c3840af19471" }, { "code": "12.3-Network-Protect-IG2", "description": "Network infrastructure management-Securely manage network infrastructure", "importance": 0, "uuid": "b3a03b9b-5f74-4a5b-9043-8662221dcde5" }, { "code": "12.4-Network-Identify-IG2", "description": "Network infrastructure management-Establish and maintain architecture diagram(s)", "importance": 0, "uuid": "d6bb7326-163d-4c9d-a94c-f910a345cc55" }, { "code": "12.5-Network-Protect-IG2", "description": "Network infrastructure management-Centralize network authentication; authorization; and auditing (AAA)", "importance": 0, "uuid": "bb69f5e6-5745-4a70-b863-248ba2a6fae2" }, { "code": "12.6-Network-Protect-IG2", "description": "Network infrastructure management-Use of secure network management and communication protocols", "importance": 0, "uuid": "ad65c163-116b-4ff9-afc1-d2986362958c" }, { "code": "12.7-Devices-Protect-IG2", "description": "Network infrastructure management-Ensure remote devices utilize a vpn and are connecting to an enterprises aaa infrastructure", "importance": 0, "uuid": "10779a71-e1a5-40bc-8035-65c1e879b3fb" }, { "code": "12.8-Devices-Protect-IG3", "description": "Network infrastructure management-Establish and maintain dedicated computing resources for all administrative work", "importance": 0, "uuid": "6b2e129e-7212-418f-b73e-98ece0f5495a" }, { "code": "13.1-Network-Detect-IG2", "description": "Network monitoring and defense-Centralize security event alerting", "importance": 0, "uuid": "67f9d216-3a19-41fe-9867-3ad72e46a8e4" }, { "code": "13.1-Network-Protect-IG2", "description": "Network monitoring and defense-Perform application layer filtering", "importance": 0, "uuid": "7ceb6e84-5b91-4768-bac2-f5f378b17d39" }, { "code": "13.11-Network-Detect-IG3", "description": "Network monitoring and defense-Tune security event alerting thresholds", "importance": 0, "uuid": "c36588b7-3795-4d29-aeb1-cad9779e071e" }, { "code": "13.2-Devices-Detect-IG2", "description": "Network monitoring and defense-Deploy a host-based intrusion detection solution", "importance": 0, "uuid": "8b0e9aa6-563d-4932-b84e-42f7f5fa4b66" }, { "code": "13.3-Network-Detect-IG2", "description": "Network monitoring and defense-Deploy a network intrusion detection solution", "importance": 0, "uuid": "8ad4ac5f-27d8-4088-8fdf-428dbca182ef" }, { "code": "13.4-Network-Protect-IG2", "description": "Network monitoring and defense-Perform traffic filtering between network segments", "importance": 0, "uuid": "926bbf48-ac93-47b4-9c88-e18f3d2e0dd5" }, { "code": "13.5-Devices-Protect-IG2", "description": "Network monitoring and defense-Manage access control for remote assets", "importance": 0, "uuid": "077f28d8-ad9f-429d-96dc-31f91b7daf3c" }, { "code": "13.6-Network-Detect-IG2", "description": "Network monitoring and defense-Collect network traffic flow logs ", "importance": 0, "uuid": "db99bd9e-2b52-4513-9385-7ccb7fec8325" }, { "code": "13.7-Devices-Protect-IG3", "description": "Network monitoring and defense-Deploy a host-based intrusion prevention solution", "importance": 0, "uuid": "8fc8c868-4a72-4a49-af62-01b0b7931475" }, { "code": "13.8-Network-Protect-IG3", "description": "Network monitoring and defense-Deploy a network intrusion prevention solution", "importance": 0, "uuid": "ed739bd6-2fce-416c-a24a-9a85d0a205d0" }, { "code": "13.9-Devices-Protect-IG3", "description": "Network monitoring and defense-Deploy port-level access control", "importance": 0, "uuid": "d97e7de7-32d7-45bd-a149-c60c68b205a1" }, { "code": "14.1-N/A-Protect", "description": "Security awareness and skills training-Establish and maintain a security awareness program", "importance": 0, "uuid": "242c4eef-df6b-4111-b443-c748405d7612" }, { "code": "14.2-N/A-Protect", "description": "Security awareness and skills training-Train workforce members to recognize social engineering attacks", "importance": 0, "uuid": "f9f5f9e1-2909-467a-995f-6aa98e5d5c64" }, { "code": "14.3-N/A-Protect", "description": "Security awareness and skills training-Train workforce members on authentication best practices", "importance": 0, "uuid": "7c0e7f6a-7e63-4837-b1af-64fc4a33094e" }, { "code": "14.4-N/A-Protect", "description": "Security awareness and skills training-Train workforce on data handling best practices", "importance": 0, "uuid": "4d0e4320-e854-4787-ac37-d9781582481b" }, { "code": "14.5-N/A-Protect", "description": "Security awareness and skills training-Train workforce members on causes of unintentional data exposure", "importance": 0, "uuid": "f6d1f4bf-74ff-4075-ba11-e143a0606193" }, { "code": "14.6-N/A-Protect", "description": "Security awareness and skills training-Train workforce members on recognizing and reporting security incidents", "importance": 0, "uuid": "41304900-8386-4462-b6e5-ab24aed576fd" }, { "code": "14.7-N/A-Protect", "description": "Security awareness and skills training-Train workforce on how to identify and report if their enterprise assets are missing security updates", "importance": 0, "uuid": "6a408e9a-eddf-4500-a06c-77fd5e40ceac" }, { "code": "14.8-N/A-Protect", "description": "Security awareness and skills training-Train workforce on the dangers of connecting to and transmitting enterprise data over insecure networks", "importance": 0, "uuid": "675cfd37-7f0e-428d-9897-17e599b359e2" }, { "code": "14.9-N/A-Protect", "description": "Security awareness and skills training-Conduct role-specific security awareness and skills training", "importance": 0, "uuid": "635b5ea6-fac3-4ce0-a2a5-c52d45e45567" }, { "code": "15.1-N/A-Identify", "description": "Service provider management-Establish and maintain an inventory of service providers", "importance": 0, "uuid": "9a93ac72-5e01-40c8-aa59-15ce818dfc9e" }, { "code": "15.2-N/A-Identify", "description": "Service provider management-Establish and maintain a service provider management policy", "importance": 0, "uuid": "3cc0492c-aef0-43e8-a204-518c85e16bfb" }, { "code": "15.3-N/A-Identify", "description": "Service provider management-Classify service providers", "importance": 0, "uuid": "4679c841-a248-4acd-9546-4c0b296667b3" }, { "code": "15.4-N/A-Protect", "description": "Service provider management-Ensure service provider contracts include security requirements", "importance": 0, "uuid": "c5899967-df04-4c30-88f2-9a5063fa9fc0" }, { "code": "15.5-N/A-Identify", "description": "Service provider management-Assess service providers", "importance": 0, "uuid": "306e2298-b1b3-403f-8bb0-0ace52e2ada2" }, { "code": "15.6-Data-Detect-IG3", "description": "Service provider management-Monitor service providers", "importance": 0, "uuid": "2401973b-c535-4e04-b7b6-2e5411b41a84" }, { "code": "15.7-Data-Protect-IG3", "description": "Service provider management-Securely decommission service providers", "importance": 0, "uuid": "d11c9f97-a848-4c18-9153-e0ca31f2dd3c" }, { "code": "16.1-Applications-Protect-IG2", "description": "Application software security-Establish and maintain a secure application developmentprocess", "importance": 0, "uuid": "db784c45-c0b9-43bd-8643-e43fdbb4c437" }, { "code": "16.10-Applications-Protect-IG2", "description": "Application software security-Apply secure design principles in application architectures", "importance": 0, "uuid": "d93d03cd-205d-4ac6-b1a1-ccd278a8061d" }, { "code": "16.11-Applications-Protect-IG2", "description": "Application software security-Leverage vetted modules or services for application security components", "importance": 0, "uuid": "811f7d98-b355-48bf-bb99-d760dfbdcfc6" }, { "code": "16.12-Applications-Protect-IG3", "description": "Application software security-Implement code-level security checks", "importance": 0, "uuid": "17376129-173e-4ca8-8f7c-033b70fb2001" }, { "code": "16.13-Applications-Protect-IG3", "description": "Application software security-Conduct application penetration testing", "importance": 0, "uuid": "53c61b03-34bf-41b7-9739-7be444b7467f" }, { "code": "16.14-Applications-Protect-IG3", "description": "Application software security-Conduct threat modeling", "importance": 0, "uuid": "113cd8a0-199c-4af4-9fb9-9d039513d08f" }, { "code": "16.2-Applications-Protect-IG2", "description": "Application software security-Establish and maintain a process to accept and address software vulnerabilities", "importance": 0, "uuid": "074c5418-aae7-41df-854e-909ccb91d469" }, { "code": "16.3-Applications-Protect-IG2", "description": "Application software security-Perform root cause analysis on security vulnerabilities", "importance": 0, "uuid": "59ef8b71-f972-47dc-be03-0f8b25dfbe80" }, { "code": "16.4-Applications-Protect-IG2", "description": "Application software security-Establish and manage an inventory of third-party software components", "importance": 0, "uuid": "10df85b2-f5e4-48ec-8ff6-ea9e33bd7a3d" }, { "code": "16.5-Applications-Protect-IG2", "description": "Application software security-Use up-to-date and trusted third-party software components", "importance": 0, "uuid": "5cb4fd72-aefd-4d91-a551-85ab75b0fa95" }, { "code": "16.6-Applications-Protect-IG2", "description": "Application software security-Establish and maintain a severity rating system and process for application vulnerabilities", "importance": 0, "uuid": "40780741-bf90-49d0-8cae-8b79b9c67688" }, { "code": "16.7-Applications-Protect-IG2", "description": "Application software security-Use standard hardening configuration templates for application infrastructure", "importance": 0, "uuid": "08765a85-badb-4064-afd2-0a5f44191c09" }, { "code": "16.8-Applications-Protect-IG2", "description": "Application software security-Separate production and non-production systems", "importance": 0, "uuid": "93648fa0-22f5-48db-902b-ea183636ee60" }, { "code": "16.9-Applications-Protect-IG2", "description": "Application software security-Train developers in application security concepts and secure coding", "importance": 0, "uuid": "cf064702-2b50-4584-ad85-b0906fc2cd41" }, { "code": "17.1-N/A-Respond", "description": "Incident response management-Designate personnel to manage incident handling", "importance": 0, "uuid": "21ef0712-1c11-41ee-8779-1df154ba60c0" }, { "code": "17.2-N/A-Respond", "description": "Incident response management-Establish and maintain contact information for reporting security incidents", "importance": 0, "uuid": "63e7f08e-97f8-4158-bda4-236b90c1e3bc" }, { "code": "17.3-N/A-Respond", "description": "Incident response management-Establish and maintain an enterprise process for reporting incidents", "importance": 0, "uuid": "803cce36-fdf0-40c6-b307-f599d1d2dd7b" }, { "code": "17.4-N/A-Respond", "description": "Incident response management-Establish and maintain an incident response process", "importance": 0, "uuid": "28a2bd0e-963a-4136-a2ca-97aaeb464730" }, { "code": "17.5-N/A-Respond", "description": "Incident response management-Assign key roles and responsibilities", "importance": 0, "uuid": "5ffc1ef8-c708-437d-92ed-47a4c009c707" }, { "code": "17.6-N/A-Respond", "description": "Incident response management-Define mechanisms for communicating during incident response", "importance": 0, "uuid": "705f68b7-b2e7-4fc1-8fc2-6f5ca2c907fb" }, { "code": "17.7-N/A-Recover", "description": "Incident response management-Conduct routine incident response exercises", "importance": 0, "uuid": "c4cd4c54-ef9b-4772-b38a-637beb606327" }, { "code": "17.8-N/A-Recover", "description": "Incident response management-Conduct post-incident reviews", "importance": 0, "uuid": "eb3a14e8-43c9-4a37-af9d-210413259eb3" }, { "code": "17.9-N/A-Recover", "description": "Incident response management-Establish and maintain security incident thresholds", "importance": 0, "uuid": "e3484c4b-6fdf-48a8-ba77-91f4f2385daa" }, { "code": "18.1-N/A-Identify", "description": "Penetration testing-Establish and maintain a penetration testing program", "importance": 0, "uuid": "52057c66-fefe-40b9-a176-3eec10c0ab06" }, { "code": "18.2-Network-Identify-IG2", "description": "Penetration testing-Perform periodic external penetration tests", "importance": 0, "uuid": "d39d0f22-cdbb-4577-9285-1de2a6f7036b" }, { "code": "18.3-Network-Protect-IG2-IG1", "description": "Penetration testing-Remediate penetration test findings", "importance": 0, "uuid": "c0d370ca-5c25-4c22-becc-79516a026298" }, { "code": "18.4-Network-Protect-IG3-IG2", "description": "Penetration testing-Validate security measures", "importance": 0, "uuid": "3eee979d-2e78-4b4f-aaa1-701a1eb81bd3" }, { "code": "18.5-N/A-Identify", "description": "Penetration testing-Perform periodic internal penetration tests", "importance": 0, "uuid": "8bf03dd7-9b05-4d90-9e78-b8745eb163fa" }, { "code": "2.1-Applications-Identify-IG1", "description": "Inventory and control of software assets-Establish and maintain a software inventory", "importance": 0, "uuid": "cb300188-2a2a-47aa-a5d1-89292844d692" }, { "code": "2.2-Applications-Identify-IG1", "description": "Inventory and control of software assets-Ensure authorized software is currently supported ", "importance": 0, "uuid": "5b7c6e6c-a603-4c92-9721-a8a24177cbaa" }, { "code": "2.3-Applications-Respond-IG1", "description": "Inventory and control of software assets-Address unauthorized software", "importance": 0, "uuid": "93befead-5a8f-4df7-91a2-b23e3f922f48" }, { "code": "2.4-Applications-Detect-IG2", "description": "Inventory and control of software assets-Utilize automated software inventory tools", "importance": 0, "uuid": "155fea9b-0ca0-4c3a-9414-91928f7af662" }, { "code": "2.5-Applications-Protect-IG2", "description": "Inventory and control of software assets-Allowlist authorized software", "importance": 0, "uuid": "b6772c6b-9654-4467-a149-696f82947075" }, { "code": "2.6-Applications-Protect-IG2", "description": "Inventory and control of software assets-Allowlist authorized libraries", "importance": 0, "uuid": "4a7cc9ba-ae68-41c7-8a96-f4ebbe452acf" }, { "code": "2.7-Applications-Protect-IG3", "description": "Inventory and control of software assets-Allowlist authorized scripts", "importance": 0, "uuid": "26e285a6-3197-413d-9599-fd466286b958" }, { "code": "3.1-Data-Identify-IG1", "description": "Data protection-Establish and maintain a data management process", "importance": 0, "uuid": "514fbadc-c751-4852-9fd6-8351b6054f8d" }, { "code": "3.1-Data-Protect-IG1", "description": "Data protection-Encrypt sensitive data in transit", "importance": 0, "uuid": "a243b1de-67d6-463a-9fa8-c424beda6250" }, { "code": "3.11-Data-Protect-IG2", "description": "Data protection-Encrypt sensitive data at rest", "importance": 0, "uuid": "da4089a1-4a1e-46c2-aeef-8f502b37ade2" }, { "code": "3.12-Network-Protect-IG2", "description": "Data protection-Segment data processing and storage based on sensitivity", "importance": 0, "uuid": "7c72e13e-e088-4e44-9910-c86c3de60d10" }, { "code": "3.13-Data-Protect-IG3", "description": "Data protection-Deploy a data loss prevention solution", "importance": 0, "uuid": "0496fa97-cdcb-4199-bec9-973feb9fe8d2" }, { "code": "3.14-Data-Detect-IG3", "description": "Data protection-Log sensitive data access", "importance": 0, "uuid": "ccf1033b-824a-438d-b12b-a25e3c7d6684" }, { "code": "3.2-Data-Identify-IG1", "description": "Data protection-Establish and maintain a data inventory", "importance": 0, "uuid": "e6452c3e-4246-480d-aa6a-7215203710ad" }, { "code": "3.3-Data-Protect-IG1", "description": "Data protection-Configure data access control lists", "importance": 0, "uuid": "1294ffcd-b674-4643-9991-4e7320390122" }, { "code": "3.4-Data-Protect-IG1", "description": "Data protection-Enforce data retention", "importance": 0, "uuid": "a70a5a30-b5e5-4ea6-acbe-834746a0fed1" }, { "code": "3.5-Data-Protect-IG1", "description": "Data protection-Securely dispose of data", "importance": 0, "uuid": "59984672-7139-45c4-997f-e66feab835a9" }, { "code": "3.6-Devices-Protect-IG1", "description": "Data protection-Encrypt data on end-user devices", "importance": 0, "uuid": "f77bf54d-1cda-4dda-aa3f-cb6629029d8c" }, { "code": "3.7-Data-Identify-IG2", "description": "Data protection-Establish and maintain a data classification scheme", "importance": 0, "uuid": "99eb13c7-2d8d-4d53-8e19-871214d91f39" }, { "code": "3.8-Data-Identify-IG2", "description": "Data protection-Document data flows", "importance": 0, "uuid": "24dc11d3-998b-47ca-b7f4-40310afa3c03" }, { "code": "3.9-Data-Protect-IG2", "description": "Data protection-Encrypt data on removable media", "importance": 0, "uuid": "d796c0d3-8205-4732-a3d1-d7832c8a89d5" }, { "code": "4.1-Applications-Protect-IG1", "description": "Secure configuration of enterprise assets and software-Establish and maintain a secure configuration process", "importance": 0, "uuid": "eeb97c09-6a2c-412c-87b1-b39df7fa3630" }, { "code": "4.1-Devices-Respond-IG1", "description": "Secure configuration of enterprise assets and software-Enforce automatic device lockout on portable end-user devices", "importance": 0, "uuid": "a8f19c86-2de7-4f2a-b444-7a35fedbc9d6" }, { "code": "4.11-Devices-Protect-IG2", "description": "Secure configuration of enterprise assets and software-Enforce remote wipe capability on portable end-user devices", "importance": 0, "uuid": "943a0a0e-82e4-4f32-af2c-4bdded48773f" }, { "code": "4.12-Devices-Protect-IG3", "description": "Secure configuration of enterprise assets and software-Separate enterprise workspaces on mobile end-user devices", "importance": 0, "uuid": "bde651cc-d6ef-4e2b-ab5e-4aed6699b2e6" }, { "code": "4.2-Network-Protect-IG1", "description": "Secure configuration of enterprise assets and software-Establish and maintain a secure configuration process for network infrastructure", "importance": 0, "uuid": "b9766b93-09d4-4b1b-b848-9c03aaeed19b" }, { "code": "4.3-Users-Protect-IG1", "description": "Secure configuration of enterprise assets and software-Configure automatic session locking on enterprise assets", "importance": 0, "uuid": "7c0f8833-55f5-44a8-b244-b3beb4b28e4d" }, { "code": "4.4-Devices-Protect-IG1", "description": "Secure configuration of enterprise assets and software-Implement and manage a firewall on servers", "importance": 0, "uuid": "28c3e828-507b-4b48-b9a5-98cf200725b0" }, { "code": "4.5-Devices-Protect-IG1", "description": "Secure configuration of enterprise assets and software-Implement and manage a firewall on end-user devices", "importance": 0, "uuid": "5b35e2e9-d622-43e2-90d5-9378af88feaa" }, { "code": "4.6-Network-Protect-IG1", "description": "Secure configuration of enterprise assets and software-Securely manage enterprise assets and software", "importance": 0, "uuid": "f33e930d-5109-4554-88ce-ea57c3328884" }, { "code": "4.7-Users-Protect-IG1", "description": "Secure configuration of enterprise assets and software-Manage default accounts on enterprise assets and software", "importance": 0, "uuid": "b964543d-bf6e-49c6-87c9-4d585bcb8b16" }, { "code": "4.8-Devices-Protect-IG2", "description": "Secure configuration of enterprise assets and software-Uninstall or disable unnecessary services on enterprise assets and software", "importance": 0, "uuid": "de1d62d8-b9da-48b7-acd9-317999d9a242" }, { "code": "4.9-Devices-Protect-IG2", "description": "Secure configuration of enterprise assets and software-Configure trusted DNS servers on enterprise assets", "importance": 0, "uuid": "a6d7262a-2da6-4228-8032-50ea496ca8d3" }, { "code": "5.1-Users-Identify-IG1", "description": "Account management-Establish and maintain an inventory of accounts", "importance": 0, "uuid": "79c1bac9-8681-497d-ae56-b5d7320fcc4e" }, { "code": "5.2-Users-Protect-IG1", "description": "Account management-Use unique passwords", "importance": 0, "uuid": "198f625b-65ba-4355-9d12-ca6b4ce63e58" }, { "code": "5.3-Users-Respond-IG1", "description": "Account management-Disable dormant accounts", "importance": 0, "uuid": "9f5b502d-96c2-4568-a7e2-9d24eeb54ea7" }, { "code": "5.4-Users-Protect-IG1", "description": "Account management-Restrict administrator privileges to dedicated administrator accounts", "importance": 0, "uuid": "efd5342b-ddff-42b0-b5d9-302ece0948c4" }, { "code": "5.5-Users-Identify-IG2", "description": "Account management-Establish and maintain an inventory of service accounts", "importance": 0, "uuid": "127d4313-783f-4c3c-ba54-565d8b843dd0" }, { "code": "5.6-Users-Protect-IG2", "description": "Account management-Centralize account management", "importance": 0, "uuid": "9a7f9aac-6cc2-4e4e-8470-9d56e8c38cc2" }, { "code": "6.1-Users-Protect-IG1", "description": "Access control management-Establish an access granting process", "importance": 0, "uuid": "a45dddcc-87b5-4b3e-8bfb-5e84b556fb45" }, { "code": "6.2-Users-Protect-IG1", "description": "Access control management-Establish an access revoking process", "importance": 0, "uuid": "e0100354-04eb-4e4c-91b3-180d5ac0914d" }, { "code": "6.3-Users-Protect-IG1", "description": "Access control management-Require MFA for externally-exposed applications", "importance": 0, "uuid": "5df20f59-7c9a-4f73-b93d-06a8d9a6e305" }, { "code": "6.4-Users-Protect-IG1", "description": "Access control management-Require MFA for remote network access", "importance": 0, "uuid": "3952da07-2c10-4bfb-922a-4bf7a3efd8a5" }, { "code": "6.5-Users-Protect-IG1", "description": "Access control management-Require MFA for administrative access", "importance": 0, "uuid": "feb19850-2fdf-4e3b-b585-1306ec5a6e3e" }, { "code": "6.6-Users-Identify-IG2", "description": "Access control management-Establish and maintain an inventory of authentication and authorization systems", "importance": 0, "uuid": "3fcea4a8-7455-4108-9519-d96201946178" }, { "code": "6.7-Users-Protect-IG2", "description": "Access control management-Centralize access control", "importance": 0, "uuid": "5d4e75d0-b4a9-407e-97fd-531679846792" }, { "code": "6.8-Data-Protect-IG3", "description": "Access control management-Define and maintain role-based access control (RBAC)", "importance": 0, "uuid": "bb855630-0b87-4f53-a47a-3ca2dab1b031" }, { "code": "7.1-Applications-Protect-IG1", "description": "Continuous vulnerability management-Establish and maintain a vulnerability management process", "importance": 0, "uuid": "7aa13de2-dc5f-439b-978c-b5560f996618" }, { "code": "7.2-Applications-Respond-IG1", "description": "Continuous vulnerability management-Establish and maintain a remediation process", "importance": 0, "uuid": "e7ebffb5-60c8-424a-bee1-a3381548fee4" }, { "code": "7.3-Applications-Protect-IG1", "description": "Continuous vulnerability management-Perform automated operating system patch management", "importance": 0, "uuid": "696a813c-bcfd-4232-a5e7-203f15abd40e" }, { "code": "7.4-Applications-Protect-IG1", "description": "Continuous vulnerability management-Perform automated application patch management", "importance": 0, "uuid": "dae71e2c-d17e-43fb-8c0a-08833ffd4c4c" }, { "code": "7.5-Applications-Identify-IG2", "description": "Continuous vulnerability management-Perform automated vulnerability scans of internal enterprise assets", "importance": 0, "uuid": "4bd271b1-7cb9-487c-aa33-9e9a58333539" }, { "code": "7.6-Applications-Identify-IG2", "description": "Continuous vulnerability management-Perform automated vulnerability scans of externally-exposed enterprise assets", "importance": 0, "uuid": "7cfd1b0c-94a2-4758-b560-22559d6ab0aa" }, { "code": "7.7-Applications-Respond-IG2", "description": "Continuous vulnerability management-Remediate detected vulnerabilities", "importance": 0, "uuid": "1b2a0f89-eff4-45f6-a4d2-1162b4f9833d" }, { "code": "8.1-Network-Protect-IG1", "description": "Audit log management-Establish and maintain an audit log management process", "importance": 0, "uuid": "6587f6b6-8117-4880-9a53-a33d1c45ddac" }, { "code": "8.10-Network-Protect-IG2", "description": "Audit log management-Retain audit logs", "importance": 0, "uuid": "d55223d6-9722-4f41-ae68-cd97baaa3efa" }, { "code": "8.11-Network-Detect-IG2", "description": "Audit log management-Conduct audit log reviews", "importance": 0, "uuid": "51fddb77-d00e-49d5-b6d5-8cc9aeaf28bf" }, { "code": "8.12-Data-Detect-IG3", "description": "Audit log management-Collect service provider logs", "importance": 0, "uuid": "388dda2b-99ed-469b-874f-fb34a8e3da75" }, { "code": "8.2-Network-Detect-IG1", "description": "Audit log management-Collect audit logs", "importance": 0, "uuid": "fc1e36ed-edfd-416d-9aa9-3ffe02870e8c" }, { "code": "8.3-Network-Protect-IG1", "description": "Audit log management-Ensure adequate audit log storage", "importance": 0, "uuid": "b787f52d-d2b2-468b-95dc-c3d45cb558be" }, { "code": "8.4-Network-Protect-IG2", "description": "Audit log management-Standardize time synchronization", "importance": 0, "uuid": "592c3e38-4701-4d48-ae0b-0860d60421e9" }, { "code": "8.5-Network-Detect-IG2", "description": "Audit log management-Collect detailed audit logs", "importance": 0, "uuid": "413b6bf4-baa3-460c-ba86-87d8cae5a7f8" }, { "code": "8.6-Network-Detect-IG2", "description": "Audit log management-Collect DNS query audit logs", "importance": 0, "uuid": "65b355d4-380a-48bb-8816-a6f8664efa5f" }, { "code": "8.7-Network-Detect-IG2", "description": "Audit log management-Collect URL request audit logs", "importance": 0, "uuid": "7872331d-07b1-4f5c-90e3-a6b859e24851" }, { "code": "8.8-Devices-Detect-IG2", "description": "Audit log management-Collect command-line audit logs", "importance": 0, "uuid": "43a1cc08-ce70-41a2-8dd9-7570084128b6" }, { "code": "8.9-Network-Detect-IG2", "description": "Audit log management-Centralize audit logs", "importance": 0, "uuid": "809ac4bb-bea5-49bb-9f52-9763acad34a3" }, { "code": "9.1-Applications-Protect-IG1", "description": "Email and web browser protections-Ensure use of only fully supported browsers and email clients", "importance": 0, "uuid": "3c4d4eaa-adb3-4837-b361-7b7537817172" }, { "code": "9.2-Network-Protect-IG1", "description": "Email and web browser protections-Use DNS filtering services", "importance": 0, "uuid": "934174ab-91fc-4792-bdf7-18c69f3e02fe" }, { "code": "9.3-Network-Protect-IG2", "description": "Email and web browser protections-Maintain and enforce network-based url filters", "importance": 0, "uuid": "ba8ae738-a5b1-4ceb-90ea-702a613a7721" }, { "code": "9.4-Applications-Protect-IG2", "description": "Email and web browser protections-Restrict unnecessary or unauthorized browser and email client extensions", "importance": 0, "uuid": "9e4dd002-04af-44ae-806f-ea57cdfde604" }, { "code": "9.5-Network-Protect-IG2", "description": "Email and web browser protections-Implement DMARC", "importance": 0, "uuid": "f58a964d-47a7-47bb-a8c8-95e97f2c874f" }, { "code": "9.6-Network-Protect-IG2", "description": "Email and web browser protections-Block unnecessary file types", "importance": 0, "uuid": "5296d4df-1df0-492d-b5fe-a93dfc255fb1" }, { "code": "9.7-Network-Protect-IG3", "description": "Email and web browser protections-Deploy and maintain email server anti-malware protections", "importance": 0, "uuid": "a236845e-734b-4632-8b21-4c1d2eb1eff1" } ], "version": 1 } 2021-07-07T16:37:16.945580+00:00 https://objects.monarc.lu/object/get/5208 2024-05-02T13:22:55.434033+00:00 Various contributors { "authors": [ "louds" ], "label": "ANSSI - Guide d'hygi\u00e8ne informatique", "language": "FR", "refs": [ "https://www.ssi.gouv.fr/guide/guide-dhygiene-informatique/" ], "uuid": "f40bb2bb-7d03-4f14-b020-413209c37e58", "values": [ { "code": "ANSSI - R1", "description": "Former les \u00e9quipes op\u00e9rationnelles \u00e0 la s\u00e9curit\u00e9 des syst\u00e8mes d\u2019information", "importance": 0, "uuid": "96943e84-0372-4686-bfb7-08d249c491df" }, { "code": "ANSSI - R2", "description": "Sensibiliser les utilisateurs aux bonnes pratiques \u00e9l\u00e9mentaires de s\u00e9curit\u00e9 informatique", "importance": 0, "uuid": "1943bea4-8f09-41a2-b10c-026576fcbfbf" }, { "code": "ANSSI - R2+", "description": "Sensibiliser les utilisateurs aux bonnes pratiques \u00e9l\u00e9mentaires de s\u00e9curit\u00e9 informatique (+ actions renforc\u00e9es)", "importance": 0, "uuid": "24b8af98-3a21-4267-92c9-a4edfb007f12" }, { "code": "ANSSI - R3", "description": "Ma\u00eetriser les risques de l\u2019infog\u00e9rance", "importance": 0, "uuid": "1918460a-64e4-493e-a36e-e65823c78b87" }, { "code": "ANSSI - R4", "description": "Identifier les informations et serveurs les plus sensibles et maintenir un sch\u00e9ma du r\u00e9seau", "importance": 0, "uuid": "0003e49c-f3f0-4d32-8772-b839175e853e" }, { "code": "ANSSI - R5", "description": "Disposer d\u2019un inventaire exhaustif des comptes privil\u00e9gi\u00e9s et le maintenir \u00e0 jour", "importance": 0, "uuid": "df6bc227-9f58-40f2-ba30-883b9b08e605" }, { "code": "ANSSI - R6", "description": "Organiser les proc\u00e9dures d\u2019arriv\u00e9e, de d\u00e9part et de changement de fonction des utilisateurs", "importance": 0, "uuid": "a1c92cd0-73bc-4814-ba73-567ecd1585e0" }, { "code": "ANSSI - R6+", "description": "Organiser les proc\u00e9dures d\u2019arriv\u00e9e, de d\u00e9part et de changement de fonction des utilisateurs (+ actions renforc\u00e9es)", "importance": 0, "uuid": "fec3126a-773a-456c-9a61-71bd6e14d84d" }, { "code": "ANSSI - R7", "description": "Autoriser la connexion au r\u00e9seau de l\u2019entit\u00e9 aux seuls \u00e9quipements ma\u00eetris\u00e9s", "importance": 0, "uuid": "0aac52be-2fd5-4957-b27f-b7bed92fa4e6" }, { "code": "ANSSI - R7+", "description": "Autoriser la connexion au r\u00e9seau de l\u2019entit\u00e9 aux seuls \u00e9quipements ma\u00eetris\u00e9s (+ actions renforc\u00e9es)", "importance": 0, "uuid": "1eb57e4e-47ef-4438-91db-184cf004fd04" }, { "code": "ANSSI - R8", "description": "Identifier nomm\u00e9ment chaque personne acc\u00e9dant au syst\u00e8me et distinguer les r\u00f4les utilisateur/administrateur", "importance": 0, "uuid": "4a6536f5-2e2e-4b32-b70b-40b7a5fe8f4a" }, { "code": "ANSSI - R8+", "description": "Identifier nomm\u00e9ment chaque personne acc\u00e9dant au syst\u00e8me et distinguer les r\u00f4les utilisateur/administrateur (+ actions renforc\u00e9es)", "importance": 0, "uuid": "4b1211cd-d373-486e-aba7-e6e4efb9ce8b" }, { "code": "ANSSI - R9", "description": "Attribuer les bons droits sur les ressources sensibles du syst\u00e8me d\u2019information", "importance": 0, "uuid": "3adaf92b-e39b-4430-94ae-e2a0ba5ce458" }, { "code": "ANSSI - R10", "description": "D\u00e9finir et v\u00e9rifier des r\u00e8gles de choix et de dimensionnement des mots de passe", "importance": 0, "uuid": "f6526760-6a38-44bf-9ab0-b40e6ba7e5de" }, { "code": "ANSSI - R11", "description": "Prot\u00e9ger les mots de passe stock\u00e9s sur les syst\u00e8mes", "importance": 0, "uuid": "089de0d4-0a85-4283-aebd-adbd0f08ade0" }, { "code": "ANSSI - R12", "description": "Changer les \u00e9l\u00e9ments d\u2019authentification par d\u00e9faut sur les \u00e9quipements et services", "importance": 0, "uuid": "b4c6914f-4ab0-4120-ac80-2cc654807d9d" }, { "code": "ANSSI - R12+", "description": "Changer les \u00e9l\u00e9ments d\u2019authentification par d\u00e9faut sur les \u00e9quipements et services (+ actions renforc\u00e9es)", "importance": 0, "uuid": "017ff9ef-e136-4d72-8ff4-85143c303fd2" }, { "code": "ANSSI - R13", "description": "Privil\u00e9gier lorsque c\u2019est possible une authentification forte", "importance": 0, "uuid": "ebe721bd-a98f-4da9-8984-19b9d9003bd2" }, { "code": "ANSSI - R13+", "description": "Privil\u00e9gier lorsque c\u2019est possible une authentification forte (+ actions renforc\u00e9es)", "importance": 0, "uuid": "6722c413-a3f4-4b83-9480-7d5e62c39420" }, { "code": "ANSSI - R14", "description": "Mettre en place un niveau de s\u00e9curit\u00e9 minimal sur l\u2019ensemble du parc informatique", "importance": 0, "uuid": "b3928530-1ed9-4843-9392-88de110884eb" }, { "code": "ANSSI - R14+", "description": "Mettre en place un niveau de s\u00e9curit\u00e9 minimal sur l\u2019ensemble du parc informatique (+ actions renforc\u00e9es)", "importance": 0, "uuid": "dc443f85-586f-4ff5-9bc6-754c0ffaa41f" }, { "code": "ANSSI - R15", "description": "Se prot\u00e9ger des menaces relatives \u00e0 l\u2019utilisation de supports amovibles", "importance": 0, "uuid": "73cdfde1-392a-4c72-9fa9-cd2e638ba199" }, { "code": "ANSSI - R15+", "description": "Se prot\u00e9ger des menaces relatives \u00e0 l\u2019utilisation de supports amovibles (+ actions renforc\u00e9es)", "importance": 0, "uuid": "7b161406-9904-44ae-b32c-69ebf4153c58" }, { "code": "ANSSI - R16", "description": "Utiliser un outil de gestion centralis\u00e9e afin d\u2019homog\u00e9n\u00e9iser les politiques de s\u00e9curit\u00e9", "importance": 0, "uuid": "ce0197ed-bb93-4101-9089-3422ae117d50" }, { "code": "ANSSI - R17", "description": "Activer et configurer le parefeu local des postes de travail", "importance": 0, "uuid": "2be22fb0-7683-4bda-b55d-4dad6243eae7" }, { "code": "ANSSI - R17+", "description": "Activer et configurer le parefeu local des postes de travail (+ actions renforc\u00e9es)", "importance": 0, "uuid": "6c4973e7-6284-4d60-b6a5-cc49e2db5495" }, { "code": "ANSSI - R18", "description": "Chiffrer les donn\u00e9es sensibles transmises par voie Internet", "importance": 0, "uuid": "ea6cf889-1259-411d-8384-4e6da8da4f56" }, { "code": "ANSSI - R19", "description": "Segmenter le r\u00e9seau et mettre en place un cloisonnement entre ces zones", "importance": 0, "uuid": "1f0cf6f9-31ab-4a4e-81ff-80ba5c054049" }, { "code": "ANSSI - R20", "description": "S\u2019assurer de la s\u00e9curit\u00e9 des r\u00e9seaux d\u2019acc\u00e8s Wi-Fi et de la s\u00e9paration des usages", "importance": 0, "uuid": "78093341-f859-42e2-b609-b79467f38703" }, { "code": "ANSSI - R21", "description": "Utiliser des protocoles r\u00e9seaux s\u00e9curis\u00e9s d\u00e8s qu\u2019ils existent", "importance": 0, "uuid": "53dbf0fe-aafa-4428-91ca-9f97c11ae586" }, { "code": "ANSSI - R22", "description": "Mettre en place une passerelle d\u2019acc\u00e8s s\u00e9curis\u00e9 \u00e0 Internet", "importance": 0, "uuid": "883ec8cc-e190-4629-afa7-240ee13aeaef" }, { "code": "ANSSI - R22+", "description": "Mettre en place une passerelle d\u2019acc\u00e8s s\u00e9curis\u00e9 \u00e0 Internet (+ actions renforc\u00e9es)", "importance": 0, "uuid": "ea71f94e-e457-4a3f-8bb8-0dff8031e533" }, { "code": "ANSSI - R23", "description": "Cloisonner les services visibles depuis Internet du reste du syst\u00e8me d\u2019information", "importance": 0, "uuid": "d57b895d-25e0-4d73-9b0c-52007e135c7b" }, { "code": "ANSSI - R24", "description": "Prot\u00e9ger sa messagerie professionnelle", "importance": 0, "uuid": "16992d5a-bf1c-41fa-8b8d-0bc1e3c67a06" }, { "code": "ANSSI - R24+", "description": "Prot\u00e9ger sa messagerie professionnelle (+ actions renforc\u00e9es)", "importance": 0, "uuid": "804e4d19-ae4e-4eca-9833-9261947e2fd2" }, { "code": "ANSSI - R25", "description": "S\u00e9curiser les interconnexions r\u00e9seau d\u00e9di\u00e9es avec les partenaires", "importance": 0, "uuid": "da86d087-ab62-4d0d-a0be-3fcaaa07f826" }, { "code": "ANSSI - R25+", "description": "S\u00e9curiser les interconnexions r\u00e9seau d\u00e9di\u00e9es avec les partenaires (+ actions renforc\u00e9es)", "importance": 0, "uuid": "618d4d0a-ea8f-4464-b985-a860e1b619ec" }, { "code": "ANSSI - R26", "description": "Contr\u00f4ler et prot\u00e9ger l\u2019acc\u00e8s aux salles serveurs et aux locaux techniques", "importance": 0, "uuid": "c4311193-8620-4b00-971a-1018b9af774f" }, { "code": "ANSSI - R27", "description": "Interdire l\u2019acc\u00e8s \u00e0 Internet depuis les postes ou serveurs utilis\u00e9s pour l\u2019administration du syst\u00e8me d\u2019information", "importance": 0, "uuid": "f3f2554b-8803-4264-8f31-1c7d5247ce7e" }, { "code": "ANSSI - R27+", "description": "Interdire l\u2019acc\u00e8s \u00e0 Internet depuis les postes ou serveurs utilis\u00e9s pour l\u2019administration du syst\u00e8me d\u2019information (+ actions renforc\u00e9es)", "importance": 0, "uuid": "fa051789-5399-4b83-af5f-aef1034cbaa5" }, { "code": "ANSSI - R28", "description": "Utiliser un r\u00e9seau d\u00e9di\u00e9 et cloisonn\u00e9 pour l\u2019administration du syst\u00e8me d\u2019information", "importance": 0, "uuid": "bdf5eadd-a7c7-4c08-a9a0-7ac0c8b61712" }, { "code": "ANSSI - R28+", "description": "Utiliser un r\u00e9seau d\u00e9di\u00e9 et cloisonn\u00e9 pour l\u2019administration du syst\u00e8me d\u2019information (+ actions renforc\u00e9es)", "importance": 0, "uuid": "e458228d-db44-4144-9e68-7eb2e3307a39" }, { "code": "ANSSI - R29", "description": "Limiter au strict besoin op\u00e9rationnel les droits d\u2019administration sur les postes de travail", "importance": 0, "uuid": "3920d219-8a9a-40f8-8405-ac3c36470776" }, { "code": "ANSSI - R30", "description": "Prendre des mesures de s\u00e9curisation physique des terminaux nomades", "importance": 0, "uuid": "fc18a86d-3f80-41dc-bbac-d9d42f191b37" }, { "code": "ANSSI - R30+", "description": "Prendre des mesures de s\u00e9curisation physique des terminaux nomades (+ actions renforc\u00e9es)", "importance": 0, "uuid": "639a0a49-111e-42f0-a656-c2d8f2c19631" }, { "code": "ANSSI - R31", "description": "Chiffrer les donn\u00e9es sensibles, en particulier sur le mat\u00e9riel potentiellement perdable", "importance": 0, "uuid": "585a4e59-fd13-4983-b879-5889bad060ae" }, { "code": "ANSSI - R32", "description": "S\u00e9curiser la connexion r\u00e9seau des postes utilis\u00e9s en situation de nomadisme", "importance": 0, "uuid": "e69d6c43-94a5-497e-ba2f-58b0f8d2a6f4" }, { "code": "ANSSI - R32+", "description": "S\u00e9curiser la connexion r\u00e9seau des postes utilis\u00e9s en situation de nomadisme (+ actions renforc\u00e9es)", "importance": 0, "uuid": "413aefe3-eff6-4efd-aef3-40b5b3805f6b" }, { "code": "ANSSI - R33", "description": "Adopter des politiques de s\u00e9curit\u00e9 d\u00e9di\u00e9es aux terminaux mobiles", "importance": 0, "uuid": "99f32c0a-e5df-4d94-82a6-ec3e133269ab" }, { "code": "ANSSI - R33+", "description": "Adopter des politiques de s\u00e9curit\u00e9 d\u00e9di\u00e9es aux terminaux mobiles (+ actions renforc\u00e9es)", "importance": 0, "uuid": "8e6641bf-3357-4d23-b2b8-ad787209ba74" }, { "code": "ANSSI - R34", "description": "D\u00e9finir une politique de mise \u00e0 jour des composants du syst\u00e8me d\u2019information", "importance": 0, "uuid": "06754dc6-b2ed-4ed1-a2d1-e3f323740283" }, { "code": "ANSSI - R35", "description": "Anticiper la fin de la maintenance des logiciels et syst\u00e8mes et limiter les adh\u00e9rences logicielles", "importance": 0, "uuid": "2e207439-15f3-468d-a97e-3efc5f25c435" }, { "code": "ANSSI - R36", "description": "Activer et configurer les journaux des composants les plus importants", "importance": 0, "uuid": "fe4f6fde-5389-4e25-98e5-3d64c5dfa19c" }, { "code": "ANSSI - R36+", "description": "Activer et configurer les journaux des composants les plus importants (+ actions renforc\u00e9es)", "importance": 0, "uuid": "f17fb362-56dd-47da-a623-407237f12367" }, { "code": "ANSSI - R37", "description": "D\u00e9finir et appliquer une politique de sauvegarde des composants critiques", "importance": 0, "uuid": "f7cae896-1bdc-442f-b9fc-26f709cbf835" }, { "code": "ANSSI - R37+", "description": "D\u00e9finir et appliquer une politique de sauvegarde des composants critiques (+ actions renforc\u00e9es)", "importance": 0, "uuid": "21646ab7-e7b1-45e4-9456-20eca8462e98" }, { "code": "ANSSI - R38+", "description": "Proc\u00e9der \u00e0 des contr\u00f4les et audits de s\u00e9curit\u00e9 r\u00e9guliers puis appliquer les actions correctives associ\u00e9es", "importance": 0, "uuid": "f44440b6-dc76-4620-bac6-c63d66a2adb9" }, { "code": "ANSSI - R39", "description": "D\u00e9signer un r\u00e9f\u00e9rent en s\u00e9curit\u00e9 des syst\u00e8mes d\u2019information et le faire conna\u00eetre aupr\u00e8s du personnel", "importance": 0, "uuid": "5ca4641e-2dfd-4af3-89e7-0dfe8f39bb1d" }, { "code": "ANSSI - R40", "description": "D\u00e9finir une proc\u00e9dure de gestion des incidents de s\u00e9curit\u00e9", "importance": 0, "uuid": "2da8f2d1-f4b2-44a1-bed5-15cf83600014" }, { "code": "ANSSI - R41+", "description": "Mener une analyse de risques formelle", "importance": 0, "uuid": "7d9853d0-d646-45d1-b59e-58309387bd81" }, { "code": "ANSSI - R42+", "description": "Privil\u00e9gier l\u2019usage de produits et de services qualifi\u00e9s par l\u2019ANSSI", "importance": 0, "uuid": "2f535344-d5fe-47f8-8a73-8463012ce7f5" } ], "version": 0 } 2021-07-08T14:13:43.195734+00:00 https://objects.monarc.lu/object/get/5209 2024-05-02T13:22:55.433352+00:00 Various contributors { "authors": [ "louds" ], "label": "ANSSI - Guideline for a healthy information system", "language": "EN", "refs": [ "https://www.ssi.gouv.fr/en/guide/40-essential-measures-for-a-healthy-network/" ], "uuid": "70ea1b7f-169d-481f-9d97-67e9a50f6719", "values": [ { "code": "ANSSI - R1", "description": "Train the operational teams in information system security", "importance": 0, "uuid": "223e6c30-b964-4998-81a6-9afa4072cb42" }, { "code": "ANSSI - R2", "description": "Raise users\u2019 awareness about basic information security", "importance": 0, "uuid": "a789bdb6-4865-452b-bd62-cc8ed2d13a1c" }, { "code": "ANSSI - R2+", "description": "Raise users\u2019 awareness about basic information security (+ strengthened actions)", "importance": 0, "uuid": "02064c50-de13-4ea9-9e17-319bc2ac7d94" }, { "code": "ANSSI - R3", "description": "Control outsourced services", "importance": 0, "uuid": "e75eb64f-7835-4204-a308-cf6dc9baf3f8" }, { "code": "ANSSI - R4", "description": "Identify the most sensitive information and servers and keep a network diagram", "importance": 0, "uuid": "888be2b9-dc80-4603-abc7-e8ae6f52fb9b" }, { "code": "ANSSI - R5", "description": "Have an exhaustive inventory of privileged accounts and keep it updated", "importance": 0, "uuid": "d8b48af9-7996-4b4f-9ae2-8636ff3ec9c2" }, { "code": "ANSSI - R6", "description": "Organise the procedures relating to users joining, departing and changing positions", "importance": 0, "uuid": "fe9286d8-9a6c-42f9-97f1-9d1093ceef50" }, { "code": "ANSSI - R6+", "description": "Organise the procedures relating to users joining, departing and changing positions (+ strengthened actions)", "importance": 0, "uuid": "07064ab4-9dc7-4175-9d15-4d2fef8b710b" }, { "code": "ANSSI - R7", "description": "Only allow controlled devices to connect to the network of the organization", "importance": 0, "uuid": "145aba5b-93c9-44b6-b9f5-f622f7b830e1" }, { "code": "ANSSI - R7+", "description": "Only allow controlled devices to connect to the network of the organization (+ strengthened actions)", "importance": 0, "uuid": "48f01622-0fed-4736-93ea-19f4876c95f1" }, { "code": "ANSSI - R8", "description": "Identify each individual accessing the system by name and distinguish the user/administrator roles", "importance": 0, "uuid": "e68eaaef-6693-4c5c-8f08-364e67e13571" }, { "code": "ANSSI - R8+", "description": "Identify each individual accessing the system by name and distinguish the user/administrator roles (+ strengthened actions)", "importance": 0, "uuid": "50c68221-dbd1-4632-9fcd-c5718753b8b7" }, { "code": "ANSSI - R9", "description": "Allocate the correct rights to the information system\u2019s sensitive resources", "importance": 0, "uuid": "c2f504b1-58b0-4d37-8d30-3a536ec7f310" }, { "code": "ANSSI - R10", "description": "Set and verify rules for the choice and size of passwords", "importance": 0, "uuid": "31d20164-2e71-4fc5-8b74-1b20cec62135" }, { "code": "ANSSI - R11", "description": "Protect passwords stored on systems", "importance": 0, "uuid": "afc1c8d0-029a-4ab2-a0c1-95b02d00afe9" }, { "code": "ANSSI - R12", "description": "Change the default authentication settings on devices and services", "importance": 0, "uuid": "8b177341-edfb-437c-bf9d-e80bac2564da" }, { "code": "ANSSI - R12+", "description": "Change the default authentication settings on devices and services (+ strengthened actions)", "importance": 0, "uuid": "263d0733-4ebb-4464-9971-2ada65b70bdb" }, { "code": "ANSSI - R13", "description": "Prefer a two-factor authentication when possible", "importance": 0, "uuid": "d549a5f3-06e3-4aaf-8f76-df672a8be633" }, { "code": "ANSSI - R13+", "description": "Prefer a two-factor authentication when possible (+ strengthened actions)", "importance": 0, "uuid": "929c00f4-5f9c-40e1-86cc-de901981aebf" }, { "code": "ANSSI - R14", "description": "Implement a minimum level of security across the whole IT stock", "importance": 0, "uuid": "c97f287f-73c7-4040-bf58-14cc203bb701" }, { "code": "ANSSI - R14+", "description": "Implement a minimum level of security across the whole IT stock (+ strengthened actions)", "importance": 0, "uuid": "04b41edb-fb77-4072-a76d-956a40716515" }, { "code": "ANSSI - R15", "description": "Protect against threats relating to the use of removable media", "importance": 0, "uuid": "8b12b208-e294-4ece-a42c-6f6a21f47c72" }, { "code": "ANSSI - R15+", "description": "Protect against threats relating to the use of removable media (+ strengthened actions)", "importance": 0, "uuid": "0ad578e6-a437-4633-b65a-1e7ee3e8be30" }, { "code": "ANSSI - R16", "description": "Use a centralised management tool to standardise security policies", "importance": 0, "uuid": "85e2d429-6c19-47d1-94d5-73d0ce70a7fe" }, { "code": "ANSSI - R17", "description": "Activate and configure the firewall on workstations", "importance": 0, "uuid": "699cad6f-85b5-44a4-bd2d-a2eee6acacac" }, { "code": "ANSSI - R17+", "description": "Activate and configure the firewall on workstations (+ strengthened actions)", "importance": 0, "uuid": "7df4ae40-45fd-4b03-82b4-d92e0c2069bc" }, { "code": "ANSSI - R18", "description": "Encrypt sensitive data sent through the Internet", "importance": 0, "uuid": "08b28355-6bc7-49d0-b34c-72c0a0aa690f" }, { "code": "ANSSI - R19", "description": "Segment the network and implement a partitioning between these areas", "importance": 0, "uuid": "c70a2f46-1907-41e5-9d66-c62bb290428f" }, { "code": "ANSSI - R20", "description": "Ensure the security of Wi-Fi access networks and that uses are separated", "importance": 0, "uuid": "fa99ac96-1418-4347-88f3-4c2061e0a37d" }, { "code": "ANSSI - R21", "description": "Use secure network protocols when they exist", "importance": 0, "uuid": "5569e6c1-88af-4b50-961d-8e6e90b9cc85" }, { "code": "ANSSI - R22", "description": "Implement a secure access gateway to the Internet", "importance": 0, "uuid": "9823ff67-8899-428c-94d3-06ce13735624" }, { "code": "ANSSI - R22+", "description": "Implement a secure access gateway to the Internet (+ strengthened actions)", "importance": 0, "uuid": "221b51f5-ffeb-4f8a-9d5c-6924cdb632b7" }, { "code": "ANSSI - R23", "description": "Segregate the services visible from the Internet from the rest of the information system", "importance": 0, "uuid": "c1a2a2c6-2823-40f5-a35c-94e3c3244c25" }, { "code": "ANSSI - R24", "description": "Protect your professional email", "importance": 0, "uuid": "87175056-58f9-4d0b-b072-fb07bafd4dc6" }, { "code": "ANSSI - R24+", "description": "Protect your professional email (+ strengthened actions)", "importance": 0, "uuid": "8b1a199d-fbdf-42e3-94e4-8edf0af3aee5" }, { "code": "ANSSI - R25", "description": "Secure the dedicated network interconnections with partners", "importance": 0, "uuid": "2d4fb180-e92c-4d6f-aff2-895a0f386171" }, { "code": "ANSSI - R25+", "description": "Secure the dedicated network interconnections with partners (+ strengthened actions)", "importance": 0, "uuid": "a6d5763d-ef7c-4303-942b-ad8359182c31" }, { "code": "ANSSI - R26", "description": "Control and protect access to the server rooms and technical areas", "importance": 0, "uuid": "d050bb64-1057-4d1f-88ab-d51ba74d25c9" }, { "code": "ANSSI - R27", "description": "Prohibit Internet access from devices or servers used by the information system administration", "importance": 0, "uuid": "da32da25-83d0-4b37-9e59-40e6938e4e47" }, { "code": "ANSSI - R27+", "description": "Prohibit Internet access from devices or servers used by the information system administration (+ strengthened actions)", "importance": 0, "uuid": "db888654-1102-4ad2-abcd-6bc40c0aa053" }, { "code": "ANSSI - R28", "description": "Use a dedicated and separated network for information system administration", "importance": 0, "uuid": "039f1371-3adf-4433-880e-6891e75b598e" }, { "code": "ANSSI - R28+", "description": "Use a dedicated and separated network for information system administration (+ strengthened actions)", "importance": 0, "uuid": "9452a67a-dd41-4ed7-b973-df197d722282" }, { "code": "ANSSI - R29", "description": "Reduce administration rights on workstations to strictly operational needs", "importance": 0, "uuid": "33da8384-f91a-40c2-81e8-3cae0da754ac" }, { "code": "ANSSI - R30", "description": "Take measures to physically secure mobile devices", "importance": 0, "uuid": "78f0174f-3036-44be-83ee-e9074092345b" }, { "code": "ANSSI - R30+", "description": "Take measures to physically secure mobile devices (+ strengthened actions)", "importance": 0, "uuid": "4a46bdc6-9c94-4552-a747-777cd35f3551" }, { "code": "ANSSI - R31", "description": "Encrypt sensitive data , in particular on hardware that can potentially be lost", "importance": 0, "uuid": "00ab5b42-edeb-4e5f-91a4-ee1f5ca544fc" }, { "code": "ANSSI - R32", "description": "Secure the network connection of devices used in a mobile working situation", "importance": 0, "uuid": "e34f7dea-07d0-4457-9ad8-35dc8b57d566" }, { "code": "ANSSI - R32+", "description": "Secure the network connection of devices used in a mobile working situation (+ strengthened actions)", "importance": 0, "uuid": "e7ac108a-4ff8-4ca7-8ec2-7674e871b16e" }, { "code": "ANSSI - R33", "description": "Adopt security policies dedicated to mobile devices", "importance": 0, "uuid": "c63fd77c-edb2-4ade-96d3-c89db095a69a" }, { "code": "ANSSI - R33+", "description": "Adopt security policies dedicated to mobile devices (+ strengthened actions)", "importance": 0, "uuid": "9b70ff0f-cf60-41bd-a405-51a68df25bec" }, { "code": "ANSSI - R34", "description": "Define an update policy for the components of the information system", "importance": 0, "uuid": "8cac85b0-7553-440f-a439-dd4d00d1d49c" }, { "code": "ANSSI - R35", "description": "Anticipate the software and system end of life/maintenance and limit software reliance", "importance": 0, "uuid": "8e1118bc-667b-4598-ace1-deed3945368c" }, { "code": "ANSSI - R36", "description": "Activate and configure the most important component logs", "importance": 0, "uuid": "c1d6de0a-0d7a-4632-a7a9-680b34d9218f" }, { "code": "ANSSI - R36+", "description": "Activate and configure the most important component logs (+ strengthened actions)", "importance": 0, "uuid": "946ebe15-6f21-4342-ac43-3f4ea6607a80" }, { "code": "ANSSI - R37", "description": "Define and apply a backup policy for critical components", "importance": 0, "uuid": "e759976b-9b83-4f81-a35b-c69da63edd06" }, { "code": "ANSSI - R37+", "description": "Define and apply a backup policy for critical components (+ strengthened actions)", "importance": 0, "uuid": "8c21d548-812f-4249-8c74-5bedb2f1a9cf" }, { "code": "ANSSI - R38+", "description": "Undertake regular controls and security audits then apply the associated corrective actions", "importance": 0, "uuid": "0a736d33-55ac-4711-b1e0-ce2ebe761e75" }, { "code": "ANSSI - R39", "description": "Designate a point of contact in information system security and make sure staff are aware of him or her", "importance": 0, "uuid": "140e1184-8547-4429-a881-9ff3f043d7e2" }, { "code": "ANSSI - R40", "description": "Define a security incident management procedure", "importance": 0, "uuid": "38d26ad0-2ccf-429f-b046-ddb03e533bb6" }, { "code": "ANSSI - R41+", "description": "Carry out a formal risk assessment", "importance": 0, "uuid": "d4498025-0240-4033-8a7f-e90c69134c8e" }, { "code": "ANSSI - R42+", "description": "Favour the use of products and services qualified by ANSSI", "importance": 0, "uuid": "a526b314-d2db-44f3-a9c8-7af2320e7d1a" } ], "version": 0 } 2021-07-09T06:49:39.752176+00:00 https://objects.monarc.lu/object/get/25 2024-05-02T13:22:55.432900+00:00 MONARC { "description": "MONARC Threats Taxonomy", "expanded": "MONARC Threats", "namespace": "monarc-threat", "predicates": [ { "expanded": "Compromise of functions", "value": "compromise-of-functions" }, { "expanded": "Unauthorised actions", "value": "unauthorised-actions" }, { "expanded": "Compromise of information", "value": "compromise-of-information" }, { "expanded": "Loss of essential services", "value": "loss-of-essential-services" }, { "expanded": "Technical failures", "value": "technical-failures" }, { "expanded": "Physical damage", "value": "physical-damage" } ], "refs": [ "https://monarc.lu" ], "values": [ { "entry": [ { "description": "A person commits an operating error, input error or utilisation error on hardware or software.", "expanded": "Error in use", "value": "error-in-use" }, { "description": "A person assumes the identity of a different person in order to use his/her access rights to the information system, misinform the recipient, commit a fraud, etc.", "expanded": "Forging of rights", "value": "forging-of-rights" }, { "description": "Someone connected to communication equipment or media or located inside the transmission coverage boundaries of a communication.", "expanded": "Eavesdropping", "value": "eavesdropping" }, { "description": "A person or entity denies being involved in an exchange with a third party or carrying out an operation.", "expanded": "Denial of actions", "value": "denial-of-actions" }, { "description": "Someone with special rights (network administration, computer specialists, etc.) modifies the operating characteristics of the resources.", "expanded": "Abuse of rights", "value": "abuse-of-rights" }, { "description": "Absence of qualified or authorised personnel to execute the usual operations.", "expanded": "Breach of personnel availability", "value": "breach-of-personnel-availability" } ], "predicate": "compromise-of-functions" }, { "entry": [ { "description": "Someone inside the organisation makes fraudulent copies (also called pirated copies) of package software or in-house software.", "expanded": "Fraudulent copying or use of counterfeit software", "value": "fraudulent-copying-or-use-of-counterfeit-software" }, { "description": "Someone gains access to the communication equipment of the information system and corrupts transmission of information (by intercepting, inserting, destroying, etc.) or repeatedly attempts access until successful.", "expanded": "Corruption of data", "value": "corruption-of-data" }, { "description": "A person carries out information processing that is forbidden by the law or a regulation.", "expanded": "Illegal processing of data", "value": "illegal-processing-of-data" } ], "predicate": "unauthorised-actions" }, { "entry": [ { "description": "Personnel actions observable from a distance. Visual observation with or without optical equipment, for example observation of a user entering a code or password on a keyboard.", "expanded": "Remote spying", "value": "remote-spying" }, { "description": "Someone with access to a communication medium or equipment installs an interception or destruction device in it.", "expanded": "Tampering with hardware", "value": "tampering-with-hardware" }, { "description": "Interfering signals from an electromagnetic source emitted by the equipment (by conduction on the electrical power supply cables or earth wires or by radiation in free space). Capture of these signals depends on the distance to the targeted equipment or the possibility of connecting to cables or any other conductor passing close to the equipment (coupling phenomenon).", "expanded": "Interception of compromising interference signals", "value": "interception-of-compromising-interference-signals" }, { "description": "Media, documents or equipment can be accessed by foreigners either internally or externally. It can be damaged or stolen.", "expanded": "Theft or destruction of media, documents or equipment", "value": "theft-or-destruction-of-media-documents-or-equipment" }, { "description": "Retrieval of electronic media (hard discs, floppy discs, back-up cartridges, USB keys, ZIP discs, removable hard discs, etc.) or paper copies (lists, incomplete print-outs, messages, etc.) intended for recycling and containing retrievable information.", "expanded": "Retrieval of recycled or discarded media", "value": "retrieval-of-recycled-or-discarded media" }, { "description": "Unwanted software that is doing operations seeking to harm the company.", "expanded": "Malware infection", "value": "malware-infection" }, { "description": "Receiving false data or unsuitable equipment from outside sources and using them in the organisation.", "expanded": "Data from untrustworthy sources", "value": "data-from-untrustworthy-sources" }, { "description": "Person who voluntarily or negligently disclosure information.", "expanded": "Disclosure", "value": "disclosure" } ], "predicate": "compromise-of-information" }, { "entry": [ { "description": "Disturbance, shutdown or incorrect sizing of telecommunications services (telephone, Internet access, Internet network).", "expanded": "Failure of telecommunication equipment", "value": "failure-of-telecommunication-equipment" }, { "description": "Failure, shutdown or incorrect sizing of the power supply to the assets arising either from the supplier's service or from the internal distribution system.", "expanded": "Loss of power supply", "value": "loss-of-power-supply" }, { "description": "Failure, shutdown or inadequacy of the air-conditioning service may cause assets requiring cooling or ventilation to shut down, malfunction or fail completely.", "expanded": "Failure of air-conditioning", "value": "failure-of-air-conditioning" } ], "predicate": "loss-of-essential-services" }, { "entry": [ { "description": "Design error, installation error or operating error committed during modification causing incorrect execution.", "expanded": "Software malfunction", "value": "software-malfunction" }, { "description": "Logical or physical event causing hardware malfunctions or failures.", "expanded": "Equipment malfunction or failure", "value": "equipment-malfunction-or-failure" }, { "description": "A person or resource of a hardware, software or network type simulating an intense demand on resources by setting up continuous bombardment.", "expanded": "Saturation of the information system", "value": "saturation-of-the-information-system" }, { "description": "Lack of expertise in the system making retrofitting and upgrading impossible", "expanded": "Breach of information system maintainability", "value": "breach-of-information-system-maintainability" } ], "predicate": "technical-failures" }, { "entry": [ { "description": "Event causing destruction of equipment or media.", "expanded": "Destruction of equipment or supports", "value": "destruction-of-equipment-or-supports" }, { "description": "Any situation that could facilitate the conflagration of premises or equipment.", "expanded": "Fire", "value": "fire" }, { "description": "Situation facilitating the water hazard on equipment (floods, water leak, cellars, etc.)", "expanded": "Water damage", "value": "water-damage" }, { "description": "Any event that can physically destroy the premises", "expanded": "Major accident", "value": "major-accident" }, { "description": "Presence of dust, vapours, corrosive or toxic gases in the ambient air.", "expanded": "Pollution", "value": "pollution" }, { "description": "Any event that can physically ruin the premises", "expanded": "Environmental disaster (fire, flood, dust, dirt, etc.)", "value": "environmental-disaster" } ], "predicate": "physical-damage" } ], "version": 1 } 2021-09-03T09:39:40.034832+00:00 https://objects.monarc.lu/object/get/5226 2024-05-02T13:22:55.432396+00:00 ILNAS-OLAS { "authors": [ "L\u00e9on TREFF" ], "label": "ANSSI-LU - KPI et Recommandations", "language": "FR", "refs": [ "" ], "uuid": "e1fa5a46-c673-4286-b933-2cede3450d6b", "values": [ { "code": "KPI-A26 - Efficacit\u00e9 du cours de sensibilisation li\u00e9 \u00e0 la s\u00e9curit\u00e9 de l'information", "description": "Communiquer \u00e0 l'entit\u00e9 l'importance d'atteindre les objectifs en mati\u00e8re de s\u00e9curit\u00e9 de l'information - Mesur\u00e9 par des examens p\u00e9riodiques", "importance": 0, "uuid": "00faf1ff-9b20-4f24-b23f-cbb76f0678ef" }, { "code": "KPI-A32 - Nombre de comptes d'utilisateurs ayant acc\u00e8s au ressources d'information non-li\u00e9es au r\u00f4le", "description": "S'assurer que les syst\u00e8mes d'information sont prot\u00e9g\u00e9s par le principe du moindre privil\u00e8ge - Mesur\u00e9 par des \u00e9chantillonnages p\u00e9riodiques", "importance": 0, "uuid": "0370a596-e6bd-4862-a9d4-0b32838acb60" }, { "code": "RR-A08 - Impl\u00e9mentation d'un SDLC", "description": "Impl\u00e9mentation des bonnes pratiques de d\u00e9veloppement de logiciels (SDLC = Software Development Life CYcle)", "importance": 0, "uuid": "0d2c0158-b257-49ef-9bce-d57ae706d2e2" }, { "code": "KPI-A18 - Couverture des patches et latence", "description": "Identifier le nombre de jours pendant lesquels les syst\u00e8mes sont laiss\u00e9s vuln\u00e9rables et donc la possibilit\u00e9 d'exploiter les vuln\u00e9rabilit\u00e9s des syst\u00e8mes d'information", "importance": 0, "uuid": "0f8985e5-2d51-4479-8075-e6330be2e67f" }, { "code": "KPI-A02 - Nombre de visites accompagn\u00e9es des externes et fournisseurs, selon les besoins", "description": "S\u2019assurer que les externes et fournisseurs sont accompagn\u00e9s l\u00e0 o\u00f9 c'est n\u00e9cessaire - Mesur\u00e9 par des \u00e9chantillonnages p\u00e9riodiques", "importance": 0, "uuid": "119fd0de-c062-4ac4-ae89-aaf193a03c7f" }, { "code": "RR-A15 - Absence de protection d'informations secr\u00e8tes d'authentification", "description": "Impl\u00e9mentation de politques/proc\u00e9dures/outils pour garantir la protection d'informations secr\u00e8tes d'authentification", "importance": 0, "uuid": "15742beb-5f48-4ff0-95ff-247670b8fcde" }, { "code": "KPI-A09 - Revue des accords de service avec les tiers", "description": "S'assurer que les contrats de maintenance sont toujours \u00e0 jour - Revue annuelle ou en cas de changement du contrat", "importance": 0, "uuid": "1ac6f84e-cf77-4ef5-9011-9f51b34f3424" }, { "code": "KPI-A19 - Nombre de mat\u00e9riel non prot\u00e9g\u00e9 par un antivirus / Nombre total de mat\u00e9riel", "description": "S'assurer que le parc complet est bien prot\u00e9g\u00e9 par un anti-virus - Mesur\u00e9 en nombre de mat\u00e9riel non prot\u00e9g\u00e9 par un antivirus / Nombre total de mat\u00e9riel", "importance": 0, "uuid": "1fd3ae36-6c0f-4a0e-ad42-a7cd0ba7ce59" }, { "code": "KPI-A27 - Couverture des formations sur les mat\u00e9riels ou logiciels utilis\u00e9s", "description": "Contr\u00f4ler que les formations couvrent tous mat\u00e9riels et logiciels - Mesur\u00e9 periodiquement", "importance": 0, "uuid": "20c003e1-cf88-4191-a9da-60b4271b6b9c" }, { "code": "KPI-A15 - Revues r\u00e9guli\u00e8res des droits d'acc\u00e8s", "description": "S'assurer que seulement les personnes ayant les permissions correctes ont acc\u00e8s \u00e0 l'information \u00e0 laquelle elles ont droit - Mesur\u00e9 par des \u00e9chantillonnages p\u00e9riodiques", "importance": 0, "uuid": "25e779b8-1b3d-4974-9fc3-01f950ee6552" }, { "code": "KPI-A13 - Efficacit\u00e9 de la proc\u00e9dure du contr\u00f4le d'acc\u00e8s", "description": "S'assurer que les bons acc\u00e8s sont attribu\u00e9s et adapt\u00e9s dans les plus brefs d\u00e9lais en cas de changement de service/sortie - Mesur\u00e9 p\u00e9riodiquement contre la proc\u00e9dure du contr\u00f4le d'acc\u00e8s", "importance": 0, "uuid": "2841e1ee-fa14-4538-8eb4-3c1bfb97a294" }, { "code": "RR-A09 - Pentest des moyens de communications", "description": "Tester la possibilit\u00e9 d'\u00e9coute passive des moyens de communications", "importance": 0, "uuid": "2bac0fb6-3a26-42eb-80d8-f479475f2786" }, { "code": "RR-A01 Impl\u00e9mentation d'une classification des actifs", "description": "Impl\u00e9menter une classification des actifs - Utiliser documents ENR_8-1_Outil_Inventaire_Sources_Actifs et ENR_8-2_Outil_Classification_Inventaire_Actifs", "importance": 0, "uuid": "50843dd7-b54d-4e04-aa1d-4e626808cc7e" }, { "code": "KPI-A10 - Nombre de personnel strat\u00e9gique qui ont un suppl\u00e9ant", "description": "S'assurer que le personnel strat\u00e9gique a un (des) suppl\u00e9ant(s) pour assurer la continuit\u00e9 des services sous sa responsabilit\u00e9 - Mesur\u00e9 en ratio du personnel strat\u00e9gique avec et sans suppl\u00e9ant", "importance": 0, "uuid": "510c2894-3fbf-402f-9e3d-c0339fca8358" }, { "code": "RR-A05 - Effectuer Pentests", "description": "Effecteuer des tests d'intrusion dans les syst\u00e8mes pour \u00e9valuer les droits des utilisateurs et contournements", "importance": 0, "uuid": "57d2c798-b7e4-41d6-a27a-46a6073e7e22" }, { "code": "KPI-A01 - Nombre d\u2019\u00e9quipements disparus, d\u00e9truits ou vol\u00e9s", "description": "Par des externes - Mesur\u00e9 p\u00e9riodiquement", "importance": 0, "uuid": "5d93b3c0-5ca1-43de-8083-143df5c3ecd9" }, { "code": "RR-A02 - Impl\u00e9mentation d'une gestion de dimensionnement (Capacity Management)", "description": "Impl\u00e9mentation d'une gestion de dimensionnement (Capacity Management)", "importance": 0, "uuid": "5f39ba19-e231-4dac-a1bc-d4e7f5b8363e" }, { "code": "KPI-A06 - Efficacit\u00e9 de la charte de bonne conduite", "description": "S'assurer que la charte de bonne conduite est connue par le personnel - Mesur\u00e9 par le nombre de destinataires ayant re\u00e7u la charte de bonne conduite. Rappeler chaque ann\u00e9e la charte de bonne conduite aux agents.", "importance": 0, "uuid": "6f292235-53b5-4c1a-9083-319b97fc5e71" }, { "code": "KPI-A30 - Qualit\u00e9 de gestion du niveau de service", "description": "S'assurer de la qualit\u00e9 du service - Mesur\u00e9 en nombre de dysfonctionnements/pannes par an", "importance": 0, "uuid": "7329bc6f-8f87-47e1-8fa5-44fd6d34822e" }, { "code": "KPI-A24 - Nombre de mat\u00e9riel mobile entrant \u00e0/sortant de l'entit\u00e9", "description": "S'assurer que le mat\u00e9riel mobile entrant \u00e0/sortant de l'entit\u00e9 est connu et correct \u00e0 tout temps - Mesur\u00e9 par des \u00e9chantillonnages p\u00e9riodiques", "importance": 0, "uuid": "7a191a23-6b75-4ecb-be9a-cea4d4736d1e" }, { "code": "KPI-A23 - Nombre de mat\u00e9riel mobile chiffr\u00e9", "description": "S'assurer que le mat\u00e9riel mobile traitant de l'information sensible est chiffr\u00e9 - Mesur\u00e9 par des \u00e9chantillonnages p\u00e9riodiques", "importance": 0, "uuid": "7b5ed417-850a-45df-a9b4-fcee0f8ff71d" }, { "code": "KPI-A28 - Nombre d'erreurs d'utilisation en g\u00e9n\u00e9ral", "description": "Mesurer le nombre de tickets g\u00e9n\u00e9r\u00e9s \u00e0 cause d'erreurs d'utilisation li\u00e9es \u00e0 l'absence de documentation, r\u00e8gles ou proc\u00e9dures", "importance": 0, "uuid": "81c05eaf-fc19-4ec3-b5d2-6a6268490cb5" }, { "code": "KPI-A22 - Adh\u00e9rence aux SLA's par le fournisseur", "description": "S'assurer que les contrats sont bien suivis/adapt\u00e9s aux besoins de l'entit\u00e9 - Mesur\u00e9 en suivant toutes les interventions par un fournisseur", "importance": 0, "uuid": "84fd0d9b-24d1-4275-9545-a1e0c653a3aa" }, { "code": "KPI-A25 - Temps d'adaptation des permissions", "description": "S'assurer que les proc\u00e9dures d'embauche et de changement de service sont effectifs (permissions) - Mesur\u00e9 en temps \u00e9coul\u00e9 entre demande et impl\u00e9mentation", "importance": 0, "uuid": "8af4cf63-898b-4e6a-89a7-85370b9f7bef" }, { "code": "KPI-A04 - Nombre d\u2019\u00e9quipements disparus, d\u00e9truits ou vol\u00e9s", "description": "Par des internes - Mesur\u00e9 p\u00e9riodiquement", "importance": 0, "uuid": "8b973a45-11d7-424a-a502-b114fbd30558" }, { "code": "RR-A07 - Pentest d\u00e9veloppement", "description": "Effectuer des revues de code et des tests d'intrusion", "importance": 0, "uuid": "930b6b9a-d30f-43ff-8f6d-11c9cad6a0ea" }, { "code": "RR-A10 - Cloisonner les environnements de d\u00e9veloppement, de test et de production", "description": "Diminuer le risque d'erreurs (I) et de divulgation d'information (C)", "importance": 0, "uuid": "957e3193-5261-47ea-aad0-c61093e3b9fa" }, { "code": "KPI-A20 - Proc\u00e9dures li\u00e9es au traitement des syst\u00e8mes d'information", "description": "S'assurer du fonctionnement correct et s\u00e9curis\u00e9 des installations de traitement de l'information - Mesur\u00e9 entre le nombre de processus et le nombre de proc\u00e9dures", "importance": 0, "uuid": "99bc0901-baa8-485a-b722-08bb2540d2b1" }, { "code": "RR-A18 - Minimaliser la possibilit\u00e9 d'administrer le syst\u00e8me \u00e0 distance", "description": "Analyser les syst\u00e8mes ayant la possibilit\u00e9 d\u2019\u00eatre administr\u00e9s \u00e0 distance - Retirer cette possibilit\u00e9 ou, en cas de n\u00e9cessit\u00e9, produire, revoir et suivre de pr\u00e8s l'application des proc\u00e9dures", "importance": 0, "uuid": "a18ded3f-c4af-4c48-a8bc-e8b576da4344" }, { "code": "KPI-A12 - Taux de r\u00e9alisation des revues d'habilitations", "description": "S'assurer que les revues des acc\u00e8s se font comme planifi\u00e9es - Mesur\u00e9 en nombre de revues d\u2019habilitations r\u00e9alis\u00e9es/ Nombre de revues d\u2019habilitations planifi\u00e9es", "importance": 0, "uuid": "a341c0d0-6f80-4e41-b8fa-339b45850a6a" }, { "code": "RR-A06 - Impl\u00e9mentation d'une gestion de backups", "description": "Impl\u00e9menter des bonnes pratiques de stockage des sauvegardes", "importance": 0, "uuid": "a512ebca-5daf-4a4e-ac8f-d26d2cec04fd" }, { "code": "KPI-A29 - Suivi du progr\u00e8s de continuit\u00e9 (BCM)", "description": "Existence, tests et revue du plan de reprise", "importance": 0, "uuid": "ab7535d6-068b-4f9b-bce5-dc5b1fa2e072" }, { "code": "KPI-A21 - Efficacit\u00e9 de la proc\u00e9dure de mise au rebut", "description": "S'assurer que les syst\u00e8mes et supports d'information n'ont plus de donn\u00e9es r\u00e9siduelles pr\u00e9sentes - Mesur\u00e9 periodiquement", "importance": 0, "uuid": "afc62888-4f29-4215-b668-5cc1de8b9f02" }, { "code": "KPI-A08 - Ergonomie des logiciels d'acc\u00e8s", "description": "S'assurer de la facilit\u00e9 d'utilisation des logiciels d'acc\u00e8s - Mesur\u00e9 par le nombre de tickets g\u00e9n\u00e9r\u00e9s \u00e0 cause d'erreurs d'utilisation des logiciels d'acc\u00e8s", "importance": 0, "uuid": "b6028245-2dc3-431d-b710-722911e1d839" }, { "code": "RR-A14 - Adoption/Cr\u00e9ation d'une charte de bonne conduite", "description": "Instaurer une culture autour de la s\u00e9curit\u00e9 de l'information", "importance": 0, "uuid": "c1db8f23-d3e6-428f-a5df-67b7514af5d4" }, { "code": "KPI-A17 - Qualit\u00e9 de gestion du niveau de service", "description": "S'assurer de la qualit\u00e9 du niveau de service - Mesur\u00e9 en nombre de dysfonctionnements/pannes par an", "importance": 0, "uuid": "c4822528-8211-4959-ade2-ebb5458ff8fd" }, { "code": "RR-A17 - Effectuer une \u00e9tude de continuit\u00e9 (BCM)", "description": "Effectuer une \u00e9tude BCM (Business Continuity Management) pour analyser les \u00e9carts et besoins en continuit\u00e9 des services", "importance": 0, "uuid": "c631a084-db8e-4356-a4cd-de7ff06b0856" }, { "code": "KPI-A05 - Nombre de NDA\u2019s sign\u00e9s dans le d\u00e9lai pr\u00e9vu", "description": "S\u2019assurer que les externes et fournisseurs sont au courant des exigences de l\u2019entit\u00e9 - Mesur\u00e9 par des \u00e9chantillonnages p\u00e9riodiques", "importance": 0, "uuid": "ca954180-92b7-49fe-b66c-ca219c15bba8" }, { "code": "RR-A12 - Enlever les droits d'administrateur local", "description": "\u00c9viter que les utilisateurs peuvent installer des programmes eux-m\u00eames", "importance": 0, "uuid": "ccba1e3b-1058-4d67-aec6-d9ee0eea5b10" }, { "code": "KPI-A03 - Revue r\u00e9guli\u00e8re des acc\u00e8s physiques", "description": "S'assurer qu'il y a un suivi stricte des acc\u00e8s physiques - Mesur\u00e9 p\u00e9riodiquement en % de non-conformit\u00e9", "importance": 0, "uuid": "dab1f8e6-12a3-428e-abd4-352fa6e5880f" }, { "code": "KPI-A14 - Conservation mensuelle des journaux", "description": "S\u2019assurer de la r\u00e9ception et revue des journaux d\u2019acc\u00e8s, au moins une fois par mois - Contr\u00f4le ponctuel des syst\u00e8mes pour assurer une gestion d\u2019acc\u00e8s stricte.", "importance": 0, "uuid": "e4cb6ee9-b764-4e18-b3a7-78291c674020" }, { "code": "RR-A04 - D\u00e9placement des actifs critiques", "description": "D\u00e9placement des actifs critiques vers des zones s\u00e9curis\u00e9es", "importance": 0, "uuid": "e7bac196-04c8-4a72-b6b7-3bb6dd3d983a" }, { "code": "RR-A13 - Adoption/Cr\u00e9ation d'une politique de s\u00e9curit\u00e9 de l'information", "description": "Impl\u00e9menter les r\u00e8gles g\u00e9n\u00e9rales de la s\u00e9curit\u00e9 de l'information", "importance": 0, "uuid": "e85b7b66-6cf1-47d8-bda4-b13c9ca4b8bb" }, { "code": "KPI-A16 - Taux de sets de documentation \u00e0 jour", "description": "S'assurer que les sets de documentation sont \u00e0 jour - Prendre un portrait instantan\u00e9 de l'\u00e9tat (en %) des politiques et proc\u00e9dures termin\u00e9es qui appuient les logiciels d'acc\u00e8s", "importance": 0, "uuid": "eb2122db-d3b2-4fe4-af4c-7666f9ca8a15" }, { "code": "KPI-A07 - Nombre de fois que le fournisseur n'a pas respect\u00e9 le SLA", "description": "S'assurer que les contrats sont bien suivis/adapt\u00e9s aux besoins de l'entit\u00e9 - Mesur\u00e9 en suivant toutes les interventions par un fournisseur", "importance": 0, "uuid": "eb76ecb8-3a73-4c66-82f8-4db735965746" }, { "code": "RR-A03 - Impl\u00e9mentation d'une gestion des changements (Change Management)", "description": "Impl\u00e9mentation d'une gestion des changements (Change Management)", "importance": 0, "uuid": "f0080535-125b-4e19-8943-f3a7bd4770a9" }, { "code": "RR-A11 - Appliquer la PSI / charte de bonne conduite", "description": "D\u00e9motiver l'installation d'applications sans contr\u00f4le", "importance": 0, "uuid": "f73ec6ae-4384-412d-b2cd-fb308ac89420" }, { "code": "KPI-A11 - Qualit\u00e9 des backups", "description": "S\u2019assurer de la fonctionnalit\u00e9 et qualit\u00e9 des backups - Mesur\u00e9 par ex\u00e9cution de tests de backups et de restauration de backups", "importance": 0, "uuid": "f89598a0-b77e-47bf-aabc-83f335304848" }, { "code": "RR-A16 - Absence de d\u00e9finition des responsabilit\u00e9s", "description": "Impl\u00e9mentation et approbation d'un tableau RACI", "importance": 0, "uuid": "fd5e7bd0-e54d-49a5-9237-b5f645a1e4ef" }, { "code": "KPI-A31 - Suivi mensuel des journaux", "description": "S\u2019assurer de la r\u00e9ception et revue des journaux d\u2019acc\u00e8s, au moins une fois par mois", "importance": 0, "uuid": "fe7caa31-f67f-41fc-94f5-d2f769e01fb0" } ], "version": 0 } 2021-09-27T12:33:56.614936+00:00 https://objects.monarc.lu/object/get/5218 2024-05-02T13:22:55.432270+00:00 OWASP { "authors": [ "https://owasp.org/Top10/A03_2021-Injection" ], "code": "A03:2021", "description": "Some of the more common injections are SQL, NoSQL, OS command, Object Relational Mapping (ORM), LDAP, and Expression Language (EL) or Object Graph Navigation Library (OGNL) injection. The concept is identical among all interpreters. Source code review is the best method of detecting if applications are vulnerable to injections. Automated testing of all parameters, headers, URL, cookies, JSON, SOAP, and XML data inputs is strongly encouraged. Organizations can include the static source (SAST) and dynamic application test (DAST) tools into the CI/CD pipeline to identify introduced injection flaws before production deployment.", "label": "Injection", "language": "EN", "uuid": "8ecb698f-8f75-4c45-befd-0ab8ff8a611a" } 2021-09-30T12:41:23.492352+00:00 https://objects.monarc.lu/object/get/5225 2024-05-02T13:22:55.432144+00:00 OWASP { "authors": [ "https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_(SSRF)" ], "code": "A10:2021", "description": "SSRF flaws occur whenever a web application is fetching a remote resource without validating the user-supplied URL. It allows an attacker to coerce the application to send a crafted request to an unexpected destination, even when protected by a firewall, VPN, or another type of network ACL.", "label": "Server-Side Request Forgery (SSRF)", "language": "EN", "uuid": "428b0104-3d21-4d6d-872a-d728db617fdf" } 2021-09-30T12:41:23.506293+00:00 https://objects.monarc.lu/object/get/5224 2024-05-02T13:22:55.432017+00:00 OWASP { "authors": [ "https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures/" ], "code": "A09:2021", "description": "Returning to the OWASP Top 10 2021, this category is to help detect, escalate, and respond to active breaches. Without logging and monitoring, breaches cannot be detected. Insufficient logging, detection, monitoring, and active response occurs any time.", "label": "Security Logging and Monitoring Failures", "language": "EN", "uuid": "e328e0bf-8d2e-4137-8c4a-79c47355cc85" } 2021-09-30T12:41:23.517272+00:00 https://objects.monarc.lu/object/get/5223 2024-05-02T13:22:55.431874+00:00 OWASP { "authors": [ "https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures/" ], "code": "A08:2021", "description": "Software and data integrity failures relate to code and infrastructure that does not protect against integrity violations. For example, where objects or data are encoded or serialized into a structure that an attacker can see and modify is vulnerable to insecure deserialization. Another form of this is where an application relies upon plugins, libraries, or modules from untrusted sources, repositories, and content delivery networks (CDNs). An insecure CI/CD pipeline can introduce the potential for unauthorized access, malicious code, or system compromise. Lastly, many applications now include auto-update functionality, where updates are downloaded without sufficient integrity verification and applied to the previously trusted application. Attackers could potentially upload their own updates to be distributed and run on all installations.", "label": "Software and Data Integrity Failures", "language": "EN", "uuid": "b6d3b37e-2a87-4050-a75c-d9054e1dae7d" } 2021-09-30T12:41:23.528420+00:00 https://objects.monarc.lu/object/get/5222 2024-05-02T13:22:55.431651+00:00 OWASP { "authors": [ "https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/" ], "code": "A07:2021", "description": "Confirmation of the user's identity, authentication, and session management is critical to protect against authentication-related attacks.", "label": "Identification and Authentication Failures", "language": "EN", "uuid": "a3890b18-273e-4fa0-a3df-04da182b7486" } 2021-09-30T12:41:23.539415+00:00 https://objects.monarc.lu/object/get/5221 2024-05-02T13:22:55.431522+00:00 OWASP { "authors": [ "https://owasp.org/Top10/A06_2021-Vulnerable_and_Outdated_Components/" ], "code": "A06:2021", "description": "If you do not know the versions of all components you use (both client-side and server-side). This includes components you directly use as well as nested dependencies, etc.", "label": "Vulnerable and Outdated Components", "language": "EN", "uuid": "83c28543-e0f3-47d1-acf7-ee9d913a2caa" } 2021-09-30T12:41:23.548979+00:00 https://objects.monarc.lu/object/get/5220 2024-05-02T13:22:55.431390+00:00 OWASP { "authors": [ "https://owasp.org/Top10/A05_2021-Security_Misconfiguration/" ], "code": "A05:2021", "description": "Missing appropriate security hardening across any part of the application stack or improperly configured permissions on cloud services, etc.", "label": "Security Misconfiguration", "language": "EN", "uuid": "13b700b3-9714-4ff3-be6c-f3ce2f66fbbb" } 2021-09-30T12:41:23.559533+00:00 https://objects.monarc.lu/object/get/5219 2024-05-02T13:22:55.431226+00:00 OWASP { "authors": [ "OWASP project" ], "code": "A04:2021", "description": "Insecure design is a broad category representing many different weaknesses, expressed as \u201cmissing or ineffective control design.\u201d Missing insecure design is where a control is absent. For example, imagine code that should be encrypting sensitive data, but there is no method. Ineffective insecure design is where a threat could be realized, but insufficient domain (business) logic validation prevents the action. For example, imagine domain logic that is supposed to process pandemic tax relief based upon income brackets but does not validate that all inputs are correctly signed and provides a much more significant relief benefit than should be granted.", "label": "Insecure Design", "language": "EN", "uuid": "3164fd8c-4f07-4388-947c-5d0fea29edf8" } 2021-09-30T12:41:23.569473+00:00 https://objects.monarc.lu/object/get/5217 2024-05-02T13:22:55.431018+00:00 OWASP { "authors": [ "OWASP project" ], "code": "A02:2021", "description": "The first thing is to determine the protection needs of data in transit and at rest. For example, passwords, credit card numbers, health records, personal information, and business secrets require extra protection, mainly if that data falls under privacy laws, e.g., EU's General Data Protection Regulation (GDPR), or regulations, e.g., financial data protection such as PCI Data Security Standard (PCI DSS).", "label": "Cryptographic Failures", "language": "EN", "uuid": "f9f579cf-4ca6-411a-a7ed-18a0f5c94e77" } 2021-09-30T12:41:23.579561+00:00 https://objects.monarc.lu/object/get/5216 2024-05-02T13:22:55.429884+00:00 OWASP { "authors": [ "OWASP project" ], "code": "A01:2021", "description": "Access control enforces policy such that users cannot act outside of their intended permissions. Failures typically lead to unauthorized information disclosure, modification, or destruction of all data or performing a business function outside the user's limits.", "label": "Broken Access Control", "language": "EN", "uuid": "d9f75297-8bc0-4d97-a17e-6a30c089ae05" } 2021-09-30T12:41:23.589072+00:00 https://objects.monarc.lu/object/get/29 2024-05-02T13:22:55.428403+00:00 MONARC { "label": "NIST - ISO/IEC 27002", "refs": [ "https://www.nist.gov/cyberframework/framework" ], "security referentials UUID": [ "fcf78560-3d12-42ba-8f4a-5761ca02ac94", "98ca84fb-db87-11e8-ac77-0800279aaa2b" ], "uuid": "47c88411-1870-4b86-99e9-6e2325a28559", "values": [ { "control": "231fc2b1-80c2-450e-9d80-f804f5a8984c", "match": "267fc90c-f705-11e8-b555-0800279aaa2b" }, { "control": "231fc2b1-80c2-450e-9d80-f804f5a8984c", "match": "267fc94c-f705-11e8-b555-0800279aaa2b" }, { "control": "f4f7466f-0ae6-4867-a2ee-6be4e1f02329", "match": "267fc90c-f705-11e8-b555-0800279aaa2b" }, { "control": "f4f7466f-0ae6-4867-a2ee-6be4e1f02329", "match": "267fc94c-f705-11e8-b555-0800279aaa2b" }, { "control": "f4f7466f-0ae6-4867-a2ee-6be4e1f02329", "match": "267fdb18-f705-11e8-b555-0800279aaa2b" }, { "control": "b0cebf68-a023-40af-ba24-e59bd4a45c90", "match": "267fd3a6-f705-11e8-b555-0800279aaa2b" }, { "control": "b0cebf68-a023-40af-ba24-e59bd4a45c90", "match": "267fd3e3-f705-11e8-b555-0800279aaa2b" }, { "control": "57e92f7c-f5ed-4611-a1be-d7f4e1456f9c", "match": "267fcf4f-f705-11e8-b555-0800279aaa2b" }, { "control": "50fc2488-b730-48ae-abf8-93e60f141404", "match": "267fc9c9-f705-11e8-b555-0800279aaa2b" }, { "control": "766520fa-3439-4382-babc-eb7d9d6b1f52", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "46555297-7af1-4d59-ac07-6e627aef4dda", "match": "267fc88e-f705-11e8-b555-0800279aaa2b" }, { "control": "46555297-7af1-4d59-ac07-6e627aef4dda", "match": "267fc8cc-f705-11e8-b555-0800279aaa2b" }, { "control": "46555297-7af1-4d59-ac07-6e627aef4dda", "match": "267fe959-f705-11e8-b555-0800279aaa2b" }, { "control": "46555297-7af1-4d59-ac07-6e627aef4dda", "match": "267fd12f-f705-11e8-b555-0800279aaa2b" }, { "control": "46555297-7af1-4d59-ac07-6e627aef4dda", "match": "267fd16b-f705-11e8-b555-0800279aaa2b" }, { "control": "eaa4fb9d-e687-41a0-8d4b-1ca972bed10a", "match": "267fce8a-f705-11e8-b555-0800279aaa2b" }, { "control": "eaa4fb9d-e687-41a0-8d4b-1ca972bed10a", "match": "267fcecb-f705-11e8-b555-0800279aaa2b" }, { "control": "eaa4fb9d-e687-41a0-8d4b-1ca972bed10a", "match": "267fd1a8-f705-11e8-b555-0800279aaa2b" }, { "control": "75942c69-3336-4e82-bf59-515aaa6e3513", "match": "267fcd6f-f705-11e8-b555-0800279aaa2b" }, { "control": "75942c69-3336-4e82-bf59-515aaa6e3513", "match": "267fdf76-f705-11e8-b555-0800279aaa2b" }, { "control": "75942c69-3336-4e82-bf59-515aaa6e3513", "match": "267fdfbe-f705-11e8-b555-0800279aaa2b" }, { "control": "75942c69-3336-4e82-bf59-515aaa6e3513", "match": "267fea72-f705-11e8-b555-0800279aaa2b" }, { "control": "7a4074cc-5b40-486a-9a52-6b49be7f95e6", "match": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "control": "29613b2e-8def-417e-85fa-31aa5ef5de3b", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "29613b2e-8def-417e-85fa-31aa5ef5de3b", "match": "267fc6f7-f705-11e8-b555-0800279aaa2b" }, { "control": "29613b2e-8def-417e-85fa-31aa5ef5de3b", "match": "267fc88e-f705-11e8-b555-0800279aaa2b" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "267fe307-f705-11e8-b555-0800279aaa2b" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "267fe37d-f705-11e8-b555-0800279aaa2b" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "267fe510-f705-11e8-b555-0800279aaa2b" }, { "control": "cc6aad46-1887-4da6-93e3-c707be07b9f5", "match": "267fdda3-f705-11e8-b555-0800279aaa2b" }, { "control": "cc6aad46-1887-4da6-93e3-c707be07b9f5", "match": "267fe600-f705-11e8-b555-0800279aaa2b" }, { "control": "0550c268-534a-4311-920d-84466e4865c4", "match": "267fc80f-f705-11e8-b555-0800279aaa2b" }, { "control": "7c09a9bf-407c-4509-94c0-af8314fc3b86", "match": "267fdeb8-f705-11e8-b555-0800279aaa2b" }, { "control": "6d0bfd47-88dc-484a-aed8-196eaa12c4db", "match": "267fdda3-f705-11e8-b555-0800279aaa2b" }, { "control": "03dee2e6-285f-44e4-acc5-2388f62584a5", "match": "267fc88e-f705-11e8-b555-0800279aaa2b" }, { "control": "03dee2e6-285f-44e4-acc5-2388f62584a5", "match": "267fc8cc-f705-11e8-b555-0800279aaa2b" }, { "control": "03dee2e6-285f-44e4-acc5-2388f62584a5", "match": "267fe959-f705-11e8-b555-0800279aaa2b" }, { "control": "03dee2e6-285f-44e4-acc5-2388f62584a5", "match": "267fd12f-f705-11e8-b555-0800279aaa2b" }, { "control": "03dee2e6-285f-44e4-acc5-2388f62584a5", "match": "267fd16b-f705-11e8-b555-0800279aaa2b" }, { "control": "b9d19a14-74ab-46ae-8456-189d1a180dbf", "match": "267fd12f-f705-11e8-b555-0800279aaa2b" }, { "control": "b9d19a14-74ab-46ae-8456-189d1a180dbf", "match": "267fd16b-f705-11e8-b555-0800279aaa2b" }, { "control": "1e5aa8d3-b1e9-43e0-9e7e-54bdadac89ea", "match": "267fc88e-f705-11e8-b555-0800279aaa2b" }, { "control": "1e5aa8d3-b1e9-43e0-9e7e-54bdadac89ea", "match": "267fc8cc-f705-11e8-b555-0800279aaa2b" }, { "control": "1e5aa8d3-b1e9-43e0-9e7e-54bdadac89ea", "match": "267fe959-f705-11e8-b555-0800279aaa2b" }, { "control": "f6d606f5-9a22-4a53-87c1-ebe36f4fe939", "match": "267fd12f-f705-11e8-b555-0800279aaa2b" }, { "control": "f6d606f5-9a22-4a53-87c1-ebe36f4fe939", "match": "267fd16b-f705-11e8-b555-0800279aaa2b" }, { "control": "aa988775-7261-412e-bbee-bfd90db78a59", "match": "267fe022-f705-11e8-b555-0800279aaa2b" }, { "control": "a6b301ed-e0c1-467d-8e42-e2796c64b785", "match": "267fd899-f705-11e8-b555-0800279aaa2b" }, { "control": "a6b301ed-e0c1-467d-8e42-e2796c64b785", "match": "267fe782-f705-11e8-b555-0800279aaa2b" }, { "control": "a6b301ed-e0c1-467d-8e42-e2796c64b785", "match": "267fd69f-f705-11e8-b555-0800279aaa2b" }, { "control": "a6b301ed-e0c1-467d-8e42-e2796c64b785", "match": "267fd6e4-f705-11e8-b555-0800279aaa2b" }, { "control": "a6b301ed-e0c1-467d-8e42-e2796c64b785", "match": "267fcc3c-f705-11e8-b555-0800279aaa2b" }, { "control": "a6b301ed-e0c1-467d-8e42-e2796c64b785", "match": "267fd761-f705-11e8-b555-0800279aaa2b" }, { "control": "a6b301ed-e0c1-467d-8e42-e2796c64b785", "match": "267fd954-f705-11e8-b555-0800279aaa2b" }, { "control": "a6b301ed-e0c1-467d-8e42-e2796c64b785", "match": "267fd8d8-f705-11e8-b555-0800279aaa2b" }, { "control": "382fe4f1-9f05-4169-a343-2c961a8cf359", "match": "267fcca4-f705-11e8-b555-0800279aaa2b" }, { "control": "382fe4f1-9f05-4169-a343-2c961a8cf359", "match": "267fcce9-f705-11e8-b555-0800279aaa2b" }, { "control": "382fe4f1-9f05-4169-a343-2c961a8cf359", "match": "267fcd30-f705-11e8-b555-0800279aaa2b" }, { "control": "382fe4f1-9f05-4169-a343-2c961a8cf359", "match": "267fcd6f-f705-11e8-b555-0800279aaa2b" }, { "control": "382fe4f1-9f05-4169-a343-2c961a8cf359", "match": "267fcdac-f705-11e8-b555-0800279aaa2b" }, { "control": "382fe4f1-9f05-4169-a343-2c961a8cf359", "match": "267fcdec-f705-11e8-b555-0800279aaa2b" }, { "control": "382fe4f1-9f05-4169-a343-2c961a8cf359", "match": "267fce44-f705-11e8-b555-0800279aaa2b" }, { "control": "382fe4f1-9f05-4169-a343-2c961a8cf359", "match": "267fcecb-f705-11e8-b555-0800279aaa2b" }, { "control": "382fe4f1-9f05-4169-a343-2c961a8cf359", "match": "267fcfdf-f705-11e8-b555-0800279aaa2b" }, { "control": "382fe4f1-9f05-4169-a343-2c961a8cf359", "match": "267fcf4f-f705-11e8-b555-0800279aaa2b" }, { "control": "382fe4f1-9f05-4169-a343-2c961a8cf359", "match": "267fcf90-f705-11e8-b555-0800279aaa2b" }, { "control": "382fe4f1-9f05-4169-a343-2c961a8cf359", "match": "267fd7a0-f705-11e8-b555-0800279aaa2b" }, { "control": "7ec8092e-3e41-43e0-a8b2-c42b980dd29b", "match": "267fd9d0-f705-11e8-b555-0800279aaa2b" }, { "control": "7ec8092e-3e41-43e0-a8b2-c42b980dd29b", "match": "267fda0e-f705-11e8-b555-0800279aaa2b" }, { "control": "7ec8092e-3e41-43e0-a8b2-c42b980dd29b", "match": "267fcf4f-f705-11e8-b555-0800279aaa2b" }, { "control": "7ec8092e-3e41-43e0-a8b2-c42b980dd29b", "match": "267fd2b1-f705-11e8-b555-0800279aaa2b" }, { "control": "7ec8092e-3e41-43e0-a8b2-c42b980dd29b", "match": "267fd3a6-f705-11e8-b555-0800279aaa2b" }, { "control": "8feec5e9-c2b2-465b-8fa3-8b65b6a09fcb", "match": "267fd0b1-f705-11e8-b555-0800279aaa2b" }, { "control": "8feec5e9-c2b2-465b-8fa3-8b65b6a09fcb", "match": "267fd81b-f705-11e8-b555-0800279aaa2b" }, { "control": "8feec5e9-c2b2-465b-8fa3-8b65b6a09fcb", "match": "267fd69f-f705-11e8-b555-0800279aaa2b" }, { "control": "8feec5e9-c2b2-465b-8fa3-8b65b6a09fcb", "match": "267fd993-f705-11e8-b555-0800279aaa2b" }, { "control": "8feec5e9-c2b2-465b-8fa3-8b65b6a09fcb", "match": "267fd917-f705-11e8-b555-0800279aaa2b" }, { "control": "8feec5e9-c2b2-465b-8fa3-8b65b6a09fcb", "match": "267fdbf1-f705-11e8-b555-0800279aaa2b" }, { "control": "800fc6f9-e574-4152-89e6-30bae7da4adc", "match": "267fd2b1-f705-11e8-b555-0800279aaa2b" }, { "control": "800fc6f9-e574-4152-89e6-30bae7da4adc", "match": "267fd85b-f705-11e8-b555-0800279aaa2b" }, { "control": "800fc6f9-e574-4152-89e6-30bae7da4adc", "match": "267fd3a6-f705-11e8-b555-0800279aaa2b" }, { "control": "800fc6f9-e574-4152-89e6-30bae7da4adc", "match": "267fd4ac-f705-11e8-b555-0800279aaa2b" }, { "control": "800fc6f9-e574-4152-89e6-30bae7da4adc", "match": "267fd4ed-f705-11e8-b555-0800279aaa2b" }, { "control": "d44d0823-1523-457a-b028-6ea0da3adb34", "match": "267fca6b-f705-11e8-b555-0800279aaa2b" }, { "control": "d44d0823-1523-457a-b028-6ea0da3adb34", "match": "267fd899-f705-11e8-b555-0800279aaa2b" }, { "control": "14aab29b-4760-4f32-ad21-06367a8ea05e", "match": "267fd899-f705-11e8-b555-0800279aaa2b" }, { "control": "14aab29b-4760-4f32-ad21-06367a8ea05e", "match": "267fd6e4-f705-11e8-b555-0800279aaa2b" }, { "control": "14aab29b-4760-4f32-ad21-06367a8ea05e", "match": "267fd761-f705-11e8-b555-0800279aaa2b" }, { "control": "14aab29b-4760-4f32-ad21-06367a8ea05e", "match": "267fd954-f705-11e8-b555-0800279aaa2b" }, { "control": "14aab29b-4760-4f32-ad21-06367a8ea05e", "match": "267fd8d8-f705-11e8-b555-0800279aaa2b" }, { "control": "14aab29b-4760-4f32-ad21-06367a8ea05e", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "01d259f0-ece0-4f7c-91bf-d09844c576cc", "match": "267fcaeb-f705-11e8-b555-0800279aaa2b" }, { "control": "01d259f0-ece0-4f7c-91bf-d09844c576cc", "match": "267fd22e-f705-11e8-b555-0800279aaa2b" }, { "control": "6386d5df-56f8-46ad-b181-e870491004a5", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "6386d5df-56f8-46ad-b181-e870491004a5", "match": "267fcaeb-f705-11e8-b555-0800279aaa2b" }, { "control": "4879e4fb-cd0e-4968-8dd2-4b6dbe977cdc", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "4879e4fb-cd0e-4968-8dd2-4b6dbe977cdc", "match": "267fc6f7-f705-11e8-b555-0800279aaa2b" }, { "control": "4879e4fb-cd0e-4968-8dd2-4b6dbe977cdc", "match": "267fcaeb-f705-11e8-b555-0800279aaa2b" }, { "control": "987e9304-80fd-4470-b8b4-213f41a0a957", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "987e9304-80fd-4470-b8b4-213f41a0a957", "match": "267fcaeb-f705-11e8-b555-0800279aaa2b" }, { "control": "92a81683-1877-48d3-9d5a-c7c0ddd9852b", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "92a81683-1877-48d3-9d5a-c7c0ddd9852b", "match": "267fcaeb-f705-11e8-b555-0800279aaa2b" }, { "control": "d798a390-f23a-4bbc-abe5-588ab58811c6", "match": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "control": "38022045-6812-4623-8409-7a9d6b3f7ce8", "match": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "control": "38022045-6812-4623-8409-7a9d6b3f7ce8", "match": "267fd2b1-f705-11e8-b555-0800279aaa2b" }, { "control": "38022045-6812-4623-8409-7a9d6b3f7ce8", "match": "267fd3a6-f705-11e8-b555-0800279aaa2b" }, { "control": "38022045-6812-4623-8409-7a9d6b3f7ce8", "match": "267fd462-f705-11e8-b555-0800279aaa2b" }, { "control": "38022045-6812-4623-8409-7a9d6b3f7ce8", "match": "267fd4ac-f705-11e8-b555-0800279aaa2b" }, { "control": "38022045-6812-4623-8409-7a9d6b3f7ce8", "match": "267fd4ed-f705-11e8-b555-0800279aaa2b" }, { "control": "acfea27c-c6d5-421a-9ae4-2db82610cc41", "match": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "control": "acfea27c-c6d5-421a-9ae4-2db82610cc41", "match": "267fd32a-f705-11e8-b555-0800279aaa2b" }, { "control": "acfea27c-c6d5-421a-9ae4-2db82610cc41", "match": "267fd369-f705-11e8-b555-0800279aaa2b" }, { "control": "acfea27c-c6d5-421a-9ae4-2db82610cc41", "match": "267fd421-f705-11e8-b555-0800279aaa2b" }, { "control": "acfea27c-c6d5-421a-9ae4-2db82610cc41", "match": "267fcfdf-f705-11e8-b555-0800279aaa2b" }, { "control": "acfea27c-c6d5-421a-9ae4-2db82610cc41", "match": "267fcf90-f705-11e8-b555-0800279aaa2b" }, { "control": "e4380999-3c82-4b85-86cd-86f1f37f97ab", "match": "267fd1a8-f705-11e8-b555-0800279aaa2b" }, { "control": "e4380999-3c82-4b85-86cd-86f1f37f97ab", "match": "267fea72-f705-11e8-b555-0800279aaa2b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "267fd0b1-f705-11e8-b555-0800279aaa2b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "267fca6b-f705-11e8-b555-0800279aaa2b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "267fcaad-f705-11e8-b555-0800279aaa2b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "267fcb79-f705-11e8-b555-0800279aaa2b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "267fca19-f705-11e8-b555-0800279aaa2b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "267fd659-f705-11e8-b555-0800279aaa2b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "267fd81b-f705-11e8-b555-0800279aaa2b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "267fd69f-f705-11e8-b555-0800279aaa2b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "267fd993-f705-11e8-b555-0800279aaa2b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "267fd917-f705-11e8-b555-0800279aaa2b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "267fdbf1-f705-11e8-b555-0800279aaa2b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "267fda8c-f705-11e8-b555-0800279aaa2b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "267fcd6f-f705-11e8-b555-0800279aaa2b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "267fcdac-f705-11e8-b555-0800279aaa2b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "267fce44-f705-11e8-b555-0800279aaa2b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "267fd2b1-f705-11e8-b555-0800279aaa2b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "267fd85b-f705-11e8-b555-0800279aaa2b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "267fd3a6-f705-11e8-b555-0800279aaa2b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "267fd462-f705-11e8-b555-0800279aaa2b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "267fc77e-f705-11e8-b555-0800279aaa2b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "267fd4ac-f705-11e8-b555-0800279aaa2b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "267fd4ed-f705-11e8-b555-0800279aaa2b" }, { "control": "e5b116b5-b806-4863-92ba-d8c2f477813b", "match": "267fd22e-f705-11e8-b555-0800279aaa2b" }, { "control": "e5b116b5-b806-4863-92ba-d8c2f477813b", "match": "267fdb18-f705-11e8-b555-0800279aaa2b" }, { "control": "e5b116b5-b806-4863-92ba-d8c2f477813b", "match": "267fd4ac-f705-11e8-b555-0800279aaa2b" }, { "control": "e5b116b5-b806-4863-92ba-d8c2f477813b", "match": "267fd4ed-f705-11e8-b555-0800279aaa2b" }, { "control": "e5b116b5-b806-4863-92ba-d8c2f477813b", "match": "267fdcf3-f705-11e8-b555-0800279aaa2b" }, { "control": "6604ef4c-a1d7-43d2-90e4-d2b8d97d880f", "match": "267fd0ef-f705-11e8-b555-0800279aaa2b" }, { "control": "892d5462-ee77-4379-ab88-a78f3eff45c1", "match": "267fcf0a-f705-11e8-b555-0800279aaa2b" }, { "control": "30a7a092-3e00-4d33-aec2-66d019c2ff03", "match": "267fd073-f705-11e8-b555-0800279aaa2b" }, { "control": "30a7a092-3e00-4d33-aec2-66d019c2ff03", "match": "267fdb18-f705-11e8-b555-0800279aaa2b" }, { "control": "30a7a092-3e00-4d33-aec2-66d019c2ff03", "match": "267fe8fe-f705-11e8-b555-0800279aaa2b" }, { "control": "30a7a092-3e00-4d33-aec2-66d019c2ff03", "match": "267fdc38-f705-11e8-b555-0800279aaa2b" }, { "control": "30a7a092-3e00-4d33-aec2-66d019c2ff03", "match": "267fdc8c-f705-11e8-b555-0800279aaa2b" }, { "control": "30a7a092-3e00-4d33-aec2-66d019c2ff03", "match": "267fdcf3-f705-11e8-b555-0800279aaa2b" }, { "control": "7cd438b8-038b-4f1f-a431-a1a1a83e009c", "match": "267fe6b9-f705-11e8-b555-0800279aaa2b" }, { "control": "7cd438b8-038b-4f1f-a431-a1a1a83e009c", "match": "267fda50-f705-11e8-b555-0800279aaa2b" }, { "control": "7cd438b8-038b-4f1f-a431-a1a1a83e009c", "match": "267fe8a1-f705-11e8-b555-0800279aaa2b" }, { "control": "7cd438b8-038b-4f1f-a431-a1a1a83e009c", "match": "267fdf36-f705-11e8-b555-0800279aaa2b" }, { "control": "6f6442e8-952b-4a13-9e97-7c233a7b2a1c", "match": "267fd073-f705-11e8-b555-0800279aaa2b" }, { "control": "6f6442e8-952b-4a13-9e97-7c233a7b2a1c", "match": "267fdb18-f705-11e8-b555-0800279aaa2b" }, { "control": "6f6442e8-952b-4a13-9e97-7c233a7b2a1c", "match": "267fe8fe-f705-11e8-b555-0800279aaa2b" }, { "control": "6f6442e8-952b-4a13-9e97-7c233a7b2a1c", "match": "267fdc38-f705-11e8-b555-0800279aaa2b" }, { "control": "6f6442e8-952b-4a13-9e97-7c233a7b2a1c", "match": "267fdc8c-f705-11e8-b555-0800279aaa2b" }, { "control": "6f6442e8-952b-4a13-9e97-7c233a7b2a1c", "match": "267fdcf3-f705-11e8-b555-0800279aaa2b" }, { "control": "2e411d93-1836-4dbc-baf1-a747d2a9915a", "match": "267fd272-f705-11e8-b555-0800279aaa2b" }, { "control": "2e411d93-1836-4dbc-baf1-a747d2a9915a", "match": "267fdfbe-f705-11e8-b555-0800279aaa2b" }, { "control": "2e411d93-1836-4dbc-baf1-a747d2a9915a", "match": "267fe022-f705-11e8-b555-0800279aaa2b" }, { "control": "2e411d93-1836-4dbc-baf1-a747d2a9915a", "match": "267fe37d-f705-11e8-b555-0800279aaa2b" }, { "control": "f01b50b8-0e54-4f8f-afee-0ec56f788a42", "match": "267fcd6f-f705-11e8-b555-0800279aaa2b" }, { "control": "f01b50b8-0e54-4f8f-afee-0ec56f788a42", "match": "267fce44-f705-11e8-b555-0800279aaa2b" }, { "control": "f01b50b8-0e54-4f8f-afee-0ec56f788a42", "match": "267fce8a-f705-11e8-b555-0800279aaa2b" }, { "control": "f01b50b8-0e54-4f8f-afee-0ec56f788a42", "match": "267fcecb-f705-11e8-b555-0800279aaa2b" }, { "control": "0fd12bc3-c80d-4baa-bc1b-a7fbfb152f86", "match": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "control": "0fd12bc3-c80d-4baa-bc1b-a7fbfb152f86", "match": "267fd32a-f705-11e8-b555-0800279aaa2b" }, { "control": "0fd12bc3-c80d-4baa-bc1b-a7fbfb152f86", "match": "267fd369-f705-11e8-b555-0800279aaa2b" }, { "control": "0fd12bc3-c80d-4baa-bc1b-a7fbfb152f86", "match": "267fcf90-f705-11e8-b555-0800279aaa2b" }, { "control": "bb1c6655-a3fc-4d43-8e1b-50f5e418c1aa", "match": "267fdeb8-f705-11e8-b555-0800279aaa2b" }, { "control": "ac4be007-d8cb-4da5-9a84-118c2841a6f5", "match": "267fdeb8-f705-11e8-b555-0800279aaa2b" }, { "control": "4fe097cd-e0c0-4698-a209-43ffb553a279", "match": "267fde78-f705-11e8-b555-0800279aaa2b" }, { "control": "4fe097cd-e0c0-4698-a209-43ffb553a279", "match": "267fdf76-f705-11e8-b555-0800279aaa2b" }, { "control": "4fe097cd-e0c0-4698-a209-43ffb553a279", "match": "267fdfbe-f705-11e8-b555-0800279aaa2b" }, { "control": "4fe097cd-e0c0-4698-a209-43ffb553a279", "match": "267fe022-f705-11e8-b555-0800279aaa2b" }, { "control": "e4f85702-5874-4361-beec-45d00b379c5b", "match": "267fe022-f705-11e8-b555-0800279aaa2b" }, { "control": "4279b240-b560-4632-a557-9af1322930fd", "match": "267fca6b-f705-11e8-b555-0800279aaa2b" }, { "control": "4279b240-b560-4632-a557-9af1322930fd", "match": "267fcaad-f705-11e8-b555-0800279aaa2b" }, { "control": "4279b240-b560-4632-a557-9af1322930fd", "match": "267fc6f7-f705-11e8-b555-0800279aaa2b" }, { "control": "4279b240-b560-4632-a557-9af1322930fd", "match": "267fcaeb-f705-11e8-b555-0800279aaa2b" }, { "control": "4279b240-b560-4632-a557-9af1322930fd", "match": "267fcb29-f705-11e8-b555-0800279aaa2b" }, { "control": "4279b240-b560-4632-a557-9af1322930fd", "match": "267fcb79-f705-11e8-b555-0800279aaa2b" }, { "control": "4279b240-b560-4632-a557-9af1322930fd", "match": "267fcbce-f705-11e8-b555-0800279aaa2b" }, { "control": "48d2b0ff-ebc0-445b-8f20-3ae47d43242c", "match": "267fdda3-f705-11e8-b555-0800279aaa2b" }, { "control": "48d2b0ff-ebc0-445b-8f20-3ae47d43242c", "match": "267fdc8c-f705-11e8-b555-0800279aaa2b" }, { "control": "48d2b0ff-ebc0-445b-8f20-3ae47d43242c", "match": "267fde31-f705-11e8-b555-0800279aaa2b" }, { "control": "48d2b0ff-ebc0-445b-8f20-3ae47d43242c", "match": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "control": "48d2b0ff-ebc0-445b-8f20-3ae47d43242c", "match": "267fe600-f705-11e8-b555-0800279aaa2b" }, { "control": "6da92eea-2f74-458f-a643-361df7ea9f2f", "match": "267fcce9-f705-11e8-b555-0800279aaa2b" }, { "control": "6da92eea-2f74-458f-a643-361df7ea9f2f", "match": "267fcf0a-f705-11e8-b555-0800279aaa2b" }, { "control": "6da92eea-2f74-458f-a643-361df7ea9f2f", "match": "267fcfdf-f705-11e8-b555-0800279aaa2b" }, { "control": "6da92eea-2f74-458f-a643-361df7ea9f2f", "match": "267fcf4f-f705-11e8-b555-0800279aaa2b" }, { "control": "831f20de-eadb-44a7-82f3-fcb116d8cb69", "match": "267fcf0a-f705-11e8-b555-0800279aaa2b" }, { "control": "831f20de-eadb-44a7-82f3-fcb116d8cb69", "match": "267fc88e-f705-11e8-b555-0800279aaa2b" }, { "control": "831f20de-eadb-44a7-82f3-fcb116d8cb69", "match": "267fd12f-f705-11e8-b555-0800279aaa2b" }, { "control": "3dcdd5d1-48e8-4b66-8567-65e0f0c8be4a", "match": "267fd529-f705-11e8-b555-0800279aaa2b" }, { "control": "3dcdd5d1-48e8-4b66-8567-65e0f0c8be4a", "match": "267fd567-f705-11e8-b555-0800279aaa2b" }, { "control": "3dcdd5d1-48e8-4b66-8567-65e0f0c8be4a", "match": "267fd5ae-f705-11e8-b555-0800279aaa2b" }, { "control": "3dcdd5d1-48e8-4b66-8567-65e0f0c8be4a", "match": "267fd610-f705-11e8-b555-0800279aaa2b" }, { "control": "3dcdd5d1-48e8-4b66-8567-65e0f0c8be4a", "match": "267fe660-f705-11e8-b555-0800279aaa2b" }, { "control": "0f278ef8-3a97-4e0e-bc30-66d530bdea47", "match": "267fc9c9-f705-11e8-b555-0800279aaa2b" }, { "control": "0f278ef8-3a97-4e0e-bc30-66d530bdea47", "match": "267fca19-f705-11e8-b555-0800279aaa2b" }, { "control": "0f278ef8-3a97-4e0e-bc30-66d530bdea47", "match": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "control": "0f278ef8-3a97-4e0e-bc30-66d530bdea47", "match": "267fd32a-f705-11e8-b555-0800279aaa2b" }, { "control": "0f278ef8-3a97-4e0e-bc30-66d530bdea47", "match": "267fd421-f705-11e8-b555-0800279aaa2b" }, { "control": "0f278ef8-3a97-4e0e-bc30-66d530bdea47", "match": "267fd7dd-f705-11e8-b555-0800279aaa2b" }, { "control": "02cc6244-c9d8-4db1-aeb3-a05933207c9d", "match": "267fd81b-f705-11e8-b555-0800279aaa2b" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "267fd2b1-f705-11e8-b555-0800279aaa2b" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "267fd3a6-f705-11e8-b555-0800279aaa2b" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "267fd4ed-f705-11e8-b555-0800279aaa2b" }, { "control": "3e3e542a-67b2-4a77-b09b-9dc9b977cd8e", "match": "267fdfbe-f705-11e8-b555-0800279aaa2b" }, { "control": "3e3e542a-67b2-4a77-b09b-9dc9b977cd8e", "match": "267fea72-f705-11e8-b555-0800279aaa2b" }, { "control": "24ac8920-3747-45bb-b9d1-1ca0d1d84d3f", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "24ac8920-3747-45bb-b9d1-1ca0d1d84d3f", "match": "267fd073-f705-11e8-b555-0800279aaa2b" }, { "control": "24ac8920-3747-45bb-b9d1-1ca0d1d84d3f", "match": "267fd2b1-f705-11e8-b555-0800279aaa2b" }, { "control": "24ac8920-3747-45bb-b9d1-1ca0d1d84d3f", "match": "267fd2ee-f705-11e8-b555-0800279aaa2b" }, { "control": "69f50c12-9eab-4305-be4f-97a2002ccc0c", "match": "267fd529-f705-11e8-b555-0800279aaa2b" }, { "control": "69f50c12-9eab-4305-be4f-97a2002ccc0c", "match": "267fde78-f705-11e8-b555-0800279aaa2b" }, { "control": "69f50c12-9eab-4305-be4f-97a2002ccc0c", "match": "267fe9b4-f705-11e8-b555-0800279aaa2b" }, { "control": "31dc508e-664e-4173-8757-00ec985115c8", "match": "267fd529-f705-11e8-b555-0800279aaa2b" }, { "control": "31dc508e-664e-4173-8757-00ec985115c8", "match": "267fdef6-f705-11e8-b555-0800279aaa2b" }, { "control": "3f6e72ed-2984-452d-badd-5563acbf0450", "match": "267fe9b4-f705-11e8-b555-0800279aaa2b" }, { "control": "52d551ef-7334-45a3-9dd7-0b8d239ba1f6", "match": "267fe9b4-f705-11e8-b555-0800279aaa2b" }, { "control": "dec6cf8c-1714-45f4-bfd2-23a049fb9b35", "match": "267fcca4-f705-11e8-b555-0800279aaa2b" }, { "control": "dec6cf8c-1714-45f4-bfd2-23a049fb9b35", "match": "267fcce9-f705-11e8-b555-0800279aaa2b" }, { "control": "a8f83595-0327-4e24-9557-0e8d9b82856f", "match": "267fd529-f705-11e8-b555-0800279aaa2b" }, { "control": "a8f83595-0327-4e24-9557-0e8d9b82856f", "match": "267fd5ae-f705-11e8-b555-0800279aaa2b" }, { "control": "70e202bf-2270-4daf-8fb5-4f6fb10de979", "match": "267fd22e-f705-11e8-b555-0800279aaa2b" }, { "control": "54eeaae4-2b82-43ce-9a61-40d453116d8d", "match": "267fdb18-f705-11e8-b555-0800279aaa2b" }, { "control": "54eeaae4-2b82-43ce-9a61-40d453116d8d", "match": "267fe8fe-f705-11e8-b555-0800279aaa2b" }, { "control": "bbb99e89-ee33-46fc-bc03-1582631210c4", "match": "267fdd55-f705-11e8-b555-0800279aaa2b" }, { "control": "bbb99e89-ee33-46fc-bc03-1582631210c4", "match": "267fd12f-f705-11e8-b555-0800279aaa2b" }, { "control": "e4f36efd-2e64-4ee8-9fd1-af2bec0b68d0", "match": "267fd529-f705-11e8-b555-0800279aaa2b" }, { "control": "e4f36efd-2e64-4ee8-9fd1-af2bec0b68d0", "match": "267fdd55-f705-11e8-b555-0800279aaa2b" }, { "control": "e4f36efd-2e64-4ee8-9fd1-af2bec0b68d0", "match": "267fd12f-f705-11e8-b555-0800279aaa2b" }, { "control": "ebc0b0f8-4403-481f-be4a-7f35ae3cb6be", "match": "267fdda3-f705-11e8-b555-0800279aaa2b" }, { "control": "48a13f85-a811-43fa-a0e8-89f67fb2743f", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "48a13f85-a811-43fa-a0e8-89f67fb2743f", "match": "267fcaeb-f705-11e8-b555-0800279aaa2b" }, { "control": "f9d1a926-5d39-4123-8b83-a94c21ff18e5", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "f9d1a926-5d39-4123-8b83-a94c21ff18e5", "match": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "control": "f9d1a926-5d39-4123-8b83-a94c21ff18e5", "match": "267fe600-f705-11e8-b555-0800279aaa2b" }, { "control": "23e4c883-c358-4b64-8d7e-249c67b7f1f2", "match": "267fe7e9-f705-11e8-b555-0800279aaa2b" }, { "control": "025611cb-8431-4a9c-a88c-039141472418", "match": "267fddeb-f705-11e8-b555-0800279aaa2b" }, { "control": "025611cb-8431-4a9c-a88c-039141472418", "match": "267fde31-f705-11e8-b555-0800279aaa2b" }, { "control": "ad0458f2-c836-4c7d-9d8f-6333fc6af2e9", "match": "267fdeb8-f705-11e8-b555-0800279aaa2b" }, { "control": "b237b4b1-a21a-4122-b4c8-e068ad58ef21", "match": "267fea11-f705-11e8-b555-0800279aaa2b" }, { "control": "cce52cf2-aa85-4f33-8cb8-b0508f452c25", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "cce52cf2-aa85-4f33-8cb8-b0508f452c25", "match": "267fcaeb-f705-11e8-b555-0800279aaa2b" }, { "control": "cce52cf2-aa85-4f33-8cb8-b0508f452c25", "match": "267fde78-f705-11e8-b555-0800279aaa2b" }, { "control": "30ff804b-d8e2-44da-a49e-bb1a39e5f81a", "match": "267fc7c0-f705-11e8-b555-0800279aaa2b" }, { "control": "30ff804b-d8e2-44da-a49e-bb1a39e5f81a", "match": "267fddeb-f705-11e8-b555-0800279aaa2b" }, { "control": "2d88bd60-ff72-40cc-a2b4-ae7c9cbd2a68", "match": "267fddeb-f705-11e8-b555-0800279aaa2b" }, { "control": "bb37f7e5-ff5d-4b9a-a621-dfb26f3fccaf", "match": "267fc80f-f705-11e8-b555-0800279aaa2b" }, { "control": "e6ab0d96-2ced-445d-a19f-97710b2cc346", "match": "267fd529-f705-11e8-b555-0800279aaa2b" }, { "control": "e6ab0d96-2ced-445d-a19f-97710b2cc346", "match": "267fd5ae-f705-11e8-b555-0800279aaa2b" }, { "control": "e6ab0d96-2ced-445d-a19f-97710b2cc346", "match": "267fea11-f705-11e8-b555-0800279aaa2b" }, { "control": "0c7c3558-9c78-4bcc-816b-9123c899b653", "match": "267fe9b4-f705-11e8-b555-0800279aaa2b" }, { "control": "0c7c3558-9c78-4bcc-816b-9123c899b653", "match": "267fdeb8-f705-11e8-b555-0800279aaa2b" }, { "control": "cf3d3d41-f0d5-4eb9-b6c5-537d72ea645a", "match": "267fdef6-f705-11e8-b555-0800279aaa2b" }, { "control": "1ea30a61-92f4-4ae0-a349-3f947bf0dc94", "match": "267fe9b4-f705-11e8-b555-0800279aaa2b" }, { "control": "2736e702-38ef-439d-9e8b-989ef56f8735", "match": "267fd22e-f705-11e8-b555-0800279aaa2b" }, { "control": "2736e702-38ef-439d-9e8b-989ef56f8735", "match": "267fea11-f705-11e8-b555-0800279aaa2b" }, { "control": "e94941eb-31da-40e0-b944-07c43233e7c0", "match": "267fd22e-f705-11e8-b555-0800279aaa2b" }, { "control": "e94941eb-31da-40e0-b944-07c43233e7c0", "match": "267fea11-f705-11e8-b555-0800279aaa2b" }, { "control": "0de24c0a-53cb-4481-9b8d-fccc252e4f03", "match": "267fdda3-f705-11e8-b555-0800279aaa2b" }, { "control": "01314572-becc-4780-945f-9ed3a40af900", "match": "267fdeb8-f705-11e8-b555-0800279aaa2b" }, { "control": "f0753789-bcc3-4f66-9bb5-b6179bb367de", "match": "267fdeb8-f705-11e8-b555-0800279aaa2b" }, { "control": "0d124100-372e-429b-9e2f-d12211f005e1", "match": "267fea11-f705-11e8-b555-0800279aaa2b" }, { "control": "52ab8937-c260-4cf3-a807-ce1381afa4c9", "match": "267fdeb8-f705-11e8-b555-0800279aaa2b" }, { "control": "421b5608-0f1d-4de5-b646-ff9538f8493f", "match": "267fdeb8-f705-11e8-b555-0800279aaa2b" }, { "control": "771e3059-9eb4-4313-94b4-f0e8fa102498", "match": "267fc80f-f705-11e8-b555-0800279aaa2b" } ], "version": 1 } 2021-10-12T14:36:23.530522+00:00 https://objects.monarc.lu/object/get/32 2024-05-02T13:22:55.425643+00:00 MONARC { "label": "NIST Core - NIST SP 800-53 (Rev.5)", "refs": [ "https://www.nist.gov/cyberframework/framework" ], "security referentials UUID": [ "fcf78560-3d12-42ba-8f4a-5761ca02ac94", "cfd2cd50-95fa-4143-b0e5-794249bacae1" ], "uuid": "39e559bb-2365-4455-b220-517e129992ef", "values": [ { "control": "231fc2b1-80c2-450e-9d80-f804f5a8984c", "match": "36ae972c-4543-4548-8946-47cb651ed0ef" }, { "control": "231fc2b1-80c2-450e-9d80-f804f5a8984c", "match": "515fb4c4-2a45-47b7-9a7a-5878f1bbad9c" }, { "control": "f4f7466f-0ae6-4867-a2ee-6be4e1f02329", "match": "36ae972c-4543-4548-8946-47cb651ed0ef" }, { "control": "f4f7466f-0ae6-4867-a2ee-6be4e1f02329", "match": "515fb4c4-2a45-47b7-9a7a-5878f1bbad9c" }, { "control": "b0cebf68-a023-40af-ba24-e59bd4a45c90", "match": "e2323e31-d4c5-4f58-8de3-529d41c7fde6" }, { "control": "b0cebf68-a023-40af-ba24-e59bd4a45c90", "match": "6c55f12d-0f58-4caf-9c27-91c38d3620e3" }, { "control": "b0cebf68-a023-40af-ba24-e59bd4a45c90", "match": "063f894b-5f12-4e99-8277-6e21692c977d" }, { "control": "b0cebf68-a023-40af-ba24-e59bd4a45c90", "match": "3bffd1eb-e6a7-47ad-927a-0d679048ed5a" }, { "control": "57e92f7c-f5ed-4611-a1be-d7f4e1456f9c", "match": "fc9d8985-7dea-4b78-b977-7c5ac82e15f2" }, { "control": "57e92f7c-f5ed-4611-a1be-d7f4e1456f9c", "match": "64f93d70-568f-404a-a049-b7f37598ec66" }, { "control": "50fc2488-b730-48ae-abf8-93e60f141404", "match": "4f08538a-9f7d-422f-aaae-0949bf39c028" }, { "control": "50fc2488-b730-48ae-abf8-93e60f141404", "match": "e30e5bc6-c3f4-4714-9c0a-6aed3e4daa6d" }, { "control": "50fc2488-b730-48ae-abf8-93e60f141404", "match": "a6a327ee-3850-4c6c-8828-03cbe4ac83df" }, { "control": "50fc2488-b730-48ae-abf8-93e60f141404", "match": "76c33e82-04e2-4ee5-88c6-40939d8349a7" }, { "control": "766520fa-3439-4382-babc-eb7d9d6b1f52", "match": "4f08538a-9f7d-422f-aaae-0949bf39c028" }, { "control": "766520fa-3439-4382-babc-eb7d9d6b1f52", "match": "54db3434-c9cc-4a09-90a0-7e94aa29ae61" }, { "control": "766520fa-3439-4382-babc-eb7d9d6b1f52", "match": "9a4b8ede-d722-44b8-a04f-ae78cbd266ab" }, { "control": "46555297-7af1-4d59-ac07-6e627aef4dda", "match": "4f08538a-9f7d-422f-aaae-0949bf39c028" }, { "control": "46555297-7af1-4d59-ac07-6e627aef4dda", "match": "9df48cd7-7ec8-4ac6-9563-68087e9c49d6" }, { "control": "63f9f527-2c63-4fda-acda-7ebcf3025873", "match": "2d2a7dc6-2770-4897-ac0b-492e7ddd24ed" }, { "control": "1a422e41-50fc-4c74-b1e4-e3d40b7c82f3", "match": "9a4b8ede-d722-44b8-a04f-ae78cbd266ab" }, { "control": "1a422e41-50fc-4c74-b1e4-e3d40b7c82f3", "match": "a6a327ee-3850-4c6c-8828-03cbe4ac83df" }, { "control": "eaa4fb9d-e687-41a0-8d4b-1ca972bed10a", "match": "01096bf7-a45e-40d9-851e-72a6b8d7344a" }, { "control": "eaa4fb9d-e687-41a0-8d4b-1ca972bed10a", "match": "7c9127dc-e0e8-4a6f-9cf9-82f5a7b18f37" }, { "control": "eaa4fb9d-e687-41a0-8d4b-1ca972bed10a", "match": "6d3fbb99-fa7d-4c65-9c5f-928044a5840f" }, { "control": "eaa4fb9d-e687-41a0-8d4b-1ca972bed10a", "match": "2d2a7dc6-2770-4897-ac0b-492e7ddd24ed" }, { "control": "eaa4fb9d-e687-41a0-8d4b-1ca972bed10a", "match": "a6a327ee-3850-4c6c-8828-03cbe4ac83df" }, { "control": "75942c69-3336-4e82-bf59-515aaa6e3513", "match": "4f08538a-9f7d-422f-aaae-0949bf39c028" }, { "control": "75942c69-3336-4e82-bf59-515aaa6e3513", "match": "b705c1c5-aee2-4cb0-9f55-f045fc627f34" }, { "control": "75942c69-3336-4e82-bf59-515aaa6e3513", "match": "6fd6cc79-208a-4f2c-8a05-9adae75fd255" }, { "control": "75942c69-3336-4e82-bf59-515aaa6e3513", "match": "a6a327ee-3850-4c6c-8828-03cbe4ac83df" }, { "control": "7a4074cc-5b40-486a-9a52-6b49be7f95e6", "match": "ebf10522-0f57-4880-aa73-e28a206b7be4" }, { "control": "7a4074cc-5b40-486a-9a52-6b49be7f95e6", "match": "468658d8-61b8-4757-8c28-d6017337ea91" }, { "control": "7a4074cc-5b40-486a-9a52-6b49be7f95e6", "match": "9bc48f7a-6863-421d-96c5-7e7099ef2415" }, { "control": "7a4074cc-5b40-486a-9a52-6b49be7f95e6", "match": "698ebcc9-cf38-49d4-9a7a-dce61bbff968" }, { "control": "7a4074cc-5b40-486a-9a52-6b49be7f95e6", "match": "c1aa25a1-a0cf-483d-8b7d-44725cd3f6ed" }, { "control": "7a4074cc-5b40-486a-9a52-6b49be7f95e6", "match": "99e77822-723b-4a08-8ee0-4c73ad494db7" }, { "control": "7a4074cc-5b40-486a-9a52-6b49be7f95e6", "match": "b41dacdb-78d6-4744-bcae-5a46b95cfe04" }, { "control": "7a4074cc-5b40-486a-9a52-6b49be7f95e6", "match": "74b14d2d-6320-4ac9-9b74-d93177dd4329" }, { "control": "7a4074cc-5b40-486a-9a52-6b49be7f95e6", "match": "7fb408ab-f358-489d-be81-5b9395da78a7" }, { "control": "7a4074cc-5b40-486a-9a52-6b49be7f95e6", "match": "bcc51690-d12c-41a8-bd76-6aae187a8afc" }, { "control": "7a4074cc-5b40-486a-9a52-6b49be7f95e6", "match": "5b92c7ee-202b-4de8-983c-74937b86b48f" }, { "control": "7a4074cc-5b40-486a-9a52-6b49be7f95e6", "match": "c1738677-3cae-4833-97b4-f2f3c04dd5e0" }, { "control": "7a4074cc-5b40-486a-9a52-6b49be7f95e6", "match": "3c492512-da9f-4112-a76a-3e5cb0400e6f" }, { "control": "7a4074cc-5b40-486a-9a52-6b49be7f95e6", "match": "3ceb9dfc-c9e2-4cb6-830d-8170d53d5b05" }, { "control": "7a4074cc-5b40-486a-9a52-6b49be7f95e6", "match": "3e6cdfcd-14f3-4b34-a6d4-62d677332806" }, { "control": "7a4074cc-5b40-486a-9a52-6b49be7f95e6", "match": "675a9b3f-8abe-4b6f-948e-b701c2a02a84" }, { "control": "7a4074cc-5b40-486a-9a52-6b49be7f95e6", "match": "53cbe570-60ce-4aba-9f32-f7cfce6fdc56" }, { "control": "7a4074cc-5b40-486a-9a52-6b49be7f95e6", "match": "11fe35fa-d904-4137-9961-307097961e0c" }, { "control": "7a4074cc-5b40-486a-9a52-6b49be7f95e6", "match": "96e2a11b-1b39-4903-be42-374102c930df" }, { "control": "29613b2e-8def-417e-85fa-31aa5ef5de3b", "match": "54db3434-c9cc-4a09-90a0-7e94aa29ae61" }, { "control": "29613b2e-8def-417e-85fa-31aa5ef5de3b", "match": "3ceb9dfc-c9e2-4cb6-830d-8170d53d5b05" }, { "control": "29613b2e-8def-417e-85fa-31aa5ef5de3b", "match": "293ebc1c-0452-41f8-ab14-101846241a47" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "ebf10522-0f57-4880-aa73-e28a206b7be4" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "468658d8-61b8-4757-8c28-d6017337ea91" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "9bc48f7a-6863-421d-96c5-7e7099ef2415" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "698ebcc9-cf38-49d4-9a7a-dce61bbff968" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "c1aa25a1-a0cf-483d-8b7d-44725cd3f6ed" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "99e77822-723b-4a08-8ee0-4c73ad494db7" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "b41dacdb-78d6-4744-bcae-5a46b95cfe04" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "74b14d2d-6320-4ac9-9b74-d93177dd4329" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "7fb408ab-f358-489d-be81-5b9395da78a7" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "bcc51690-d12c-41a8-bd76-6aae187a8afc" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "5b92c7ee-202b-4de8-983c-74937b86b48f" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "c1738677-3cae-4833-97b4-f2f3c04dd5e0" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "3c492512-da9f-4112-a76a-3e5cb0400e6f" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "3ceb9dfc-c9e2-4cb6-830d-8170d53d5b05" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "3e6cdfcd-14f3-4b34-a6d4-62d677332806" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "675a9b3f-8abe-4b6f-948e-b701c2a02a84" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "53cbe570-60ce-4aba-9f32-f7cfce6fdc56" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "11fe35fa-d904-4137-9961-307097961e0c" }, { "control": "4e2499c0-d23d-4977-9e9f-6323af31be24", "match": "96e2a11b-1b39-4903-be42-374102c930df" }, { "control": "d2e86e2d-5bec-42a2-b642-69995b6abcf0", "match": "54613df0-e745-4205-a828-827aca596814" }, { "control": "d2e86e2d-5bec-42a2-b642-69995b6abcf0", "match": "898d7024-6d3f-4d9a-868f-34ea1e451801" }, { "control": "d2e86e2d-5bec-42a2-b642-69995b6abcf0", "match": "ecefd9da-a07c-41c2-9397-017e878bdb67" }, { "control": "d2e86e2d-5bec-42a2-b642-69995b6abcf0", "match": "44b2a62a-6bc7-4474-b618-f1bc15e9798f" }, { "control": "d2e86e2d-5bec-42a2-b642-69995b6abcf0", "match": "ec1457b8-d116-45a4-8c61-5b8ddba8a2b9" }, { "control": "d2e86e2d-5bec-42a2-b642-69995b6abcf0", "match": "9a4b8ede-d722-44b8-a04f-ae78cbd266ab" }, { "control": "cc6aad46-1887-4da6-93e3-c707be07b9f5", "match": "1efbb7bc-a9df-41b0-af65-c8c7cc593246" }, { "control": "cc6aad46-1887-4da6-93e3-c707be07b9f5", "match": "5264169d-4e61-40b7-800e-1998f41af781" }, { "control": "cc6aad46-1887-4da6-93e3-c707be07b9f5", "match": "2080500f-047a-4695-841f-326310fd6a79" }, { "control": "cc6aad46-1887-4da6-93e3-c707be07b9f5", "match": "8a174f26-95ff-41dd-8042-039189065395" }, { "control": "cc6aad46-1887-4da6-93e3-c707be07b9f5", "match": "9e62441a-c6d5-4707-a835-6230dc5b0d53" }, { "control": "cc6aad46-1887-4da6-93e3-c707be07b9f5", "match": "d32c4960-9581-4717-9a02-690d61709153" }, { "control": "cc6aad46-1887-4da6-93e3-c707be07b9f5", "match": "cd6f1fb6-d9ee-40c8-bc00-8b485185cf15" }, { "control": "cc6aad46-1887-4da6-93e3-c707be07b9f5", "match": "83caa43e-7179-4477-8665-66d47d058417" }, { "control": "cc6aad46-1887-4da6-93e3-c707be07b9f5", "match": "d4546ede-ed2f-4bbc-a485-150bbdb4e9c2" }, { "control": "cc6aad46-1887-4da6-93e3-c707be07b9f5", "match": "3d9c8de5-f6f2-4a5d-8093-74849dc24a82" }, { "control": "0550c268-534a-4311-920d-84466e4865c4", "match": "3d9c8de5-f6f2-4a5d-8093-74849dc24a82" }, { "control": "0550c268-534a-4311-920d-84466e4865c4", "match": "e1219fd8-9db2-4297-99da-63be2b433aa8" }, { "control": "0550c268-534a-4311-920d-84466e4865c4", "match": "9dd48833-5045-4e37-aa9a-2b69ee11739d" }, { "control": "1bad7834-b740-48ff-8450-5792b55614db", "match": "8a174f26-95ff-41dd-8042-039189065395" }, { "control": "1bad7834-b740-48ff-8450-5792b55614db", "match": "3d9c8de5-f6f2-4a5d-8093-74849dc24a82" }, { "control": "1bad7834-b740-48ff-8450-5792b55614db", "match": "9a9f32cf-d951-4909-98fe-c6a936af3913" }, { "control": "1bad7834-b740-48ff-8450-5792b55614db", "match": "9dd48833-5045-4e37-aa9a-2b69ee11739d" }, { "control": "7c09a9bf-407c-4509-94c0-af8314fc3b86", "match": "e30e5bc6-c3f4-4714-9c0a-6aed3e4daa6d" }, { "control": "7c09a9bf-407c-4509-94c0-af8314fc3b86", "match": "8a174f26-95ff-41dd-8042-039189065395" }, { "control": "7c09a9bf-407c-4509-94c0-af8314fc3b86", "match": "a6a327ee-3850-4c6c-8828-03cbe4ac83df" }, { "control": "7c09a9bf-407c-4509-94c0-af8314fc3b86", "match": "44b2a62a-6bc7-4474-b618-f1bc15e9798f" }, { "control": "7c09a9bf-407c-4509-94c0-af8314fc3b86", "match": "9a4b8ede-d722-44b8-a04f-ae78cbd266ab" }, { "control": "6d0bfd47-88dc-484a-aed8-196eaa12c4db", "match": "e30e5bc6-c3f4-4714-9c0a-6aed3e4daa6d" }, { "control": "6d0bfd47-88dc-484a-aed8-196eaa12c4db", "match": "8a174f26-95ff-41dd-8042-039189065395" }, { "control": "6d0bfd47-88dc-484a-aed8-196eaa12c4db", "match": "9dd48833-5045-4e37-aa9a-2b69ee11739d" }, { "control": "98ce2a28-d424-4436-8c41-2ec0e8d563fa", "match": "08327040-541f-40b4-a1cc-815d9298afe0" }, { "control": "98ce2a28-d424-4436-8c41-2ec0e8d563fa", "match": "44b2a62a-6bc7-4474-b618-f1bc15e9798f" }, { "control": "e384f897-1b70-49a5-8491-24c035e1451f", "match": "44b2a62a-6bc7-4474-b618-f1bc15e9798f" }, { "control": "7a9f7d35-6714-4182-ae88-d9ff575224a6", "match": "44b2a62a-6bc7-4474-b618-f1bc15e9798f" }, { "control": "97331ab3-3365-4fb0-894c-578c460720fa", "match": "a6a327ee-3850-4c6c-8828-03cbe4ac83df" }, { "control": "97331ab3-3365-4fb0-894c-578c460720fa", "match": "2d2a7dc6-2770-4897-ac0b-492e7ddd24ed" }, { "control": "97331ab3-3365-4fb0-894c-578c460720fa", "match": "44b2a62a-6bc7-4474-b618-f1bc15e9798f" }, { "control": "97331ab3-3365-4fb0-894c-578c460720fa", "match": "9a4b8ede-d722-44b8-a04f-ae78cbd266ab" }, { "control": "03dee2e6-285f-44e4-acc5-2388f62584a5", "match": "64f93d70-568f-404a-a049-b7f37598ec66" }, { "control": "03dee2e6-285f-44e4-acc5-2388f62584a5", "match": "9df48cd7-7ec8-4ac6-9563-68087e9c49d6" }, { "control": "03dee2e6-285f-44e4-acc5-2388f62584a5", "match": "44b2a62a-6bc7-4474-b618-f1bc15e9798f" }, { "control": "b9d19a14-74ab-46ae-8456-189d1a180dbf", "match": "e30e5bc6-c3f4-4714-9c0a-6aed3e4daa6d" }, { "control": "b9d19a14-74ab-46ae-8456-189d1a180dbf", "match": "8a174f26-95ff-41dd-8042-039189065395" }, { "control": "b9d19a14-74ab-46ae-8456-189d1a180dbf", "match": "9df48cd7-7ec8-4ac6-9563-68087e9c49d6" }, { "control": "b9d19a14-74ab-46ae-8456-189d1a180dbf", "match": "a6a327ee-3850-4c6c-8828-03cbe4ac83df" }, { "control": "b9d19a14-74ab-46ae-8456-189d1a180dbf", "match": "650ec6f8-fbad-4fe7-a0db-62d3861a5372" }, { "control": "b9d19a14-74ab-46ae-8456-189d1a180dbf", "match": "44b2a62a-6bc7-4474-b618-f1bc15e9798f" }, { "control": "1e5aa8d3-b1e9-43e0-9e7e-54bdadac89ea", "match": "64f93d70-568f-404a-a049-b7f37598ec66" }, { "control": "1e5aa8d3-b1e9-43e0-9e7e-54bdadac89ea", "match": "cd6f1fb6-d9ee-40c8-bc00-8b485185cf15" }, { "control": "1e5aa8d3-b1e9-43e0-9e7e-54bdadac89ea", "match": "9df48cd7-7ec8-4ac6-9563-68087e9c49d6" }, { "control": "1e5aa8d3-b1e9-43e0-9e7e-54bdadac89ea", "match": "44b2a62a-6bc7-4474-b618-f1bc15e9798f" }, { "control": "f6d606f5-9a22-4a53-87c1-ebe36f4fe939", "match": "8b250e6b-4463-4d55-9241-c99db31a838c" }, { "control": "f6d606f5-9a22-4a53-87c1-ebe36f4fe939", "match": "cb39be02-c637-4984-ad59-ad1b5afd7609" }, { "control": "f6d606f5-9a22-4a53-87c1-ebe36f4fe939", "match": "67e16eb6-14cb-41a4-aea0-8f0dc7ed1023" }, { "control": "f6d606f5-9a22-4a53-87c1-ebe36f4fe939", "match": "e499f145-1fad-49e2-9403-f50a2a9801e8" }, { "control": "f6d606f5-9a22-4a53-87c1-ebe36f4fe939", "match": "54db3434-c9cc-4a09-90a0-7e94aa29ae61" }, { "control": "f6d606f5-9a22-4a53-87c1-ebe36f4fe939", "match": "64f93d70-568f-404a-a049-b7f37598ec66" }, { "control": "f6d606f5-9a22-4a53-87c1-ebe36f4fe939", "match": "9df48cd7-7ec8-4ac6-9563-68087e9c49d6" }, { "control": "aa988775-7261-412e-bbee-bfd90db78a59", "match": "4f08538a-9f7d-422f-aaae-0949bf39c028" }, { "control": "aa988775-7261-412e-bbee-bfd90db78a59", "match": "4c98569b-ec41-4758-b8a3-5bd75b56d38b" }, { "control": "aa988775-7261-412e-bbee-bfd90db78a59", "match": "e8449cab-54ae-4bd4-8b6e-de2820e8ec4b" }, { "control": "aa988775-7261-412e-bbee-bfd90db78a59", "match": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67" }, { "control": "aa988775-7261-412e-bbee-bfd90db78a59", "match": "69e93c59-0239-4bc8-8d5f-d2c65c706f46" }, { "control": "aa988775-7261-412e-bbee-bfd90db78a59", "match": "c2260bd5-161f-4fb9-8496-0de50c2c3440" }, { "control": "aa988775-7261-412e-bbee-bfd90db78a59", "match": "e1211579-cdf4-4357-ba8a-3a5c46401837" }, { "control": "a6b301ed-e0c1-467d-8e42-e2796c64b785", "match": "ebf10522-0f57-4880-aa73-e28a206b7be4" }, { "control": "a6b301ed-e0c1-467d-8e42-e2796c64b785", "match": "8245e3a6-09ee-488a-880f-8d1b811b2091" }, { "control": "a6b301ed-e0c1-467d-8e42-e2796c64b785", "match": "99e77822-723b-4a08-8ee0-4c73ad494db7" }, { "control": "a6b301ed-e0c1-467d-8e42-e2796c64b785", "match": "b82eba2f-bbf7-4390-aa9e-e35ccae691ba" }, { "control": "a6b301ed-e0c1-467d-8e42-e2796c64b785", "match": "e37e0d76-3ea8-49e4-b65b-a5e2645a902a" }, { "control": "a6b301ed-e0c1-467d-8e42-e2796c64b785", "match": "23ab9d48-396c-4f20-9344-e6a6bd2439a2" }, { "control": "a6b301ed-e0c1-467d-8e42-e2796c64b785", "match": "d0c5fc8d-1e95-4e70-bdfd-f31d368af8f0" }, { "control": "a6b301ed-e0c1-467d-8e42-e2796c64b785", "match": "1bf6a2b8-b728-49a2-953f-0a965d966db1" }, { "control": "a6b301ed-e0c1-467d-8e42-e2796c64b785", "match": "7c68c0c2-fea5-44d1-8580-5170edd92e22" }, { "control": "a6b301ed-e0c1-467d-8e42-e2796c64b785", "match": "df6812ce-357b-44ae-8979-a663a85fa687" }, { "control": "a6b301ed-e0c1-467d-8e42-e2796c64b785", "match": "17a82de8-0490-4100-a4fb-2ad9af49d594" }, { "control": "a6b301ed-e0c1-467d-8e42-e2796c64b785", "match": "f0b81b68-372d-4ced-9c6b-7d8ae3da799c" }, { "control": "a6b301ed-e0c1-467d-8e42-e2796c64b785", "match": "625e343d-7aa1-46e1-939b-50f5b8f5f5b4" }, { "control": "382fe4f1-9f05-4169-a343-2c961a8cf359", "match": "e3d43ffd-1286-42c0-98fa-0e2e75d233e7" }, { "control": "382fe4f1-9f05-4169-a343-2c961a8cf359", "match": "06679cfa-1bfd-436a-b99d-698fb275dfdb" }, { "control": "382fe4f1-9f05-4169-a343-2c961a8cf359", "match": "f1dc5cba-17a8-4bee-aad0-d6b0ca84124d" }, { "control": "382fe4f1-9f05-4169-a343-2c961a8cf359", "match": "e8ed7158-ffc1-44a4-8673-80286ad97b36" }, { "control": "382fe4f1-9f05-4169-a343-2c961a8cf359", "match": "e48c2a77-93da-4afb-bde7-7bd957196286" }, { "control": "382fe4f1-9f05-4169-a343-2c961a8cf359", "match": "b3ee40ae-b296-4e88-9033-cb669e98f11c" }, { "control": "7ec8092e-3e41-43e0-a8b2-c42b980dd29b", "match": "ebf10522-0f57-4880-aa73-e28a206b7be4" }, { "control": "7ec8092e-3e41-43e0-a8b2-c42b980dd29b", "match": "1b2e1483-0a0e-4c84-ad44-42db07d6172f" }, { "control": "7ec8092e-3e41-43e0-a8b2-c42b980dd29b", "match": "250001c2-f02d-496c-917e-70034724bfd6" }, { "control": "7ec8092e-3e41-43e0-a8b2-c42b980dd29b", "match": "fc9d8985-7dea-4b78-b977-7c5ac82e15f2" }, { "control": "7ec8092e-3e41-43e0-a8b2-c42b980dd29b", "match": "d44c41d6-5fa9-4fac-9751-a8236a103c35" }, { "control": "8feec5e9-c2b2-465b-8fa3-8b65b6a09fcb", "match": "ebf10522-0f57-4880-aa73-e28a206b7be4" }, { "control": "8feec5e9-c2b2-465b-8fa3-8b65b6a09fcb", "match": "8245e3a6-09ee-488a-880f-8d1b811b2091" }, { "control": "8feec5e9-c2b2-465b-8fa3-8b65b6a09fcb", "match": "f3cc0b06-2294-49fe-aca4-3eb929cc87eb" }, { "control": "8feec5e9-c2b2-465b-8fa3-8b65b6a09fcb", "match": "35f0172f-4770-4f69-9aa7-8b48a880c85a" }, { "control": "8feec5e9-c2b2-465b-8fa3-8b65b6a09fcb", "match": "cea02331-b15a-42bb-ae5c-826afb449240" }, { "control": "8feec5e9-c2b2-465b-8fa3-8b65b6a09fcb", "match": "90b4a207-023d-4ac4-a1dd-c5ca32453de2" }, { "control": "8feec5e9-c2b2-465b-8fa3-8b65b6a09fcb", "match": "33d42330-bde6-4964-82c9-fd2eaa07792d" }, { "control": "8feec5e9-c2b2-465b-8fa3-8b65b6a09fcb", "match": "5493d4a2-bae6-4bdf-ba84-79bbae4fb53b" }, { "control": "800fc6f9-e574-4152-89e6-30bae7da4adc", "match": "e2323e31-d4c5-4f58-8de3-529d41c7fde6" }, { "control": "800fc6f9-e574-4152-89e6-30bae7da4adc", "match": "2feed753-8333-46b9-b4a0-ffd78e6d5f96" }, { "control": "800fc6f9-e574-4152-89e6-30bae7da4adc", "match": "a6586afd-bc0f-4334-88da-615989665368" }, { "control": "d44d0823-1523-457a-b028-6ea0da3adb34", "match": "ebf10522-0f57-4880-aa73-e28a206b7be4" }, { "control": "d44d0823-1523-457a-b028-6ea0da3adb34", "match": "8245e3a6-09ee-488a-880f-8d1b811b2091" }, { "control": "d44d0823-1523-457a-b028-6ea0da3adb34", "match": "f3cc0b06-2294-49fe-aca4-3eb929cc87eb" }, { "control": "d44d0823-1523-457a-b028-6ea0da3adb34", "match": "33d42330-bde6-4964-82c9-fd2eaa07792d" }, { "control": "d44d0823-1523-457a-b028-6ea0da3adb34", "match": "250001c2-f02d-496c-917e-70034724bfd6" }, { "control": "d44d0823-1523-457a-b028-6ea0da3adb34", "match": "5493d4a2-bae6-4bdf-ba84-79bbae4fb53b" }, { "control": "d44d0823-1523-457a-b028-6ea0da3adb34", "match": "99e77822-723b-4a08-8ee0-4c73ad494db7" }, { "control": "d44d0823-1523-457a-b028-6ea0da3adb34", "match": "b82eba2f-bbf7-4390-aa9e-e35ccae691ba" }, { "control": "d44d0823-1523-457a-b028-6ea0da3adb34", "match": "23ab9d48-396c-4f20-9344-e6a6bd2439a2" }, { "control": "d44d0823-1523-457a-b028-6ea0da3adb34", "match": "d0c5fc8d-1e95-4e70-bdfd-f31d368af8f0" }, { "control": "d44d0823-1523-457a-b028-6ea0da3adb34", "match": "df6812ce-357b-44ae-8979-a663a85fa687" }, { "control": "d44d0823-1523-457a-b028-6ea0da3adb34", "match": "e3d43ffd-1286-42c0-98fa-0e2e75d233e7" }, { "control": "d44d0823-1523-457a-b028-6ea0da3adb34", "match": "22faa4a0-2027-4150-8176-c77e84e3f03d" }, { "control": "14aab29b-4760-4f32-ad21-06367a8ea05e", "match": "f8e45f26-413c-4c61-be2c-216ec688ecb1" }, { "control": "14aab29b-4760-4f32-ad21-06367a8ea05e", "match": "2006d82c-a148-470f-ad3d-339980bb69b9" }, { "control": "14aab29b-4760-4f32-ad21-06367a8ea05e", "match": "a06fe04e-e834-42c9-8b4f-d998eb493136" }, { "control": "14aab29b-4760-4f32-ad21-06367a8ea05e", "match": "48e9827d-60b5-4637-89fa-45dfb4231ff7" }, { "control": "14aab29b-4760-4f32-ad21-06367a8ea05e", "match": "db302cfa-325b-4d4d-a6b3-f85618ca4eb6" }, { "control": "14aab29b-4760-4f32-ad21-06367a8ea05e", "match": "90b4a207-023d-4ac4-a1dd-c5ca32453de2" }, { "control": "14aab29b-4760-4f32-ad21-06367a8ea05e", "match": "99e77822-723b-4a08-8ee0-4c73ad494db7" }, { "control": "14aab29b-4760-4f32-ad21-06367a8ea05e", "match": "b82eba2f-bbf7-4390-aa9e-e35ccae691ba" }, { "control": "14aab29b-4760-4f32-ad21-06367a8ea05e", "match": "e37e0d76-3ea8-49e4-b65b-a5e2645a902a" }, { "control": "14aab29b-4760-4f32-ad21-06367a8ea05e", "match": "23ab9d48-396c-4f20-9344-e6a6bd2439a2" }, { "control": "14aab29b-4760-4f32-ad21-06367a8ea05e", "match": "d0c5fc8d-1e95-4e70-bdfd-f31d368af8f0" }, { "control": "14aab29b-4760-4f32-ad21-06367a8ea05e", "match": "df6812ce-357b-44ae-8979-a663a85fa687" }, { "control": "14aab29b-4760-4f32-ad21-06367a8ea05e", "match": "17a82de8-0490-4100-a4fb-2ad9af49d594" }, { "control": "14aab29b-4760-4f32-ad21-06367a8ea05e", "match": "f0b81b68-372d-4ced-9c6b-7d8ae3da799c" }, { "control": "14aab29b-4760-4f32-ad21-06367a8ea05e", "match": "625e343d-7aa1-46e1-939b-50f5b8f5f5b4" }, { "control": "01d259f0-ece0-4f7c-91bf-d09844c576cc", "match": "3f956648-f1a8-4c8f-9e4b-11e4da8afc6a" }, { "control": "01d259f0-ece0-4f7c-91bf-d09844c576cc", "match": "b395f91d-24a4-4720-8534-3b491bb41002" }, { "control": "6386d5df-56f8-46ad-b181-e870491004a5", "match": "64694da5-0ca9-44f6-bd94-0dc1fa8f69ea" }, { "control": "6386d5df-56f8-46ad-b181-e870491004a5", "match": "b395f91d-24a4-4720-8534-3b491bb41002" }, { "control": "4879e4fb-cd0e-4968-8dd2-4b6dbe977cdc", "match": "54db3434-c9cc-4a09-90a0-7e94aa29ae61" }, { "control": "4879e4fb-cd0e-4968-8dd2-4b6dbe977cdc", "match": "64f93d70-568f-404a-a049-b7f37598ec66" }, { "control": "4879e4fb-cd0e-4968-8dd2-4b6dbe977cdc", "match": "6c3aaa6d-9e7c-4dd3-b753-ba11c11ae5a6" }, { "control": "987e9304-80fd-4470-b8b4-213f41a0a957", "match": "64694da5-0ca9-44f6-bd94-0dc1fa8f69ea" }, { "control": "987e9304-80fd-4470-b8b4-213f41a0a957", "match": "b395f91d-24a4-4720-8534-3b491bb41002" }, { "control": "92a81683-1877-48d3-9d5a-c7c0ddd9852b", "match": "64694da5-0ca9-44f6-bd94-0dc1fa8f69ea" }, { "control": "92a81683-1877-48d3-9d5a-c7c0ddd9852b", "match": "1476a1d4-f1f5-42ae-93a6-1227a89cb3e3" }, { "control": "92a81683-1877-48d3-9d5a-c7c0ddd9852b", "match": "b395f91d-24a4-4720-8534-3b491bb41002" }, { "control": "d798a390-f23a-4bbc-abe5-588ab58811c6", "match": "b6ed1637-26e3-4278-9552-89601f278d8c" }, { "control": "d798a390-f23a-4bbc-abe5-588ab58811c6", "match": "6726eb21-52f9-4922-a1d6-50c098ddba74" }, { "control": "d798a390-f23a-4bbc-abe5-588ab58811c6", "match": "a35f7748-5868-46cd-9dea-b4e87fde8311" }, { "control": "38022045-6812-4623-8409-7a9d6b3f7ce8", "match": "583129dc-d3e3-49c3-8ee9-3fbf18e020de" }, { "control": "38022045-6812-4623-8409-7a9d6b3f7ce8", "match": "282a9038-ea94-420f-bbaf-fe4abc7addce" }, { "control": "38022045-6812-4623-8409-7a9d6b3f7ce8", "match": "6726eb21-52f9-4922-a1d6-50c098ddba74" }, { "control": "acfea27c-c6d5-421a-9ae4-2db82610cc41", "match": "36ae972c-4543-4548-8946-47cb651ed0ef" }, { "control": "acfea27c-c6d5-421a-9ae4-2db82610cc41", "match": "b0779c7f-7db2-4af2-ab93-5c000a889408" }, { "control": "acfea27c-c6d5-421a-9ae4-2db82610cc41", "match": "de6195c6-1fc1-423a-a748-785653c9324f" }, { "control": "e4380999-3c82-4b85-86cd-86f1f37f97ab", "match": "6145995f-74e1-4479-ba93-c1cdd9e34f8c" }, { "control": "e4380999-3c82-4b85-86cd-86f1f37f97ab", "match": "4f08538a-9f7d-422f-aaae-0949bf39c028" }, { "control": "e4380999-3c82-4b85-86cd-86f1f37f97ab", "match": "f929ec71-03e0-40a2-92eb-4078894a18a2" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "e2323e31-d4c5-4f58-8de3-529d41c7fde6" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "35f0172f-4770-4f69-9aa7-8b48a880c85a" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "cea02331-b15a-42bb-ae5c-826afb449240" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "244cbc08-55d5-46ea-ba28-aec72f16b337" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "22faa4a0-2027-4150-8176-c77e84e3f03d" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "012149b7-7c59-4220-83bf-d6879a886f20" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "a6586afd-bc0f-4334-88da-615989665368" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "583129dc-d3e3-49c3-8ee9-3fbf18e020de" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "edd532b7-577e-441b-820c-3b73fbd11c79" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "716c6729-ab0f-4334-a9e6-278dea6a702b" }, { "control": "e760c443-e572-43cb-bf5b-8aeb3b42ef65", "match": "d4546ede-ed2f-4bbc-a485-150bbdb4e9c2" }, { "control": "e5b116b5-b806-4863-92ba-d8c2f477813b", "match": "35964415-2e6b-4a69-b04b-5e0208872f56" }, { "control": "e5b116b5-b806-4863-92ba-d8c2f477813b", "match": "b4f2c588-db91-4ad4-8122-9d3805a8a54a" }, { "control": "6604ef4c-a1d7-43d2-90e4-d2b8d97d880f", "match": "3b076d55-a168-4e4e-ba44-cac820929399" }, { "control": "892d5462-ee77-4379-ab88-a78f3eff45c1", "match": "769c7460-a4d0-45f3-a36e-4b8347526278" }, { "control": "892d5462-ee77-4379-ab88-a78f3eff45c1", "match": "b4f2c588-db91-4ad4-8122-9d3805a8a54a" }, { "control": "30a7a092-3e00-4d33-aec2-66d019c2ff03", "match": "3b076d55-a168-4e4e-ba44-cac820929399" }, { "control": "30a7a092-3e00-4d33-aec2-66d019c2ff03", "match": "27086d2c-4ed0-4163-89c3-d280559102ea" }, { "control": "30a7a092-3e00-4d33-aec2-66d019c2ff03", "match": "4d738f6e-3999-4a07-97f8-552ef2df77f3" }, { "control": "30a7a092-3e00-4d33-aec2-66d019c2ff03", "match": "dce2b6b6-33dd-45b1-9006-e09493aa95e3" }, { "control": "30a7a092-3e00-4d33-aec2-66d019c2ff03", "match": "dfeeec44-4cd4-49f8-8a41-2c03f786f818" }, { "control": "30a7a092-3e00-4d33-aec2-66d019c2ff03", "match": "d0557646-d1eb-4d79-8670-b1cdaf1072be" }, { "control": "30a7a092-3e00-4d33-aec2-66d019c2ff03", "match": "b53a00fb-054c-4f9e-8aff-69ad91c1dcb8" }, { "control": "30a7a092-3e00-4d33-aec2-66d019c2ff03", "match": "769c7460-a4d0-45f3-a36e-4b8347526278" }, { "control": "7cd438b8-038b-4f1f-a431-a1a1a83e009c", "match": "3bffd1eb-e6a7-47ad-927a-0d679048ed5a" }, { "control": "7cd438b8-038b-4f1f-a431-a1a1a83e009c", "match": "d6871e86-4df5-4d80-8529-3ec214940b69" }, { "control": "7cd438b8-038b-4f1f-a431-a1a1a83e009c", "match": "729aa83b-a59b-48a0-b0a0-c592402dcae7" }, { "control": "7cd438b8-038b-4f1f-a431-a1a1a83e009c", "match": "6fd6cc79-208a-4f2c-8a05-9adae75fd255" }, { "control": "7cd438b8-038b-4f1f-a431-a1a1a83e009c", "match": "769c7460-a4d0-45f3-a36e-4b8347526278" }, { "control": "7cd438b8-038b-4f1f-a431-a1a1a83e009c", "match": "cd6f1fb6-d9ee-40c8-bc00-8b485185cf15" }, { "control": "7cd438b8-038b-4f1f-a431-a1a1a83e009c", "match": "9df48cd7-7ec8-4ac6-9563-68087e9c49d6" }, { "control": "7cd438b8-038b-4f1f-a431-a1a1a83e009c", "match": "650ec6f8-fbad-4fe7-a0db-62d3861a5372" }, { "control": "7cd438b8-038b-4f1f-a431-a1a1a83e009c", "match": "95f027c8-c84f-474f-bd23-872f96e00dc9" }, { "control": "7cd438b8-038b-4f1f-a431-a1a1a83e009c", "match": "2fd75399-324e-40ed-9a82-80089816f398" }, { "control": "7cd438b8-038b-4f1f-a431-a1a1a83e009c", "match": "1f5c3fc5-4d27-4018-9f49-ca7edc61d5b4" }, { "control": "7cd438b8-038b-4f1f-a431-a1a1a83e009c", "match": "fc3d8c4c-8ced-4f4a-8ad0-a1ae01b35a21" }, { "control": "7cd438b8-038b-4f1f-a431-a1a1a83e009c", "match": "9e1e9b36-aa61-4d54-a07c-2c74c341282c" }, { "control": "7cd438b8-038b-4f1f-a431-a1a1a83e009c", "match": "f2787cae-deb0-4090-9ed7-866b15d96df2" }, { "control": "6f6442e8-952b-4a13-9e97-7c233a7b2a1c", "match": "27086d2c-4ed0-4163-89c3-d280559102ea" }, { "control": "6f6442e8-952b-4a13-9e97-7c233a7b2a1c", "match": "4d738f6e-3999-4a07-97f8-552ef2df77f3" }, { "control": "6f6442e8-952b-4a13-9e97-7c233a7b2a1c", "match": "769c7460-a4d0-45f3-a36e-4b8347526278" }, { "control": "2e411d93-1836-4dbc-baf1-a747d2a9915a", "match": "4c98569b-ec41-4758-b8a3-5bd75b56d38b" }, { "control": "2e411d93-1836-4dbc-baf1-a747d2a9915a", "match": "60a84903-025a-40c5-9cf6-dad960e55cf1" }, { "control": "2e411d93-1836-4dbc-baf1-a747d2a9915a", "match": "5cdd85f2-15b0-4c61-b3d4-66f4ba9114c8" }, { "control": "f01b50b8-0e54-4f8f-afee-0ec56f788a42", "match": "990ee3a7-3044-4c8f-8387-946a7a9aba76" }, { "control": "f01b50b8-0e54-4f8f-afee-0ec56f788a42", "match": "5cf67afa-7a43-4dd4-b1db-dd28862a689c" }, { "control": "f01b50b8-0e54-4f8f-afee-0ec56f788a42", "match": "51e4fd6c-0aa8-4604-b13d-bf74c9706922" }, { "control": "f01b50b8-0e54-4f8f-afee-0ec56f788a42", "match": "9dda0a30-be3d-4752-867d-bf9570971c52" }, { "control": "f01b50b8-0e54-4f8f-afee-0ec56f788a42", "match": "6448f036-bdb2-4f21-8e30-0acf8073215d" }, { "control": "f01b50b8-0e54-4f8f-afee-0ec56f788a42", "match": "53ae3aa9-d88e-4f55-a040-375cfe348c48" }, { "control": "0fd12bc3-c80d-4baa-bc1b-a7fbfb152f86", "match": "b0779c7f-7db2-4af2-ab93-5c000a889408" }, { "control": "bb1c6655-a3fc-4d43-8e1b-50f5e418c1aa", "match": "1efbb7bc-a9df-41b0-af65-c8c7cc593246" }, { "control": "bb1c6655-a3fc-4d43-8e1b-50f5e418c1aa", "match": "5264169d-4e61-40b7-800e-1998f41af781" }, { "control": "bb1c6655-a3fc-4d43-8e1b-50f5e418c1aa", "match": "4f08538a-9f7d-422f-aaae-0949bf39c028" }, { "control": "bb1c6655-a3fc-4d43-8e1b-50f5e418c1aa", "match": "c2260bd5-161f-4fb9-8496-0de50c2c3440" }, { "control": "bb1c6655-a3fc-4d43-8e1b-50f5e418c1aa", "match": "8047a1c6-e890-4817-982d-04fcdc2820a2" }, { "control": "bb1c6655-a3fc-4d43-8e1b-50f5e418c1aa", "match": "d5a60a37-684d-4b4b-b8a2-7d03814ff70d" }, { "control": "ac4be007-d8cb-4da5-9a84-118c2841a6f5", "match": "5d4dc43c-9c46-4fc5-969b-02a1421acf42" }, { "control": "ac4be007-d8cb-4da5-9a84-118c2841a6f5", "match": "5264169d-4e61-40b7-800e-1998f41af781" }, { "control": "ac4be007-d8cb-4da5-9a84-118c2841a6f5", "match": "d4546ede-ed2f-4bbc-a485-150bbdb4e9c2" }, { "control": "4fe097cd-e0c0-4698-a209-43ffb553a279", "match": "4f08538a-9f7d-422f-aaae-0949bf39c028" }, { "control": "4fe097cd-e0c0-4698-a209-43ffb553a279", "match": "1dfd046a-a422-4089-9fda-c141e865042a" }, { "control": "4fe097cd-e0c0-4698-a209-43ffb553a279", "match": "b827b7db-76ee-4fda-b193-3004feef59e0" }, { "control": "4fe097cd-e0c0-4698-a209-43ffb553a279", "match": "5278ff6f-473b-4a2c-8234-1a6a3198c701" }, { "control": "4fe097cd-e0c0-4698-a209-43ffb553a279", "match": "54802539-1d62-43c3-8f7e-8c7e03087812" }, { "control": "4fe097cd-e0c0-4698-a209-43ffb553a279", "match": "c2260bd5-161f-4fb9-8496-0de50c2c3440" }, { "control": "4fe097cd-e0c0-4698-a209-43ffb553a279", "match": "e1211579-cdf4-4357-ba8a-3a5c46401837" }, { "control": "4fe097cd-e0c0-4698-a209-43ffb553a279", "match": "aead24db-a196-4daf-a099-60b1d1991d70" }, { "control": "e4f85702-5874-4361-beec-45d00b379c5b", "match": "4c98569b-ec41-4758-b8a3-5bd75b56d38b" }, { "control": "e4f85702-5874-4361-beec-45d00b379c5b", "match": "e8449cab-54ae-4bd4-8b6e-de2820e8ec4b" }, { "control": "e4f85702-5874-4361-beec-45d00b379c5b", "match": "8ff7acc4-c71b-4e1d-89f3-0c7db4a5055f" }, { "control": "4279b240-b560-4632-a557-9af1322930fd", "match": "3e6cdfcd-14f3-4b34-a6d4-62d677332806" }, { "control": "4279b240-b560-4632-a557-9af1322930fd", "match": "fd87a967-2217-418d-8378-b0773b7ca356" }, { "control": "4279b240-b560-4632-a557-9af1322930fd", "match": "22faa4a0-2027-4150-8176-c77e84e3f03d" }, { "control": "4279b240-b560-4632-a557-9af1322930fd", "match": "4d28a85e-20d2-4186-995e-de48a90eebb4" }, { "control": "4279b240-b560-4632-a557-9af1322930fd", "match": "db5781c8-b759-47de-9862-27b2d3c2b568" }, { "control": "4279b240-b560-4632-a557-9af1322930fd", "match": "012149b7-7c59-4220-83bf-d6879a886f20" }, { "control": "4279b240-b560-4632-a557-9af1322930fd", "match": "54db3434-c9cc-4a09-90a0-7e94aa29ae61" }, { "control": "4279b240-b560-4632-a557-9af1322930fd", "match": "4b7824ea-dc4e-4938-9ebd-36b865f88585" }, { "control": "4279b240-b560-4632-a557-9af1322930fd", "match": "7277cac1-5813-4356-b108-72fe5263f8c3" }, { "control": "48d2b0ff-ebc0-445b-8f20-3ae47d43242c", "match": "8a174f26-95ff-41dd-8042-039189065395" }, { "control": "48d2b0ff-ebc0-445b-8f20-3ae47d43242c", "match": "9e62441a-c6d5-4707-a835-6230dc5b0d53" }, { "control": "48d2b0ff-ebc0-445b-8f20-3ae47d43242c", "match": "83caa43e-7179-4477-8665-66d47d058417" }, { "control": "6da92eea-2f74-458f-a643-361df7ea9f2f", "match": "9d4a3657-457f-4223-adfe-d0b2df91ffc3" }, { "control": "6da92eea-2f74-458f-a643-361df7ea9f2f", "match": "508b0a74-cd81-4a65-b2c1-bb4c193adc53" }, { "control": "6da92eea-2f74-458f-a643-361df7ea9f2f", "match": "be8d5a19-945d-4b26-9499-790193e65b06" }, { "control": "6da92eea-2f74-458f-a643-361df7ea9f2f", "match": "9368a916-1fac-4dd2-b621-751ef4483a72" }, { "control": "831f20de-eadb-44a7-82f3-fcb116d8cb69", "match": "a8768b25-29ff-4b0a-a61e-89a2dacb2ff8" }, { "control": "3dcdd5d1-48e8-4b66-8567-65e0f0c8be4a", "match": "0de44076-cd30-439a-9375-c7c6692da6b2" }, { "control": "3dcdd5d1-48e8-4b66-8567-65e0f0c8be4a", "match": "8b250e6b-4463-4d55-9241-c99db31a838c" }, { "control": "3dcdd5d1-48e8-4b66-8567-65e0f0c8be4a", "match": "aefeafa5-2f92-4a78-a149-6b00f8a0f9f1" }, { "control": "3dcdd5d1-48e8-4b66-8567-65e0f0c8be4a", "match": "6145995f-74e1-4479-ba93-c1cdd9e34f8c" }, { "control": "3dcdd5d1-48e8-4b66-8567-65e0f0c8be4a", "match": "bcc90c0a-8c92-4e75-ba67-a9dd2a64ca9d" }, { "control": "3dcdd5d1-48e8-4b66-8567-65e0f0c8be4a", "match": "cb39be02-c637-4984-ad59-ad1b5afd7609" }, { "control": "3dcdd5d1-48e8-4b66-8567-65e0f0c8be4a", "match": "8314aca6-82c0-4955-a6d3-78f41146ef15" }, { "control": "3dcdd5d1-48e8-4b66-8567-65e0f0c8be4a", "match": "b9383590-e160-4840-b6e7-9476aeb6b8c0" }, { "control": "3dcdd5d1-48e8-4b66-8567-65e0f0c8be4a", "match": "aff838cd-5392-4620-be39-87c4ae7b6d33" }, { "control": "3dcdd5d1-48e8-4b66-8567-65e0f0c8be4a", "match": "52e68421-ebcf-453f-8e42-48813d47dcf6" }, { "control": "3dcdd5d1-48e8-4b66-8567-65e0f0c8be4a", "match": "30ccd853-e570-4c61-98d0-4837692d0654" }, { "control": "3dcdd5d1-48e8-4b66-8567-65e0f0c8be4a", "match": "67e16eb6-14cb-41a4-aea0-8f0dc7ed1023" }, { "control": "3dcdd5d1-48e8-4b66-8567-65e0f0c8be4a", "match": "ca6dc3b4-45ad-4a17-84c2-06fe7de2936e" }, { "control": "3dcdd5d1-48e8-4b66-8567-65e0f0c8be4a", "match": "d447bf80-7c6e-4e16-9f69-a15ed7eafd92" }, { "control": "3dcdd5d1-48e8-4b66-8567-65e0f0c8be4a", "match": "43d6e18f-7d4e-43f5-af7f-ea6d07d37299" }, { "control": "3dcdd5d1-48e8-4b66-8567-65e0f0c8be4a", "match": "e499f145-1fad-49e2-9403-f50a2a9801e8" }, { "control": "0f278ef8-3a97-4e0e-bc30-66d530bdea47", "match": "14555491-0f15-428b-9ecd-836c6307675c" }, { "control": "0f278ef8-3a97-4e0e-bc30-66d530bdea47", "match": "70ccf1af-4cad-443a-9dcd-9b49c4b6aec8" }, { "control": "0f278ef8-3a97-4e0e-bc30-66d530bdea47", "match": "50272033-eb78-4309-84e0-303320d75b87" }, { "control": "0f278ef8-3a97-4e0e-bc30-66d530bdea47", "match": "025d84e9-5612-404e-acf4-5d860c01a73c" }, { "control": "0f278ef8-3a97-4e0e-bc30-66d530bdea47", "match": "cc087e48-874b-4953-adcc-96fac3f19306" }, { "control": "0f278ef8-3a97-4e0e-bc30-66d530bdea47", "match": "b6ed1637-26e3-4278-9552-89601f278d8c" }, { "control": "02cc6244-c9d8-4db1-aeb3-a05933207c9d", "match": "f3cc0b06-2294-49fe-aca4-3eb929cc87eb" }, { "control": "02cc6244-c9d8-4db1-aeb3-a05933207c9d", "match": "d0557646-d1eb-4d79-8670-b1cdaf1072be" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "e2323e31-d4c5-4f58-8de3-529d41c7fde6" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "1b2e1483-0a0e-4c84-ad44-42db07d6172f" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "5dad70d6-04e6-4ad0-9c32-c565e40329ad" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "01096bf7-a45e-40d9-851e-72a6b8d7344a" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "a6586afd-bc0f-4334-88da-615989665368" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "a33021fe-acc7-43cb-9556-8d0ccfe41cf1" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "4797690e-c2e2-4106-878e-14d789fe1b06" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "6938d14b-381c-4077-9505-7c33c62b6e34" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "ac363e88-daae-4198-aa53-f704e103ef02" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "d80f59b0-9c5f-4ca8-b18f-9e07f791e66e" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "a3829b6b-d219-4f77-9da6-528349ddd6e4" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "6eadc9b8-2337-4847-ace5-f68686199ee7" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "d9e23dad-dcf3-4def-86e9-5af6a6d631ce" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "41ba0004-50a7-44bb-9ca4-5f84ce06e4c0" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "f3a16482-f15d-49ea-b206-b3f7400513fd" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "108a06d5-4b5d-4728-9823-d106445d8880" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "cb78c641-26f3-4a31-bcec-ab7ffdeafef2" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "be303727-2dc9-4e23-a026-282fa8012ed6" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "714ae5c2-00a0-4163-b949-699dfd3ab8a0" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "f98811b7-6972-4372-96b0-4f13bb8d49d6" }, { "control": "6b2a7cc7-c35a-4020-92d8-5935e1229676", "match": "b5a7b5c7-6c5b-4014-b30c-6fe8325b564c" }, { "control": "3e3e542a-67b2-4a77-b09b-9dc9b977cd8e", "match": "1dfd046a-a422-4089-9fda-c141e865042a" }, { "control": "3e3e542a-67b2-4a77-b09b-9dc9b977cd8e", "match": "01096bf7-a45e-40d9-851e-72a6b8d7344a" }, { "control": "3e3e542a-67b2-4a77-b09b-9dc9b977cd8e", "match": "b705c1c5-aee2-4cb0-9f55-f045fc627f34" }, { "control": "3e3e542a-67b2-4a77-b09b-9dc9b977cd8e", "match": "5278ff6f-473b-4a2c-8234-1a6a3198c701" }, { "control": "3e3e542a-67b2-4a77-b09b-9dc9b977cd8e", "match": "3bffd1eb-e6a7-47ad-927a-0d679048ed5a" }, { "control": "3e3e542a-67b2-4a77-b09b-9dc9b977cd8e", "match": "a6a327ee-3850-4c6c-8828-03cbe4ac83df" }, { "control": "3e3e542a-67b2-4a77-b09b-9dc9b977cd8e", "match": "76c33e82-04e2-4ee5-88c6-40939d8349a7" }, { "control": "24ac8920-3747-45bb-b9d1-1ca0d1d84d3f", "match": "e2323e31-d4c5-4f58-8de3-529d41c7fde6" }, { "control": "24ac8920-3747-45bb-b9d1-1ca0d1d84d3f", "match": "6c55f12d-0f58-4caf-9c27-91c38d3620e3" }, { "control": "24ac8920-3747-45bb-b9d1-1ca0d1d84d3f", "match": "3b076d55-a168-4e4e-ba44-cac820929399" }, { "control": "24ac8920-3747-45bb-b9d1-1ca0d1d84d3f", "match": "d4546ede-ed2f-4bbc-a485-150bbdb4e9c2" }, { "control": "69f50c12-9eab-4305-be4f-97a2002ccc0c", "match": "cb39be02-c637-4984-ad59-ad1b5afd7609" }, { "control": "69f50c12-9eab-4305-be4f-97a2002ccc0c", "match": "5264169d-4e61-40b7-800e-1998f41af781" }, { "control": "69f50c12-9eab-4305-be4f-97a2002ccc0c", "match": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67" }, { "control": "69f50c12-9eab-4305-be4f-97a2002ccc0c", "match": "d4546ede-ed2f-4bbc-a485-150bbdb4e9c2" }, { "control": "31dc508e-664e-4173-8757-00ec985115c8", "match": "cb39be02-c637-4984-ad59-ad1b5afd7609" }, { "control": "31dc508e-664e-4173-8757-00ec985115c8", "match": "5264169d-4e61-40b7-800e-1998f41af781" }, { "control": "31dc508e-664e-4173-8757-00ec985115c8", "match": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67" }, { "control": "31dc508e-664e-4173-8757-00ec985115c8", "match": "10213f53-5179-42f2-beb6-1364872d983d" }, { "control": "31dc508e-664e-4173-8757-00ec985115c8", "match": "c2260bd5-161f-4fb9-8496-0de50c2c3440" }, { "control": "31dc508e-664e-4173-8757-00ec985115c8", "match": "d4546ede-ed2f-4bbc-a485-150bbdb4e9c2" }, { "control": "3f6e72ed-2984-452d-badd-5563acbf0450", "match": "4f08538a-9f7d-422f-aaae-0949bf39c028" }, { "control": "3f6e72ed-2984-452d-badd-5563acbf0450", "match": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67" }, { "control": "3f6e72ed-2984-452d-badd-5563acbf0450", "match": "8a174f26-95ff-41dd-8042-039189065395" }, { "control": "3f6e72ed-2984-452d-badd-5563acbf0450", "match": "d4546ede-ed2f-4bbc-a485-150bbdb4e9c2" }, { "control": "52d551ef-7334-45a3-9dd7-0b8d239ba1f6", "match": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67" }, { "control": "52d551ef-7334-45a3-9dd7-0b8d239ba1f6", "match": "10213f53-5179-42f2-beb6-1364872d983d" }, { "control": "52d551ef-7334-45a3-9dd7-0b8d239ba1f6", "match": "c2260bd5-161f-4fb9-8496-0de50c2c3440" }, { "control": "9b355a55-73ce-4d55-8016-d93e3c555a55", "match": "8245e3a6-09ee-488a-880f-8d1b811b2091" }, { "control": "9b355a55-73ce-4d55-8016-d93e3c555a55", "match": "67e16eb6-14cb-41a4-aea0-8f0dc7ed1023" }, { "control": "9b355a55-73ce-4d55-8016-d93e3c555a55", "match": "5264169d-4e61-40b7-800e-1998f41af781" }, { "control": "9b355a55-73ce-4d55-8016-d93e3c555a55", "match": "27086d2c-4ed0-4163-89c3-d280559102ea" }, { "control": "9b355a55-73ce-4d55-8016-d93e3c555a55", "match": "f929ec71-03e0-40a2-92eb-4078894a18a2" }, { "control": "9b355a55-73ce-4d55-8016-d93e3c555a55", "match": "a6586afd-bc0f-4334-88da-615989665368" }, { "control": "9b355a55-73ce-4d55-8016-d93e3c555a55", "match": "d4546ede-ed2f-4bbc-a485-150bbdb4e9c2" }, { "control": "dec6cf8c-1714-45f4-bfd2-23a049fb9b35", "match": "5264169d-4e61-40b7-800e-1998f41af781" }, { "control": "dec6cf8c-1714-45f4-bfd2-23a049fb9b35", "match": "06679cfa-1bfd-436a-b99d-698fb275dfdb" }, { "control": "dec6cf8c-1714-45f4-bfd2-23a049fb9b35", "match": "e48c2a77-93da-4afb-bde7-7bd957196286" }, { "control": "dec6cf8c-1714-45f4-bfd2-23a049fb9b35", "match": "2fd70998-9247-4efd-923d-276f5c76b3b9" }, { "control": "a8f83595-0327-4e24-9557-0e8d9b82856f", "match": "8245e3a6-09ee-488a-880f-8d1b811b2091" }, { "control": "a8f83595-0327-4e24-9557-0e8d9b82856f", "match": "67e16eb6-14cb-41a4-aea0-8f0dc7ed1023" }, { "control": "a8f83595-0327-4e24-9557-0e8d9b82856f", "match": "ca6dc3b4-45ad-4a17-84c2-06fe7de2936e" }, { "control": "a8f83595-0327-4e24-9557-0e8d9b82856f", "match": "5264169d-4e61-40b7-800e-1998f41af781" }, { "control": "a8f83595-0327-4e24-9557-0e8d9b82856f", "match": "8ccaf96b-99b1-4677-be72-1e072cc26ebd" }, { "control": "a8f83595-0327-4e24-9557-0e8d9b82856f", "match": "0e0864af-bd66-4012-b7ea-75ee7a57ef0b" }, { "control": "70e202bf-2270-4daf-8fb5-4f6fb10de979", "match": "15dfbe37-4a2d-4df7-b00c-f558524b561c" }, { "control": "70e202bf-2270-4daf-8fb5-4f6fb10de979", "match": "8cf0e5df-fb43-4dd0-a65e-d635d5902ffc" }, { "control": "54eeaae4-2b82-43ce-9a61-40d453116d8d", "match": "6f766bc2-750a-4249-89c9-39cf288143d5" }, { "control": "54eeaae4-2b82-43ce-9a61-40d453116d8d", "match": "d4546ede-ed2f-4bbc-a485-150bbdb4e9c2" }, { "control": "54eeaae4-2b82-43ce-9a61-40d453116d8d", "match": "d8aa0a75-a5b2-4556-9664-5b1d5ea7419c" }, { "control": "bbb99e89-ee33-46fc-bc03-1582631210c4", "match": "5264169d-4e61-40b7-800e-1998f41af781" }, { "control": "bbb99e89-ee33-46fc-bc03-1582631210c4", "match": "54db3434-c9cc-4a09-90a0-7e94aa29ae61" }, { "control": "bbb99e89-ee33-46fc-bc03-1582631210c4", "match": "729aa83b-a59b-48a0-b0a0-c592402dcae7" }, { "control": "bbb99e89-ee33-46fc-bc03-1582631210c4", "match": "64f93d70-568f-404a-a049-b7f37598ec66" }, { "control": "bbb99e89-ee33-46fc-bc03-1582631210c4", "match": "d4546ede-ed2f-4bbc-a485-150bbdb4e9c2" }, { "control": "e4f36efd-2e64-4ee8-9fd1-af2bec0b68d0", "match": "67e16eb6-14cb-41a4-aea0-8f0dc7ed1023" }, { "control": "e4f36efd-2e64-4ee8-9fd1-af2bec0b68d0", "match": "5264169d-4e61-40b7-800e-1998f41af781" }, { "control": "e4f36efd-2e64-4ee8-9fd1-af2bec0b68d0", "match": "27086d2c-4ed0-4163-89c3-d280559102ea" }, { "control": "e4f36efd-2e64-4ee8-9fd1-af2bec0b68d0", "match": "36ae972c-4543-4548-8946-47cb651ed0ef" }, { "control": "e4f36efd-2e64-4ee8-9fd1-af2bec0b68d0", "match": "06679cfa-1bfd-436a-b99d-698fb275dfdb" }, { "control": "e4f36efd-2e64-4ee8-9fd1-af2bec0b68d0", "match": "e48c2a77-93da-4afb-bde7-7bd957196286" }, { "control": "e4f36efd-2e64-4ee8-9fd1-af2bec0b68d0", "match": "2fd70998-9247-4efd-923d-276f5c76b3b9" }, { "control": "e4f36efd-2e64-4ee8-9fd1-af2bec0b68d0", "match": "d4546ede-ed2f-4bbc-a485-150bbdb4e9c2" }, { "control": "ebc0b0f8-4403-481f-be4a-7f35ae3cb6be", "match": "9e62441a-c6d5-4707-a835-6230dc5b0d53" }, { "control": "48a13f85-a811-43fa-a0e8-89f67fb2743f", "match": "1efbb7bc-a9df-41b0-af65-c8c7cc593246" }, { "control": "48a13f85-a811-43fa-a0e8-89f67fb2743f", "match": "5264169d-4e61-40b7-800e-1998f41af781" }, { "control": "48a13f85-a811-43fa-a0e8-89f67fb2743f", "match": "8ff7acc4-c71b-4e1d-89f3-0c7db4a5055f" }, { "control": "f9d1a926-5d39-4123-8b83-a94c21ff18e5", "match": "6922787a-2fcb-4cfe-a3bc-a75e7c49fccd" }, { "control": "f9d1a926-5d39-4123-8b83-a94c21ff18e5", "match": "1efbb7bc-a9df-41b0-af65-c8c7cc593246" }, { "control": "f9d1a926-5d39-4123-8b83-a94c21ff18e5", "match": "5264169d-4e61-40b7-800e-1998f41af781" }, { "control": "f9d1a926-5d39-4123-8b83-a94c21ff18e5", "match": "280c9bba-f2e4-401f-911a-cdab227ac433" }, { "control": "f9d1a926-5d39-4123-8b83-a94c21ff18e5", "match": "d4546ede-ed2f-4bbc-a485-150bbdb4e9c2" }, { "control": "f9d1a926-5d39-4123-8b83-a94c21ff18e5", "match": "8ff7acc4-c71b-4e1d-89f3-0c7db4a5055f" }, { "control": "23e4c883-c358-4b64-8d7e-249c67b7f1f2", "match": "1efbb7bc-a9df-41b0-af65-c8c7cc593246" }, { "control": "23e4c883-c358-4b64-8d7e-249c67b7f1f2", "match": "5264169d-4e61-40b7-800e-1998f41af781" }, { "control": "23e4c883-c358-4b64-8d7e-249c67b7f1f2", "match": "06679cfa-1bfd-436a-b99d-698fb275dfdb" }, { "control": "23e4c883-c358-4b64-8d7e-249c67b7f1f2", "match": "15dfbe37-4a2d-4df7-b00c-f558524b561c" }, { "control": "23e4c883-c358-4b64-8d7e-249c67b7f1f2", "match": "d4546ede-ed2f-4bbc-a485-150bbdb4e9c2" }, { "control": "23e4c883-c358-4b64-8d7e-249c67b7f1f2", "match": "8ff7acc4-c71b-4e1d-89f3-0c7db4a5055f" }, { "control": "025611cb-8431-4a9c-a88c-039141472418", "match": "cb39be02-c637-4984-ad59-ad1b5afd7609" }, { "control": "025611cb-8431-4a9c-a88c-039141472418", "match": "1efbb7bc-a9df-41b0-af65-c8c7cc593246" }, { "control": "025611cb-8431-4a9c-a88c-039141472418", "match": "5264169d-4e61-40b7-800e-1998f41af781" }, { "control": "025611cb-8431-4a9c-a88c-039141472418", "match": "9e62441a-c6d5-4707-a835-6230dc5b0d53" }, { "control": "025611cb-8431-4a9c-a88c-039141472418", "match": "d4546ede-ed2f-4bbc-a485-150bbdb4e9c2" }, { "control": "ad0458f2-c836-4c7d-9d8f-6333fc6af2e9", "match": "1efbb7bc-a9df-41b0-af65-c8c7cc593246" }, { "control": "ad0458f2-c836-4c7d-9d8f-6333fc6af2e9", "match": "5264169d-4e61-40b7-800e-1998f41af781" }, { "control": "ad0458f2-c836-4c7d-9d8f-6333fc6af2e9", "match": "8047a1c6-e890-4817-982d-04fcdc2820a2" }, { "control": "ad0458f2-c836-4c7d-9d8f-6333fc6af2e9", "match": "9e62441a-c6d5-4707-a835-6230dc5b0d53" }, { "control": "ad0458f2-c836-4c7d-9d8f-6333fc6af2e9", "match": "d4546ede-ed2f-4bbc-a485-150bbdb4e9c2" }, { "control": "ad0458f2-c836-4c7d-9d8f-6333fc6af2e9", "match": "8ff7acc4-c71b-4e1d-89f3-0c7db4a5055f" }, { "control": "b237b4b1-a21a-4122-b4c8-e068ad58ef21", "match": "4f08538a-9f7d-422f-aaae-0949bf39c028" }, { "control": "b237b4b1-a21a-4122-b4c8-e068ad58ef21", "match": "5ba61017-362e-411b-929d-c76c27358660" }, { "control": "b237b4b1-a21a-4122-b4c8-e068ad58ef21", "match": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67" }, { "control": "b237b4b1-a21a-4122-b4c8-e068ad58ef21", "match": "c2260bd5-161f-4fb9-8496-0de50c2c3440" }, { "control": "cce52cf2-aa85-4f33-8cb8-b0508f452c25", "match": "4f08538a-9f7d-422f-aaae-0949bf39c028" }, { "control": "cce52cf2-aa85-4f33-8cb8-b0508f452c25", "match": "a3a1db7e-c1e1-409d-aa9a-e4b4ca925be6" }, { "control": "cce52cf2-aa85-4f33-8cb8-b0508f452c25", "match": "e8449cab-54ae-4bd4-8b6e-de2820e8ec4b" }, { "control": "cce52cf2-aa85-4f33-8cb8-b0508f452c25", "match": "c2260bd5-161f-4fb9-8496-0de50c2c3440" }, { "control": "30ff804b-d8e2-44da-a49e-bb1a39e5f81a", "match": "cb39be02-c637-4984-ad59-ad1b5afd7609" }, { "control": "30ff804b-d8e2-44da-a49e-bb1a39e5f81a", "match": "69e93c59-0239-4bc8-8d5f-d2c65c706f46" }, { "control": "30ff804b-d8e2-44da-a49e-bb1a39e5f81a", "match": "c2260bd5-161f-4fb9-8496-0de50c2c3440" }, { "control": "2d88bd60-ff72-40cc-a2b4-ae7c9cbd2a68", "match": "1efbb7bc-a9df-41b0-af65-c8c7cc593246" }, { "control": "2d88bd60-ff72-40cc-a2b4-ae7c9cbd2a68", "match": "5264169d-4e61-40b7-800e-1998f41af781" }, { "control": "2d88bd60-ff72-40cc-a2b4-ae7c9cbd2a68", "match": "4f08538a-9f7d-422f-aaae-0949bf39c028" }, { "control": "2d88bd60-ff72-40cc-a2b4-ae7c9cbd2a68", "match": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67" }, { "control": "2d88bd60-ff72-40cc-a2b4-ae7c9cbd2a68", "match": "c2260bd5-161f-4fb9-8496-0de50c2c3440" }, { "control": "2d88bd60-ff72-40cc-a2b4-ae7c9cbd2a68", "match": "e48c2a77-93da-4afb-bde7-7bd957196286" }, { "control": "2d88bd60-ff72-40cc-a2b4-ae7c9cbd2a68", "match": "9e62441a-c6d5-4707-a835-6230dc5b0d53" }, { "control": "2d88bd60-ff72-40cc-a2b4-ae7c9cbd2a68", "match": "d4546ede-ed2f-4bbc-a485-150bbdb4e9c2" }, { "control": "34a2e449-b69d-4f75-a548-8c5faee598b5", "match": "4f08538a-9f7d-422f-aaae-0949bf39c028" }, { "control": "34a2e449-b69d-4f75-a548-8c5faee598b5", "match": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67" }, { "control": "34a2e449-b69d-4f75-a548-8c5faee598b5", "match": "c2260bd5-161f-4fb9-8496-0de50c2c3440" }, { "control": "bb37f7e5-ff5d-4b9a-a621-dfb26f3fccaf", "match": "3d9c8de5-f6f2-4a5d-8093-74849dc24a82" }, { "control": "bb37f7e5-ff5d-4b9a-a621-dfb26f3fccaf", "match": "e1219fd8-9db2-4297-99da-63be2b433aa8" }, { "control": "e6ab0d96-2ced-445d-a19f-97710b2cc346", "match": "cb39be02-c637-4984-ad59-ad1b5afd7609" }, { "control": "e6ab0d96-2ced-445d-a19f-97710b2cc346", "match": "5264169d-4e61-40b7-800e-1998f41af781" }, { "control": "e6ab0d96-2ced-445d-a19f-97710b2cc346", "match": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67" }, { "control": "e6ab0d96-2ced-445d-a19f-97710b2cc346", "match": "10213f53-5179-42f2-beb6-1364872d983d" }, { "control": "e6ab0d96-2ced-445d-a19f-97710b2cc346", "match": "e48c2a77-93da-4afb-bde7-7bd957196286" }, { "control": "e6ab0d96-2ced-445d-a19f-97710b2cc346", "match": "d4546ede-ed2f-4bbc-a485-150bbdb4e9c2" }, { "control": "0c7c3558-9c78-4bcc-816b-9123c899b653", "match": "4f08538a-9f7d-422f-aaae-0949bf39c028" }, { "control": "0c7c3558-9c78-4bcc-816b-9123c899b653", "match": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67" }, { "control": "cf3d3d41-f0d5-4eb9-b6c5-537d72ea645a", "match": "8314aca6-82c0-4955-a6d3-78f41146ef15" }, { "control": "cf3d3d41-f0d5-4eb9-b6c5-537d72ea645a", "match": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67" }, { "control": "1ea30a61-92f4-4ae0-a349-3f947bf0dc94", "match": "4f08538a-9f7d-422f-aaae-0949bf39c028" }, { "control": "1ea30a61-92f4-4ae0-a349-3f947bf0dc94", "match": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67" }, { "control": "1ea30a61-92f4-4ae0-a349-3f947bf0dc94", "match": "10213f53-5179-42f2-beb6-1364872d983d" }, { "control": "1ea30a61-92f4-4ae0-a349-3f947bf0dc94", "match": "c2260bd5-161f-4fb9-8496-0de50c2c3440" }, { "control": "83c3ab70-566c-4bbe-a3b8-940d9fbb5ad7", "match": "3d9c8de5-f6f2-4a5d-8093-74849dc24a82" }, { "control": "83c3ab70-566c-4bbe-a3b8-940d9fbb5ad7", "match": "e1219fd8-9db2-4297-99da-63be2b433aa8" }, { "control": "2736e702-38ef-439d-9e8b-989ef56f8735", "match": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67" }, { "control": "e94941eb-31da-40e0-b944-07c43233e7c0", "match": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67" }, { "control": "0de24c0a-53cb-4481-9b8d-fccc252e4f03", "match": "5264169d-4e61-40b7-800e-1998f41af781" }, { "control": "0de24c0a-53cb-4481-9b8d-fccc252e4f03", "match": "8a174f26-95ff-41dd-8042-039189065395" }, { "control": "0de24c0a-53cb-4481-9b8d-fccc252e4f03", "match": "9e62441a-c6d5-4707-a835-6230dc5b0d53" }, { "control": "01314572-becc-4780-945f-9ed3a40af900", "match": "4f08538a-9f7d-422f-aaae-0949bf39c028" }, { "control": "01314572-becc-4780-945f-9ed3a40af900", "match": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67" }, { "control": "01314572-becc-4780-945f-9ed3a40af900", "match": "c2260bd5-161f-4fb9-8496-0de50c2c3440" }, { "control": "f0753789-bcc3-4f66-9bb5-b6179bb367de", "match": "4f08538a-9f7d-422f-aaae-0949bf39c028" }, { "control": "f0753789-bcc3-4f66-9bb5-b6179bb367de", "match": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67" }, { "control": "f0753789-bcc3-4f66-9bb5-b6179bb367de", "match": "c2260bd5-161f-4fb9-8496-0de50c2c3440" }, { "control": "0d124100-372e-429b-9e2f-d12211f005e1", "match": "5ba61017-362e-411b-929d-c76c27358660" }, { "control": "0d124100-372e-429b-9e2f-d12211f005e1", "match": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67" }, { "control": "0d124100-372e-429b-9e2f-d12211f005e1", "match": "c2260bd5-161f-4fb9-8496-0de50c2c3440" }, { "control": "52ab8937-c260-4cf3-a807-ce1381afa4c9", "match": "4f08538a-9f7d-422f-aaae-0949bf39c028" }, { "control": "52ab8937-c260-4cf3-a807-ce1381afa4c9", "match": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67" }, { "control": "52ab8937-c260-4cf3-a807-ce1381afa4c9", "match": "c2260bd5-161f-4fb9-8496-0de50c2c3440" }, { "control": "421b5608-0f1d-4de5-b646-ff9538f8493f", "match": "4f08538a-9f7d-422f-aaae-0949bf39c028" }, { "control": "421b5608-0f1d-4de5-b646-ff9538f8493f", "match": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67" }, { "control": "421b5608-0f1d-4de5-b646-ff9538f8493f", "match": "c2260bd5-161f-4fb9-8496-0de50c2c3440" }, { "control": "c8de5e1f-7893-42b3-852d-fa4f79bc68fa", "match": "4f08538a-9f7d-422f-aaae-0949bf39c028" }, { "control": "c8de5e1f-7893-42b3-852d-fa4f79bc68fa", "match": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67" } ], "version": 1 } 2021-10-12T14:54:09.183756+00:00 https://objects.monarc.lu/object/get/35 2024-05-02T13:22:55.425028+00:00 MONARC { "label": "NIS security measures - NIST Core", "refs": [ "https://www.enisa.europa.eu/topics/nis-directive/minimum-security-measures-for-operators-of-essentials-services" ], "security referentials UUID": [ "3f4a2a67-a1f9-46e1-8d71-7f6486217bb7", "fcf78560-3d12-42ba-8f4a-5761ca02ac94" ], "uuid": "9f6e74bb-c643-4654-bc6d-76dcab49c357", "values": [ { "control": "030ef936-d0fe-4d6b-9238-e3004f58f7b6", "match": "d2e86e2d-5bec-42a2-b642-69995b6abcf0" }, { "control": "030ef936-d0fe-4d6b-9238-e3004f58f7b6", "match": "cc6aad46-1887-4da6-93e3-c707be07b9f5" }, { "control": "030ef936-d0fe-4d6b-9238-e3004f58f7b6", "match": "0550c268-534a-4311-920d-84466e4865c4" }, { "control": "030ef936-d0fe-4d6b-9238-e3004f58f7b6", "match": "1bad7834-b740-48ff-8450-5792b55614db" }, { "control": "030ef936-d0fe-4d6b-9238-e3004f58f7b6", "match": "7c09a9bf-407c-4509-94c0-af8314fc3b86" }, { "control": "030ef936-d0fe-4d6b-9238-e3004f58f7b6", "match": "6d0bfd47-88dc-484a-aed8-196eaa12c4db" }, { "control": "030ef936-d0fe-4d6b-9238-e3004f58f7b6", "match": "98ce2a28-d424-4436-8c41-2ec0e8d563fa" }, { "control": "030ef936-d0fe-4d6b-9238-e3004f58f7b6", "match": "e384f897-1b70-49a5-8491-24c035e1451f" }, { "control": "030ef936-d0fe-4d6b-9238-e3004f58f7b6", "match": "7a9f7d35-6714-4182-ae88-d9ff575224a6" }, { "control": "030ef936-d0fe-4d6b-9238-e3004f58f7b6", "match": "97331ab3-3365-4fb0-894c-578c460720fa" }, { "control": "030ef936-d0fe-4d6b-9238-e3004f58f7b6", "match": "6386d5df-56f8-46ad-b181-e870491004a5" }, { "control": "02527779-a76f-42fc-b420-6726099d4241", "match": "7a4074cc-5b40-486a-9a52-6b49be7f95e6" }, { "control": "02527779-a76f-42fc-b420-6726099d4241", "match": "29613b2e-8def-417e-85fa-31aa5ef5de3b" }, { "control": "02527779-a76f-42fc-b420-6726099d4241", "match": "4e2499c0-d23d-4977-9e9f-6323af31be24" }, { "control": "d646a78e-68d8-4d60-a01f-455b1a0df4f1", "match": "3dcdd5d1-48e8-4b66-8567-65e0f0c8be4a" }, { "control": "cfda8669-f42c-4917-833e-b873110b4380", "match": "01d259f0-ece0-4f7c-91bf-d09844c576cc" }, { "control": "cfda8669-f42c-4917-833e-b873110b4380", "match": "6386d5df-56f8-46ad-b181-e870491004a5" }, { "control": "cfda8669-f42c-4917-833e-b873110b4380", "match": "4879e4fb-cd0e-4968-8dd2-4b6dbe977cdc" }, { "control": "cfda8669-f42c-4917-833e-b873110b4380", "match": "987e9304-80fd-4470-b8b4-213f41a0a957" }, { "control": "cfda8669-f42c-4917-833e-b873110b4380", "match": "92a81683-1877-48d3-9d5a-c7c0ddd9852b" }, { "control": "11c11899-6a4d-4937-ae09-fc3dcfdb26f9", "match": "dec6cf8c-1714-45f4-bfd2-23a049fb9b35" }, { "control": "11c11899-6a4d-4937-ae09-fc3dcfdb26f9", "match": "e4f36efd-2e64-4ee8-9fd1-af2bec0b68d0" }, { "control": "11c11899-6a4d-4937-ae09-fc3dcfdb26f9", "match": "231fc2b1-80c2-450e-9d80-f804f5a8984c" }, { "control": "11c11899-6a4d-4937-ae09-fc3dcfdb26f9", "match": "acfea27c-c6d5-421a-9ae4-2db82610cc41" }, { "control": "11c11899-6a4d-4937-ae09-fc3dcfdb26f9", "match": "e4f36efd-2e64-4ee8-9fd1-af2bec0b68d0" }, { "control": "11c11899-6a4d-4937-ae09-fc3dcfdb26f9", "match": "f4f7466f-0ae6-4867-a2ee-6be4e1f02329" }, { "control": "66b045d6-77a5-426f-afe5-55cac81ac5c8", "match": "46555297-7af1-4d59-ac07-6e627aef4dda" }, { "control": "66b045d6-77a5-426f-afe5-55cac81ac5c8", "match": "63f9f527-2c63-4fda-acda-7ebcf3025873" }, { "control": "26b54bed-01d5-4614-b0ed-907af072b8a9", "match": "1a422e41-50fc-4c74-b1e4-e3d40b7c82f3" }, { "control": "26b54bed-01d5-4614-b0ed-907af072b8a9", "match": "eaa4fb9d-e687-41a0-8d4b-1ca972bed10a" }, { "control": "26b54bed-01d5-4614-b0ed-907af072b8a9", "match": "4879e4fb-cd0e-4968-8dd2-4b6dbe977cdc" }, { "control": "8e6bf606-42cf-4f85-bedd-5e633d241183", "match": "30a7a092-3e00-4d33-aec2-66d019c2ff03" }, { "control": "8e6bf606-42cf-4f85-bedd-5e633d241183", "match": "6f6442e8-952b-4a13-9e97-7c233a7b2a1c" }, { "control": "a3f6ee47-de81-400a-a7dc-79e79fb73729", "match": "800fc6f9-e574-4152-89e6-30bae7da4adc" }, { "control": "9fa537a3-efc0-4624-aeae-ab975076e1c0", "match": "6386d5df-56f8-46ad-b181-e870491004a5" }, { "control": "4baf165d-b157-4c19-bbd6-ad3ddd5dbe79", "match": "6386d5df-56f8-46ad-b181-e870491004a5" }, { "control": "f5f8ef4a-25f2-4169-b279-424081fc6125", "match": "a6b301ed-e0c1-467d-8e42-e2796c64b785" }, { "control": "6b327343-7f81-4a40-bc46-194cf5aa54df", "match": "50fc2488-b730-48ae-abf8-93e60f141404" }, { "control": "6b327343-7f81-4a40-bc46-194cf5aa54df", "match": "766520fa-3439-4382-babc-eb7d9d6b1f52" }, { "control": "6b327343-7f81-4a40-bc46-194cf5aa54df", "match": "a6b301ed-e0c1-467d-8e42-e2796c64b785" }, { "control": "6b327343-7f81-4a40-bc46-194cf5aa54df", "match": "8feec5e9-c2b2-465b-8fa3-8b65b6a09fcb" }, { "control": "752f00ca-196b-4055-b660-4a09185ce3a7", "match": "7cd438b8-038b-4f1f-a431-a1a1a83e009c" }, { "control": "752f00ca-196b-4055-b660-4a09185ce3a7", "match": "6da92eea-2f74-458f-a643-361df7ea9f2f" }, { "control": "752f00ca-196b-4055-b660-4a09185ce3a7", "match": "831f20de-eadb-44a7-82f3-fcb116d8cb69" }, { "control": "efcb645f-ca20-484d-a3b7-6ef98db907ff", "match": "7ec8092e-3e41-43e0-a8b2-c42b980dd29b" }, { "control": "157d5514-b3cd-4d31-9bff-560a1a436d96", "match": "382fe4f1-9f05-4169-a343-2c961a8cf359" }, { "control": "157d5514-b3cd-4d31-9bff-560a1a436d96", "match": "f01b50b8-0e54-4f8f-afee-0ec56f788a42" }, { "control": "725706a3-fa1d-48e1-8458-21974439b34b", "match": "24ac8920-3747-45bb-b9d1-1ca0d1d84d3f" }, { "control": "725706a3-fa1d-48e1-8458-21974439b34b", "match": "9b355a55-73ce-4d55-8016-d93e3c555a55" }, { "control": "725706a3-fa1d-48e1-8458-21974439b34b", "match": "dec6cf8c-1714-45f4-bfd2-23a049fb9b35" }, { "control": "725706a3-fa1d-48e1-8458-21974439b34b", "match": "a8f83595-0327-4e24-9557-0e8d9b82856f" }, { "control": "725706a3-fa1d-48e1-8458-21974439b34b", "match": "70e202bf-2270-4daf-8fb5-4f6fb10de979" }, { "control": "725706a3-fa1d-48e1-8458-21974439b34b", "match": "54eeaae4-2b82-43ce-9a61-40d453116d8d" }, { "control": "725706a3-fa1d-48e1-8458-21974439b34b", "match": "bbb99e89-ee33-46fc-bc03-1582631210c4" }, { "control": "725706a3-fa1d-48e1-8458-21974439b34b", "match": "e4f36efd-2e64-4ee8-9fd1-af2bec0b68d0" }, { "control": "725706a3-fa1d-48e1-8458-21974439b34b", "match": "ebc0b0f8-4403-481f-be4a-7f35ae3cb6be" }, { "control": "725706a3-fa1d-48e1-8458-21974439b34b", "match": "48a13f85-a811-43fa-a0e8-89f67fb2743f" }, { "control": "725706a3-fa1d-48e1-8458-21974439b34b", "match": "f9d1a926-5d39-4123-8b83-a94c21ff18e5" }, { "control": "725706a3-fa1d-48e1-8458-21974439b34b", "match": "23e4c883-c358-4b64-8d7e-249c67b7f1f2" }, { "control": "725706a3-fa1d-48e1-8458-21974439b34b", "match": "025611cb-8431-4a9c-a88c-039141472418" }, { "control": "725706a3-fa1d-48e1-8458-21974439b34b", "match": "ad0458f2-c836-4c7d-9d8f-6333fc6af2e9" }, { "control": "1b9d05fc-e385-4fdb-aa44-54e069a9ea91", "match": "9b355a55-73ce-4d55-8016-d93e3c555a55" }, { "control": "957b42b2-b3c6-4d0c-b32e-fcc4bea29ffd", "match": "9b355a55-73ce-4d55-8016-d93e3c555a55" }, { "control": "f739cbb5-8ed4-4136-b4c0-4fd3edb84cd8", "match": "69f50c12-9eab-4305-be4f-97a2002ccc0c" }, { "control": "f739cbb5-8ed4-4136-b4c0-4fd3edb84cd8", "match": "31dc508e-664e-4173-8757-00ec985115c8" }, { "control": "f739cbb5-8ed4-4136-b4c0-4fd3edb84cd8", "match": "3f6e72ed-2984-452d-badd-5563acbf0450" }, { "control": "f739cbb5-8ed4-4136-b4c0-4fd3edb84cd8", "match": "52d551ef-7334-45a3-9dd7-0b8d239ba1f6" }, { "control": "f739cbb5-8ed4-4136-b4c0-4fd3edb84cd8", "match": "e6ab0d96-2ced-445d-a19f-97710b2cc346" }, { "control": "f739cbb5-8ed4-4136-b4c0-4fd3edb84cd8", "match": "0c7c3558-9c78-4bcc-816b-9123c899b653" }, { "control": "f739cbb5-8ed4-4136-b4c0-4fd3edb84cd8", "match": "cf3d3d41-f0d5-4eb9-b6c5-537d72ea645a" }, { "control": "f739cbb5-8ed4-4136-b4c0-4fd3edb84cd8", "match": "1ea30a61-92f4-4ae0-a349-3f947bf0dc94" }, { "control": "f739cbb5-8ed4-4136-b4c0-4fd3edb84cd8", "match": "4fe097cd-e0c0-4698-a209-43ffb553a279" }, { "control": "f739cbb5-8ed4-4136-b4c0-4fd3edb84cd8", "match": "b237b4b1-a21a-4122-b4c8-e068ad58ef21" }, { "control": "f739cbb5-8ed4-4136-b4c0-4fd3edb84cd8", "match": "cce52cf2-aa85-4f33-8cb8-b0508f452c25" }, { "control": "f739cbb5-8ed4-4136-b4c0-4fd3edb84cd8", "match": "2736e702-38ef-439d-9e8b-989ef56f8735" }, { "control": "f739cbb5-8ed4-4136-b4c0-4fd3edb84cd8", "match": "e94941eb-31da-40e0-b944-07c43233e7c0" }, { "control": "f739cbb5-8ed4-4136-b4c0-4fd3edb84cd8", "match": "0de24c0a-53cb-4481-9b8d-fccc252e4f03" }, { "control": "ea405481-cbe2-4e15-b2a3-f45563e160cc", "match": "cce52cf2-aa85-4f33-8cb8-b0508f452c25" }, { "control": "ea405481-cbe2-4e15-b2a3-f45563e160cc", "match": "30ff804b-d8e2-44da-a49e-bb1a39e5f81a" }, { "control": "ea405481-cbe2-4e15-b2a3-f45563e160cc", "match": "2d88bd60-ff72-40cc-a2b4-ae7c9cbd2a68" }, { "control": "ea405481-cbe2-4e15-b2a3-f45563e160cc", "match": "34a2e449-b69d-4f75-a548-8c5faee598b5" }, { "control": "ea405481-cbe2-4e15-b2a3-f45563e160cc", "match": "bb37f7e5-ff5d-4b9a-a621-dfb26f3fccaf" }, { "control": "b24b90b0-eeea-4a56-b5ef-2c484467c97a", "match": "75942c69-3336-4e82-bf59-515aaa6e3513" }, { "control": "b24b90b0-eeea-4a56-b5ef-2c484467c97a", "match": "e4380999-3c82-4b85-86cd-86f1f37f97ab" }, { "control": "b24b90b0-eeea-4a56-b5ef-2c484467c97a", "match": "2e411d93-1836-4dbc-baf1-a747d2a9915a" }, { "control": "f87f15fe-0170-4164-90de-091d9519d140", "match": "e4380999-3c82-4b85-86cd-86f1f37f97ab" }, { "control": "f87f15fe-0170-4164-90de-091d9519d140", "match": "e4f85702-5874-4361-beec-45d00b379c5b" }, { "control": "0ca52ad9-4570-46be-88ce-d22efd4a145b", "match": "e4380999-3c82-4b85-86cd-86f1f37f97ab" }, { "control": "0ca52ad9-4570-46be-88ce-d22efd4a145b", "match": "e4f85702-5874-4361-beec-45d00b379c5b" }, { "control": "e1a91f54-34e4-45c7-8eae-dfc6dee15854", "match": "e4380999-3c82-4b85-86cd-86f1f37f97ab" } ], "version": 1 } 2021-10-12T14:54:58.236716+00:00 https://objects.monarc.lu/object/get/31 2024-05-02T13:22:55.422306+00:00 MONARC { "label": "NIST SP 800-53 (Rev.5) - ISO/IEC 27002", "refs": [ "https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/draft" ], "security referentials UUID": [ "cfd2cd50-95fa-4143-b0e5-794249bacae1", "98ca84fb-db87-11e8-ac77-0800279aaa2b" ], "uuid": "5696c21b-4b52-4230-be0c-89352b8c9baa", "values": [ { "control": "ebf10522-0f57-4880-aa73-e28a206b7be4", "match": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "control": "ebf10522-0f57-4880-aa73-e28a206b7be4", "match": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "control": "ebf10522-0f57-4880-aa73-e28a206b7be4", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "ebf10522-0f57-4880-aa73-e28a206b7be4", "match": "267fd659-f705-11e8-b555-0800279aaa2b" }, { "control": "ebf10522-0f57-4880-aa73-e28a206b7be4", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "ebf10522-0f57-4880-aa73-e28a206b7be4", "match": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "control": "ebf10522-0f57-4880-aa73-e28a206b7be4", "match": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "control": "8245e3a6-09ee-488a-880f-8d1b811b2091", "match": "267fd899-f705-11e8-b555-0800279aaa2b" }, { "control": "8245e3a6-09ee-488a-880f-8d1b811b2091", "match": "267fe782-f705-11e8-b555-0800279aaa2b" }, { "control": "8245e3a6-09ee-488a-880f-8d1b811b2091", "match": "267fd69f-f705-11e8-b555-0800279aaa2b" }, { "control": "8245e3a6-09ee-488a-880f-8d1b811b2091", "match": "267fd723-f705-11e8-b555-0800279aaa2b" }, { "control": "8245e3a6-09ee-488a-880f-8d1b811b2091", "match": "267fcc3c-f705-11e8-b555-0800279aaa2b" }, { "control": "f3cc0b06-2294-49fe-aca4-3eb929cc87eb", "match": "267fda0e-f705-11e8-b555-0800279aaa2b" }, { "control": "f3cc0b06-2294-49fe-aca4-3eb929cc87eb", "match": "267fd81b-f705-11e8-b555-0800279aaa2b" }, { "control": "f3cc0b06-2294-49fe-aca4-3eb929cc87eb", "match": "267fd993-f705-11e8-b555-0800279aaa2b" }, { "control": "f3cc0b06-2294-49fe-aca4-3eb929cc87eb", "match": "267fd917-f705-11e8-b555-0800279aaa2b" }, { "control": "f3cc0b06-2294-49fe-aca4-3eb929cc87eb", "match": "267fdbf1-f705-11e8-b555-0800279aaa2b" }, { "control": "f3cc0b06-2294-49fe-aca4-3eb929cc87eb", "match": "267fd2b1-f705-11e8-b555-0800279aaa2b" }, { "control": "f3cc0b06-2294-49fe-aca4-3eb929cc87eb", "match": "267fd4ac-f705-11e8-b555-0800279aaa2b" }, { "control": "f3cc0b06-2294-49fe-aca4-3eb929cc87eb", "match": "267fd4ed-f705-11e8-b555-0800279aaa2b" }, { "control": "f3cc0b06-2294-49fe-aca4-3eb929cc87eb", "match": "267fe37d-f705-11e8-b555-0800279aaa2b" }, { "control": "e2323e31-d4c5-4f58-8de3-529d41c7fde6", "match": "267fd85b-f705-11e8-b555-0800279aaa2b" }, { "control": "e2323e31-d4c5-4f58-8de3-529d41c7fde6", "match": "267fd3a6-f705-11e8-b555-0800279aaa2b" }, { "control": "e2323e31-d4c5-4f58-8de3-529d41c7fde6", "match": "267fd4ac-f705-11e8-b555-0800279aaa2b" }, { "control": "e2323e31-d4c5-4f58-8de3-529d41c7fde6", "match": "267fd4ed-f705-11e8-b555-0800279aaa2b" }, { "control": "35f0172f-4770-4f69-9aa7-8b48a880c85a", "match": "267fd0b1-f705-11e8-b555-0800279aaa2b" }, { "control": "cea02331-b15a-42bb-ae5c-826afb449240", "match": "267fd81b-f705-11e8-b555-0800279aaa2b" }, { "control": "cea02331-b15a-42bb-ae5c-826afb449240", "match": "267fd69f-f705-11e8-b555-0800279aaa2b" }, { "control": "cea02331-b15a-42bb-ae5c-826afb449240", "match": "267fd917-f705-11e8-b555-0800279aaa2b" }, { "control": "cea02331-b15a-42bb-ae5c-826afb449240", "match": "267fdbf1-f705-11e8-b555-0800279aaa2b" }, { "control": "f8e45f26-413c-4c61-be2c-216ec688ecb1", "match": "267fd954-f705-11e8-b555-0800279aaa2b" }, { "control": "2006d82c-a148-470f-ad3d-339980bb69b9", "match": "267fd954-f705-11e8-b555-0800279aaa2b" }, { "control": "a06fe04e-e834-42c9-8b4f-d998eb493136", "match": "267fd954-f705-11e8-b555-0800279aaa2b" }, { "control": "48e9827d-60b5-4637-89fa-45dfb4231ff7", "match": "267fd7a0-f705-11e8-b555-0800279aaa2b" }, { "control": "48e9827d-60b5-4637-89fa-45dfb4231ff7", "match": "267fd7dd-f705-11e8-b555-0800279aaa2b" }, { "control": "33d42330-bde6-4964-82c9-fd2eaa07792d", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "1b2e1483-0a0e-4c84-ad44-42db07d6172f", "match": "267fd9d0-f705-11e8-b555-0800279aaa2b" }, { "control": "1b2e1483-0a0e-4c84-ad44-42db07d6172f", "match": "267fda0e-f705-11e8-b555-0800279aaa2b" }, { "control": "1b2e1483-0a0e-4c84-ad44-42db07d6172f", "match": "267fd2b1-f705-11e8-b555-0800279aaa2b" }, { "control": "1b2e1483-0a0e-4c84-ad44-42db07d6172f", "match": "267fd3a6-f705-11e8-b555-0800279aaa2b" }, { "control": "1b2e1483-0a0e-4c84-ad44-42db07d6172f", "match": "267fd4ac-f705-11e8-b555-0800279aaa2b" }, { "control": "5dad70d6-04e6-4ad0-9c32-c565e40329ad", "match": "267fd9d0-f705-11e8-b555-0800279aaa2b" }, { "control": "5dad70d6-04e6-4ad0-9c32-c565e40329ad", "match": "267fd2b1-f705-11e8-b555-0800279aaa2b" }, { "control": "5dad70d6-04e6-4ad0-9c32-c565e40329ad", "match": "267fd3a6-f705-11e8-b555-0800279aaa2b" }, { "control": "250001c2-f02d-496c-917e-70034724bfd6", "match": "267fd9d0-f705-11e8-b555-0800279aaa2b" }, { "control": "250001c2-f02d-496c-917e-70034724bfd6", "match": "267fcf4f-f705-11e8-b555-0800279aaa2b" }, { "control": "250001c2-f02d-496c-917e-70034724bfd6", "match": "267fd3a6-f705-11e8-b555-0800279aaa2b" }, { "control": "fc9d8985-7dea-4b78-b977-7c5ac82e15f2", "match": "267fcf4f-f705-11e8-b555-0800279aaa2b" }, { "control": "fc9d8985-7dea-4b78-b977-7c5ac82e15f2", "match": "267fd2b1-f705-11e8-b555-0800279aaa2b" }, { "control": "fc9d8985-7dea-4b78-b977-7c5ac82e15f2", "match": "267fd3a6-f705-11e8-b555-0800279aaa2b" }, { "control": "5d4dc43c-9c46-4fc5-969b-02a1421acf42", "match": "267fd3a6-f705-11e8-b555-0800279aaa2b" }, { "control": "5d4dc43c-9c46-4fc5-969b-02a1421acf42", "match": "267fd3e3-f705-11e8-b555-0800279aaa2b" }, { "control": "5d4dc43c-9c46-4fc5-969b-02a1421acf42", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "ccd5e72f-92d7-4824-8caa-9a75209849d2", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "5493d4a2-bae6-4bdf-ba84-79bbae4fb53b", "match": "267fd993-f705-11e8-b555-0800279aaa2b" }, { "control": "468658d8-61b8-4757-8c28-d6017337ea91", "match": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "control": "468658d8-61b8-4757-8c28-d6017337ea91", "match": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "control": "468658d8-61b8-4757-8c28-d6017337ea91", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "468658d8-61b8-4757-8c28-d6017337ea91", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "468658d8-61b8-4757-8c28-d6017337ea91", "match": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "control": "468658d8-61b8-4757-8c28-d6017337ea91", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "468658d8-61b8-4757-8c28-d6017337ea91", "match": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "control": "3f956648-f1a8-4c8f-9e4b-11e4da8afc6a", "match": "267fcaeb-f705-11e8-b555-0800279aaa2b" }, { "control": "3f956648-f1a8-4c8f-9e4b-11e4da8afc6a", "match": "267fd22e-f705-11e8-b555-0800279aaa2b" }, { "control": "3f956648-f1a8-4c8f-9e4b-11e4da8afc6a", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "64694da5-0ca9-44f6-bd94-0dc1fa8f69ea", "match": "267fcaeb-f705-11e8-b555-0800279aaa2b" }, { "control": "64694da5-0ca9-44f6-bd94-0dc1fa8f69ea", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "a32e8643-88b7-4fa6-9a25-f67b9236b9d0", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "0de44076-cd30-439a-9375-c7c6692da6b2", "match": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "control": "0de44076-cd30-439a-9375-c7c6692da6b2", "match": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "control": "0de44076-cd30-439a-9375-c7c6692da6b2", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "0de44076-cd30-439a-9375-c7c6692da6b2", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "0de44076-cd30-439a-9375-c7c6692da6b2", "match": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "control": "0de44076-cd30-439a-9375-c7c6692da6b2", "match": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "control": "aefeafa5-2f92-4a78-a149-6b00f8a0f9f1", "match": "267fd529-f705-11e8-b555-0800279aaa2b" }, { "control": "aefeafa5-2f92-4a78-a149-6b00f8a0f9f1", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "6145995f-74e1-4479-ba93-c1cdd9e34f8c", "match": "267fd1a8-f705-11e8-b555-0800279aaa2b" }, { "control": "bcc90c0a-8c92-4e75-ba67-a9dd2a64ca9d", "match": "267fd1a8-f705-11e8-b555-0800279aaa2b" }, { "control": "cb39be02-c637-4984-ad59-ad1b5afd7609", "match": "267fd529-f705-11e8-b555-0800279aaa2b" }, { "control": "cb39be02-c637-4984-ad59-ad1b5afd7609", "match": "267fd5ae-f705-11e8-b555-0800279aaa2b" }, { "control": "cb39be02-c637-4984-ad59-ad1b5afd7609", "match": "267fddeb-f705-11e8-b555-0800279aaa2b" }, { "control": "cb39be02-c637-4984-ad59-ad1b5afd7609", "match": "267fe9b4-f705-11e8-b555-0800279aaa2b" }, { "control": "b9383590-e160-4840-b6e7-9476aeb6b8c0", "match": "267fd610-f705-11e8-b555-0800279aaa2b" }, { "control": "aff838cd-5392-4620-be39-87c4ae7b6d33", "match": "267fd567-f705-11e8-b555-0800279aaa2b" }, { "control": "aff838cd-5392-4620-be39-87c4ae7b6d33", "match": "267fd5ae-f705-11e8-b555-0800279aaa2b" }, { "control": "aff838cd-5392-4620-be39-87c4ae7b6d33", "match": "267fe37d-f705-11e8-b555-0800279aaa2b" }, { "control": "30ccd853-e570-4c61-98d0-4837692d0654", "match": "267fd529-f705-11e8-b555-0800279aaa2b" }, { "control": "30ccd853-e570-4c61-98d0-4837692d0654", "match": "267fdef6-f705-11e8-b555-0800279aaa2b" }, { "control": "30ccd853-e570-4c61-98d0-4837692d0654", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "67e16eb6-14cb-41a4-aea0-8f0dc7ed1023", "match": "267fd529-f705-11e8-b555-0800279aaa2b" }, { "control": "67e16eb6-14cb-41a4-aea0-8f0dc7ed1023", "match": "267fd5ae-f705-11e8-b555-0800279aaa2b" }, { "control": "67e16eb6-14cb-41a4-aea0-8f0dc7ed1023", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "d447bf80-7c6e-4e16-9f69-a15ed7eafd92", "match": "267fd529-f705-11e8-b555-0800279aaa2b" }, { "control": "e499f145-1fad-49e2-9403-f50a2a9801e8", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "9bc48f7a-6863-421d-96c5-7e7099ef2415", "match": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "control": "9bc48f7a-6863-421d-96c5-7e7099ef2415", "match": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "control": "9bc48f7a-6863-421d-96c5-7e7099ef2415", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "9bc48f7a-6863-421d-96c5-7e7099ef2415", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "9bc48f7a-6863-421d-96c5-7e7099ef2415", "match": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "control": "9bc48f7a-6863-421d-96c5-7e7099ef2415", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "9bc48f7a-6863-421d-96c5-7e7099ef2415", "match": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "control": "1efbb7bc-a9df-41b0-af65-c8c7cc593246", "match": "267fe7e9-f705-11e8-b555-0800279aaa2b" }, { "control": "1efbb7bc-a9df-41b0-af65-c8c7cc593246", "match": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "control": "1efbb7bc-a9df-41b0-af65-c8c7cc593246", "match": "267fe600-f705-11e8-b555-0800279aaa2b" }, { "control": "6c55f12d-0f58-4caf-9c27-91c38d3620e3", "match": "267fd2ee-f705-11e8-b555-0800279aaa2b" }, { "control": "6c55f12d-0f58-4caf-9c27-91c38d3620e3", "match": "267fd3a6-f705-11e8-b555-0800279aaa2b" }, { "control": "6c55f12d-0f58-4caf-9c27-91c38d3620e3", "match": "267fd3e3-f705-11e8-b555-0800279aaa2b" }, { "control": "0af9100d-df42-4d7e-953d-8c1fd56dff85", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "5264169d-4e61-40b7-800e-1998f41af781", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "698ebcc9-cf38-49d4-9a7a-dce61bbff968", "match": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "control": "698ebcc9-cf38-49d4-9a7a-dce61bbff968", "match": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "control": "698ebcc9-cf38-49d4-9a7a-dce61bbff968", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "698ebcc9-cf38-49d4-9a7a-dce61bbff968", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "698ebcc9-cf38-49d4-9a7a-dce61bbff968", "match": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "control": "698ebcc9-cf38-49d4-9a7a-dce61bbff968", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "698ebcc9-cf38-49d4-9a7a-dce61bbff968", "match": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "control": "27086d2c-4ed0-4163-89c3-d280559102ea", "match": "267fd073-f705-11e8-b555-0800279aaa2b" }, { "control": "27086d2c-4ed0-4163-89c3-d280559102ea", "match": "267fdc38-f705-11e8-b555-0800279aaa2b" }, { "control": "27086d2c-4ed0-4163-89c3-d280559102ea", "match": "267fdc8c-f705-11e8-b555-0800279aaa2b" }, { "control": "27086d2c-4ed0-4163-89c3-d280559102ea", "match": "267fdcf3-f705-11e8-b555-0800279aaa2b" }, { "control": "4d738f6e-3999-4a07-97f8-552ef2df77f3", "match": "267fdc8c-f705-11e8-b555-0800279aaa2b" }, { "control": "4d738f6e-3999-4a07-97f8-552ef2df77f3", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "dce2b6b6-33dd-45b1-9006-e09493aa95e3", "match": "267fd69f-f705-11e8-b555-0800279aaa2b" }, { "control": "dce2b6b6-33dd-45b1-9006-e09493aa95e3", "match": "267fdbf1-f705-11e8-b555-0800279aaa2b" }, { "control": "dce2b6b6-33dd-45b1-9006-e09493aa95e3", "match": "267fd073-f705-11e8-b555-0800279aaa2b" }, { "control": "dce2b6b6-33dd-45b1-9006-e09493aa95e3", "match": "267fd0ef-f705-11e8-b555-0800279aaa2b" }, { "control": "dce2b6b6-33dd-45b1-9006-e09493aa95e3", "match": "267fdb18-f705-11e8-b555-0800279aaa2b" }, { "control": "d0557646-d1eb-4d79-8670-b1cdaf1072be", "match": "267fdb18-f705-11e8-b555-0800279aaa2b" }, { "control": "36ae972c-4543-4548-8946-47cb651ed0ef", "match": "267fc90c-f705-11e8-b555-0800279aaa2b" }, { "control": "36ae972c-4543-4548-8946-47cb651ed0ef", "match": "267fc94c-f705-11e8-b555-0800279aaa2b" }, { "control": "36ae972c-4543-4548-8946-47cb651ed0ef", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "b53a00fb-054c-4f9e-8aff-69ad91c1dcb8", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "b53a00fb-054c-4f9e-8aff-69ad91c1dcb8", "match": "267fd073-f705-11e8-b555-0800279aaa2b" }, { "control": "8ccaf96b-99b1-4677-be72-1e072cc26ebd", "match": "267fe307-f705-11e8-b555-0800279aaa2b" }, { "control": "0e0864af-bd66-4012-b7ea-75ee7a57ef0b", "match": "267fdb18-f705-11e8-b555-0800279aaa2b" }, { "control": "0e0864af-bd66-4012-b7ea-75ee7a57ef0b", "match": "267fe8fe-f705-11e8-b555-0800279aaa2b" }, { "control": "50310b7b-0a4b-4572-998c-5954f7d6750e", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "c1aa25a1-a0cf-483d-8b7d-44725cd3f6ed", "match": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "control": "c1aa25a1-a0cf-483d-8b7d-44725cd3f6ed", "match": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "control": "c1aa25a1-a0cf-483d-8b7d-44725cd3f6ed", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "c1aa25a1-a0cf-483d-8b7d-44725cd3f6ed", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "c1aa25a1-a0cf-483d-8b7d-44725cd3f6ed", "match": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "control": "c1aa25a1-a0cf-483d-8b7d-44725cd3f6ed", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "c1aa25a1-a0cf-483d-8b7d-44725cd3f6ed", "match": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "control": "4f08538a-9f7d-422f-aaae-0949bf39c028", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "4f08538a-9f7d-422f-aaae-0949bf39c028", "match": "267fdf76-f705-11e8-b555-0800279aaa2b" }, { "control": "4f08538a-9f7d-422f-aaae-0949bf39c028", "match": "267fea72-f705-11e8-b555-0800279aaa2b" }, { "control": "4f08538a-9f7d-422f-aaae-0949bf39c028", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "a3a1db7e-c1e1-409d-aa9a-e4b4ca925be6", "match": "267fcaeb-f705-11e8-b555-0800279aaa2b" }, { "control": "a3a1db7e-c1e1-409d-aa9a-e4b4ca925be6", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "4c98569b-ec41-4758-b8a3-5bd75b56d38b", "match": "267fe022-f705-11e8-b555-0800279aaa2b" }, { "control": "4c98569b-ec41-4758-b8a3-5bd75b56d38b", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "60a84903-025a-40c5-9cf6-dad960e55cf1", "match": "267fcd6f-f705-11e8-b555-0800279aaa2b" }, { "control": "60a84903-025a-40c5-9cf6-dad960e55cf1", "match": "267fd272-f705-11e8-b555-0800279aaa2b" }, { "control": "60a84903-025a-40c5-9cf6-dad960e55cf1", "match": "267fdfbe-f705-11e8-b555-0800279aaa2b" }, { "control": "1dfd046a-a422-4089-9fda-c141e865042a", "match": "267fcd6f-f705-11e8-b555-0800279aaa2b" }, { "control": "1dfd046a-a422-4089-9fda-c141e865042a", "match": "267fdfbe-f705-11e8-b555-0800279aaa2b" }, { "control": "1dfd046a-a422-4089-9fda-c141e865042a", "match": "267fea72-f705-11e8-b555-0800279aaa2b" }, { "control": "01096bf7-a45e-40d9-851e-72a6b8d7344a", "match": "267fce8a-f705-11e8-b555-0800279aaa2b" }, { "control": "01096bf7-a45e-40d9-851e-72a6b8d7344a", "match": "267fdfbe-f705-11e8-b555-0800279aaa2b" }, { "control": "5cdd85f2-15b0-4c61-b3d4-66f4ba9114c8", "match": "267fd272-f705-11e8-b555-0800279aaa2b" }, { "control": "5cdd85f2-15b0-4c61-b3d4-66f4ba9114c8", "match": "267fdfbe-f705-11e8-b555-0800279aaa2b" }, { "control": "5cdd85f2-15b0-4c61-b3d4-66f4ba9114c8", "match": "267fe37d-f705-11e8-b555-0800279aaa2b" }, { "control": "5ba61017-362e-411b-929d-c76c27358660", "match": "267fdfbe-f705-11e8-b555-0800279aaa2b" }, { "control": "b705c1c5-aee2-4cb0-9f55-f045fc627f34", "match": "267fdfbe-f705-11e8-b555-0800279aaa2b" }, { "control": "5278ff6f-473b-4a2c-8234-1a6a3198c701", "match": "267fdfbe-f705-11e8-b555-0800279aaa2b" }, { "control": "99e77822-723b-4a08-8ee0-4c73ad494db7", "match": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "control": "99e77822-723b-4a08-8ee0-4c73ad494db7", "match": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "control": "99e77822-723b-4a08-8ee0-4c73ad494db7", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "99e77822-723b-4a08-8ee0-4c73ad494db7", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "99e77822-723b-4a08-8ee0-4c73ad494db7", "match": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "control": "99e77822-723b-4a08-8ee0-4c73ad494db7", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "99e77822-723b-4a08-8ee0-4c73ad494db7", "match": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "control": "b82eba2f-bbf7-4390-aa9e-e35ccae691ba", "match": "267fd899-f705-11e8-b555-0800279aaa2b" }, { "control": "b82eba2f-bbf7-4390-aa9e-e35ccae691ba", "match": "267fd954-f705-11e8-b555-0800279aaa2b" }, { "control": "23ab9d48-396c-4f20-9344-e6a6bd2439a2", "match": "267fd899-f705-11e8-b555-0800279aaa2b" }, { "control": "23ab9d48-396c-4f20-9344-e6a6bd2439a2", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "d0c5fc8d-1e95-4e70-bdfd-f31d368af8f0", "match": "267fd899-f705-11e8-b555-0800279aaa2b" }, { "control": "d0c5fc8d-1e95-4e70-bdfd-f31d368af8f0", "match": "267fd6e4-f705-11e8-b555-0800279aaa2b" }, { "control": "d0c5fc8d-1e95-4e70-bdfd-f31d368af8f0", "match": "267fd761-f705-11e8-b555-0800279aaa2b" }, { "control": "d0c5fc8d-1e95-4e70-bdfd-f31d368af8f0", "match": "267fd8d8-f705-11e8-b555-0800279aaa2b" }, { "control": "1bf6a2b8-b728-49a2-953f-0a965d966db1", "match": "267fd954-f705-11e8-b555-0800279aaa2b" }, { "control": "7c68c0c2-fea5-44d1-8580-5170edd92e22", "match": "267fe510-f705-11e8-b555-0800279aaa2b" }, { "control": "df6812ce-357b-44ae-8979-a663a85fa687", "match": "267fd899-f705-11e8-b555-0800279aaa2b" }, { "control": "df6812ce-357b-44ae-8979-a663a85fa687", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "b41dacdb-78d6-4744-bcae-5a46b95cfe04", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "4123ace0-da01-431c-997c-bd03e3319f36", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "72eed0db-aa5a-4677-899f-b56d01187c6e", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "d351c523-45f7-405c-aa9e-eb4289dea021", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "90b76f4c-10ec-4530-a7c8-b3d488d8886d", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "67e6c588-aea1-47c7-a34e-e04bf91df582", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "74b14d2d-6320-4ac9-9b74-d93177dd4329", "match": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "control": "74b14d2d-6320-4ac9-9b74-d93177dd4329", "match": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "control": "74b14d2d-6320-4ac9-9b74-d93177dd4329", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "74b14d2d-6320-4ac9-9b74-d93177dd4329", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "74b14d2d-6320-4ac9-9b74-d93177dd4329", "match": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "control": "74b14d2d-6320-4ac9-9b74-d93177dd4329", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "74b14d2d-6320-4ac9-9b74-d93177dd4329", "match": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "control": "1476a1d4-f1f5-42ae-93a6-1227a89cb3e3", "match": "267fcaeb-f705-11e8-b555-0800279aaa2b" }, { "control": "1476a1d4-f1f5-42ae-93a6-1227a89cb3e3", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "e8449cab-54ae-4bd4-8b6e-de2820e8ec4b", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67", "match": "267fe9b4-f705-11e8-b555-0800279aaa2b" }, { "control": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67", "match": "267fea11-f705-11e8-b555-0800279aaa2b" }, { "control": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67", "match": "267fdeb8-f705-11e8-b555-0800279aaa2b" }, { "control": "3e0e9ea8-db9d-4825-b76a-17859f2f8e67", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "10213f53-5179-42f2-beb6-1364872d983d", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "69e93c59-0239-4bc8-8d5f-d2c65c706f46", "match": "267fc7c0-f705-11e8-b555-0800279aaa2b" }, { "control": "69e93c59-0239-4bc8-8d5f-d2c65c706f46", "match": "267fddeb-f705-11e8-b555-0800279aaa2b" }, { "control": "69e93c59-0239-4bc8-8d5f-d2c65c706f46", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "54802539-1d62-43c3-8f7e-8c7e03087812", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "c2260bd5-161f-4fb9-8496-0de50c2c3440", "match": "267fde78-f705-11e8-b555-0800279aaa2b" }, { "control": "c2260bd5-161f-4fb9-8496-0de50c2c3440", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "e1211579-cdf4-4357-ba8a-3a5c46401837", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "7fb408ab-f358-489d-be81-5b9395da78a7", "match": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "control": "7fb408ab-f358-489d-be81-5b9395da78a7", "match": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "control": "7fb408ab-f358-489d-be81-5b9395da78a7", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "7fb408ab-f358-489d-be81-5b9395da78a7", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "7fb408ab-f358-489d-be81-5b9395da78a7", "match": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "control": "7fb408ab-f358-489d-be81-5b9395da78a7", "match": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "control": "9d4a3657-457f-4223-adfe-d0b2df91ffc3", "match": "267fcf0a-f705-11e8-b555-0800279aaa2b" }, { "control": "9d4a3657-457f-4223-adfe-d0b2df91ffc3", "match": "267fcfdf-f705-11e8-b555-0800279aaa2b" }, { "control": "508b0a74-cd81-4a65-b2c1-bb4c193adc53", "match": "267fcfdf-f705-11e8-b555-0800279aaa2b" }, { "control": "9368a916-1fac-4dd2-b621-751ef4483a72", "match": "267fcf0a-f705-11e8-b555-0800279aaa2b" }, { "control": "bcc51690-d12c-41a8-bd76-6aae187a8afc", "match": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "control": "bcc51690-d12c-41a8-bd76-6aae187a8afc", "match": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "control": "bcc51690-d12c-41a8-bd76-6aae187a8afc", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "bcc51690-d12c-41a8-bd76-6aae187a8afc", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "bcc51690-d12c-41a8-bd76-6aae187a8afc", "match": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "control": "bcc51690-d12c-41a8-bd76-6aae187a8afc", "match": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "control": "14555491-0f15-428b-9ecd-836c6307675c", "match": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "control": "14555491-0f15-428b-9ecd-836c6307675c", "match": "267fd32a-f705-11e8-b555-0800279aaa2b" }, { "control": "14555491-0f15-428b-9ecd-836c6307675c", "match": "267fd7dd-f705-11e8-b555-0800279aaa2b" }, { "control": "70ccf1af-4cad-443a-9dcd-9b49c4b6aec8", "match": "267fca19-f705-11e8-b555-0800279aaa2b" }, { "control": "50272033-eb78-4309-84e0-303320d75b87", "match": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "control": "50272033-eb78-4309-84e0-303320d75b87", "match": "267fd32a-f705-11e8-b555-0800279aaa2b" }, { "control": "50272033-eb78-4309-84e0-303320d75b87", "match": "267fd7dd-f705-11e8-b555-0800279aaa2b" }, { "control": "025d84e9-5612-404e-acf4-5d860c01a73c", "match": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "control": "025d84e9-5612-404e-acf4-5d860c01a73c", "match": "267fd32a-f705-11e8-b555-0800279aaa2b" }, { "control": "025d84e9-5612-404e-acf4-5d860c01a73c", "match": "267fd421-f705-11e8-b555-0800279aaa2b" }, { "control": "025d84e9-5612-404e-acf4-5d860c01a73c", "match": "267fcfdf-f705-11e8-b555-0800279aaa2b" }, { "control": "025d84e9-5612-404e-acf4-5d860c01a73c", "match": "267fcf4f-f705-11e8-b555-0800279aaa2b" }, { "control": "b0779c7f-7db2-4af2-ab93-5c000a889408", "match": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "control": "b0779c7f-7db2-4af2-ab93-5c000a889408", "match": "267fd32a-f705-11e8-b555-0800279aaa2b" }, { "control": "b0779c7f-7db2-4af2-ab93-5c000a889408", "match": "267fd369-f705-11e8-b555-0800279aaa2b" }, { "control": "b0779c7f-7db2-4af2-ab93-5c000a889408", "match": "267fcf90-f705-11e8-b555-0800279aaa2b" }, { "control": "cc087e48-874b-4953-adcc-96fac3f19306", "match": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "control": "cc087e48-874b-4953-adcc-96fac3f19306", "match": "267fd32a-f705-11e8-b555-0800279aaa2b" }, { "control": "5b92c7ee-202b-4de8-983c-74937b86b48f", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "ee9525ea-a06f-4862-b6c8-c09fa266ea38", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "dc814dd1-359d-4245-839c-5a1cdd6e1bad", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "f7c64768-dc70-4e4d-b121-58f41bfde7c6", "match": "267fd3a6-f705-11e8-b555-0800279aaa2b" }, { "control": "f7c64768-dc70-4e4d-b121-58f41bfde7c6", "match": "267fd3e3-f705-11e8-b555-0800279aaa2b" }, { "control": "f7c64768-dc70-4e4d-b121-58f41bfde7c6", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "c1738677-3cae-4833-97b4-f2f3c04dd5e0", "match": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "control": "c1738677-3cae-4833-97b4-f2f3c04dd5e0", "match": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "control": "c1738677-3cae-4833-97b4-f2f3c04dd5e0", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "c1738677-3cae-4833-97b4-f2f3c04dd5e0", "match": "267fd659-f705-11e8-b555-0800279aaa2b" }, { "control": "c1738677-3cae-4833-97b4-f2f3c04dd5e0", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "c1738677-3cae-4833-97b4-f2f3c04dd5e0", "match": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "control": "c1738677-3cae-4833-97b4-f2f3c04dd5e0", "match": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "control": "e3d43ffd-1286-42c0-98fa-0e2e75d233e7", "match": "267fcce9-f705-11e8-b555-0800279aaa2b" }, { "control": "e3d43ffd-1286-42c0-98fa-0e2e75d233e7", "match": "267fcdac-f705-11e8-b555-0800279aaa2b" }, { "control": "06679cfa-1bfd-436a-b99d-698fb275dfdb", "match": "267fcca4-f705-11e8-b555-0800279aaa2b" }, { "control": "06679cfa-1bfd-436a-b99d-698fb275dfdb", "match": "267fcce9-f705-11e8-b555-0800279aaa2b" }, { "control": "06679cfa-1bfd-436a-b99d-698fb275dfdb", "match": "267fcd30-f705-11e8-b555-0800279aaa2b" }, { "control": "f1dc5cba-17a8-4bee-aad0-d6b0ca84124d", "match": "267fcce9-f705-11e8-b555-0800279aaa2b" }, { "control": "f1dc5cba-17a8-4bee-aad0-d6b0ca84124d", "match": "267fcecb-f705-11e8-b555-0800279aaa2b" }, { "control": "e8ed7158-ffc1-44a4-8673-80286ad97b36", "match": "267fcce9-f705-11e8-b555-0800279aaa2b" }, { "control": "e8ed7158-ffc1-44a4-8673-80286ad97b36", "match": "267fcd30-f705-11e8-b555-0800279aaa2b" }, { "control": "7c9127dc-e0e8-4a6f-9cf9-82f5a7b18f37", "match": "267fcd6f-f705-11e8-b555-0800279aaa2b" }, { "control": "7c9127dc-e0e8-4a6f-9cf9-82f5a7b18f37", "match": "267fce44-f705-11e8-b555-0800279aaa2b" }, { "control": "7c9127dc-e0e8-4a6f-9cf9-82f5a7b18f37", "match": "267fce8a-f705-11e8-b555-0800279aaa2b" }, { "control": "7c9127dc-e0e8-4a6f-9cf9-82f5a7b18f37", "match": "267fcecb-f705-11e8-b555-0800279aaa2b" }, { "control": "990ee3a7-3044-4c8f-8387-946a7a9aba76", "match": "267fce8a-f705-11e8-b555-0800279aaa2b" }, { "control": "6d3fbb99-fa7d-4c65-9c5f-928044a5840f", "match": "267fce8a-f705-11e8-b555-0800279aaa2b" }, { "control": "5cf67afa-7a43-4dd4-b1db-dd28862a689c", "match": "267fce8a-f705-11e8-b555-0800279aaa2b" }, { "control": "51e4fd6c-0aa8-4604-b13d-bf74c9706922", "match": "267fcd6f-f705-11e8-b555-0800279aaa2b" }, { "control": "51e4fd6c-0aa8-4604-b13d-bf74c9706922", "match": "267fce44-f705-11e8-b555-0800279aaa2b" }, { "control": "9dda0a30-be3d-4752-867d-bf9570971c52", "match": "267fcd6f-f705-11e8-b555-0800279aaa2b" }, { "control": "9dda0a30-be3d-4752-867d-bf9570971c52", "match": "267fce44-f705-11e8-b555-0800279aaa2b" }, { "control": "9dda0a30-be3d-4752-867d-bf9570971c52", "match": "267fce8a-f705-11e8-b555-0800279aaa2b" }, { "control": "6448f036-bdb2-4f21-8e30-0acf8073215d", "match": "267fcd6f-f705-11e8-b555-0800279aaa2b" }, { "control": "6448f036-bdb2-4f21-8e30-0acf8073215d", "match": "267fce44-f705-11e8-b555-0800279aaa2b" }, { "control": "6448f036-bdb2-4f21-8e30-0acf8073215d", "match": "267fce8a-f705-11e8-b555-0800279aaa2b" }, { "control": "de6195c6-1fc1-423a-a748-785653c9324f", "match": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "control": "de6195c6-1fc1-423a-a748-785653c9324f", "match": "267fcdec-f705-11e8-b555-0800279aaa2b" }, { "control": "de6195c6-1fc1-423a-a748-785653c9324f", "match": "267fcfdf-f705-11e8-b555-0800279aaa2b" }, { "control": "aead24db-a196-4daf-a099-60b1d1991d70", "match": "267fda0e-f705-11e8-b555-0800279aaa2b" }, { "control": "aead24db-a196-4daf-a099-60b1d1991d70", "match": "267fcf4f-f705-11e8-b555-0800279aaa2b" }, { "control": "aead24db-a196-4daf-a099-60b1d1991d70", "match": "267fd3a6-f705-11e8-b555-0800279aaa2b" }, { "control": "53ae3aa9-d88e-4f55-a040-375cfe348c48", "match": "267fcd6f-f705-11e8-b555-0800279aaa2b" }, { "control": "53ae3aa9-d88e-4f55-a040-375cfe348c48", "match": "267fce44-f705-11e8-b555-0800279aaa2b" }, { "control": "244cbc08-55d5-46ea-ba28-aec72f16b337", "match": "267fcd6f-f705-11e8-b555-0800279aaa2b" }, { "control": "244cbc08-55d5-46ea-ba28-aec72f16b337", "match": "267fce44-f705-11e8-b555-0800279aaa2b" }, { "control": "2fd70998-9247-4efd-923d-276f5c76b3b9", "match": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "control": "b3523d09-add6-4b33-aa3e-6f780d83a9d6", "match": "267fcd6f-f705-11e8-b555-0800279aaa2b" }, { "control": "3c492512-da9f-4112-a76a-3e5cb0400e6f", "match": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "control": "3c492512-da9f-4112-a76a-3e5cb0400e6f", "match": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "control": "3c492512-da9f-4112-a76a-3e5cb0400e6f", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "3c492512-da9f-4112-a76a-3e5cb0400e6f", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "3c492512-da9f-4112-a76a-3e5cb0400e6f", "match": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "control": "3c492512-da9f-4112-a76a-3e5cb0400e6f", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "3c492512-da9f-4112-a76a-3e5cb0400e6f", "match": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "control": "8047a1c6-e890-4817-982d-04fcdc2820a2", "match": "267fda50-f705-11e8-b555-0800279aaa2b" }, { "control": "8047a1c6-e890-4817-982d-04fcdc2820a2", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "7b481f8c-2485-40a8-aee7-03b39721e103", "match": "267fcaad-f705-11e8-b555-0800279aaa2b" }, { "control": "7b481f8c-2485-40a8-aee7-03b39721e103", "match": "267fc6f7-f705-11e8-b555-0800279aaa2b" }, { "control": "7b481f8c-2485-40a8-aee7-03b39721e103", "match": "267fcaeb-f705-11e8-b555-0800279aaa2b" }, { "control": "7b481f8c-2485-40a8-aee7-03b39721e103", "match": "267fc989-f705-11e8-b555-0800279aaa2b" }, { "control": "7b481f8c-2485-40a8-aee7-03b39721e103", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "7f388f12-77ec-47bf-b816-79cb42086b09", "match": "267fda50-f705-11e8-b555-0800279aaa2b" }, { "control": "7f388f12-77ec-47bf-b816-79cb42086b09", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "3bffd1eb-e6a7-47ad-927a-0d679048ed5a", "match": "267fda50-f705-11e8-b555-0800279aaa2b" }, { "control": "3bffd1eb-e6a7-47ad-927a-0d679048ed5a", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "5b9bdfcc-3150-4c4a-8b08-386d9a829585", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "3ceb9dfc-c9e2-4cb6-830d-8170d53d5b05", "match": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "control": "3ceb9dfc-c9e2-4cb6-830d-8170d53d5b05", "match": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "control": "3ceb9dfc-c9e2-4cb6-830d-8170d53d5b05", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "3ceb9dfc-c9e2-4cb6-830d-8170d53d5b05", "match": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "control": "3ceb9dfc-c9e2-4cb6-830d-8170d53d5b05", "match": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "control": "293ebc1c-0452-41f8-ab14-101846241a47", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "898d7024-6d3f-4d9a-868f-34ea1e451801", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "08327040-541f-40b4-a1cc-815d9298afe0", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "d5a60a37-684d-4b4b-b8a2-7d03814ff70d", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "ecefd9da-a07c-41c2-9397-017e878bdb67", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "2d2a7dc6-2770-4897-ac0b-492e7ddd24ed", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "44b2a62a-6bc7-4474-b618-f1bc15e9798f", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "ec1457b8-d116-45a4-8c61-5b8ddba8a2b9", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "9a4b8ede-d722-44b8-a04f-ae78cbd266ab", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "b395f91d-24a4-4720-8534-3b491bb41002", "match": "267fcaeb-f705-11e8-b555-0800279aaa2b" }, { "control": "b395f91d-24a4-4720-8534-3b491bb41002", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "8ff7acc4-c71b-4e1d-89f3-0c7db4a5055f", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "e1219fd8-9db2-4297-99da-63be2b433aa8", "match": "267fc80f-f705-11e8-b555-0800279aaa2b" }, { "control": "e1219fd8-9db2-4297-99da-63be2b433aa8", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "e25168b6-fb5b-4ae7-a14c-6afc86246348", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "ab16520f-0c45-404d-8852-df2722a96412", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "8e3958aa-59c3-4c3e-9cf0-1283d783ec46", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "8e3958aa-59c3-4c3e-9cf0-1283d783ec46", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "3585bbce-5c3b-4a2a-8a53-5c4af9467365", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "41ad2d98-3dc5-4167-a8cf-869b3b53c495", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "d7d3d288-cd67-40ea-871a-4aa256262dbf", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "a43a957c-c1ce-462f-87b8-bcb962a26991", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "9c603ddb-5850-42a9-85bd-641667182bed", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "9c603ddb-5850-42a9-85bd-641667182bed", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "54ca56bb-3a0e-47b9-8cdb-b28976481e54", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "54ca56bb-3a0e-47b9-8cdb-b28976481e54", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "e2aa9575-d1f9-440c-a3ae-72f79489dd3c", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "ce8a976a-536a-44ea-bb8b-bcf28a6931c8", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "15f0293a-cef3-4c58-a6cf-725f0ea044c5", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "7f02ee88-5118-467b-bffc-c6176276db0a", "match": "267fc90c-f705-11e8-b555-0800279aaa2b" }, { "control": "7f02ee88-5118-467b-bffc-c6176276db0a", "match": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "control": "7f02ee88-5118-467b-bffc-c6176276db0a", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "a6ae4db0-5f77-4e60-ae47-fa721623bcdb", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "3e6cdfcd-14f3-4b34-a6d4-62d677332806", "match": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "control": "3e6cdfcd-14f3-4b34-a6d4-62d677332806", "match": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "control": "3e6cdfcd-14f3-4b34-a6d4-62d677332806", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "3e6cdfcd-14f3-4b34-a6d4-62d677332806", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "3e6cdfcd-14f3-4b34-a6d4-62d677332806", "match": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "control": "3e6cdfcd-14f3-4b34-a6d4-62d677332806", "match": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "control": "22faa4a0-2027-4150-8176-c77e84e3f03d", "match": "267fca6b-f705-11e8-b555-0800279aaa2b" }, { "control": "4d28a85e-20d2-4186-995e-de48a90eebb4", "match": "267fcb79-f705-11e8-b555-0800279aaa2b" }, { "control": "4d28a85e-20d2-4186-995e-de48a90eebb4", "match": "267fcbce-f705-11e8-b555-0800279aaa2b" }, { "control": "4d28a85e-20d2-4186-995e-de48a90eebb4", "match": "267fcc3c-f705-11e8-b555-0800279aaa2b" }, { "control": "db5781c8-b759-47de-9862-27b2d3c2b568", "match": "267fcb79-f705-11e8-b555-0800279aaa2b" }, { "control": "db5781c8-b759-47de-9862-27b2d3c2b568", "match": "267fcbce-f705-11e8-b555-0800279aaa2b" }, { "control": "012149b7-7c59-4220-83bf-d6879a886f20", "match": "267fcaad-f705-11e8-b555-0800279aaa2b" }, { "control": "012149b7-7c59-4220-83bf-d6879a886f20", "match": "267fc6f7-f705-11e8-b555-0800279aaa2b" }, { "control": "012149b7-7c59-4220-83bf-d6879a886f20", "match": "267fc77e-f705-11e8-b555-0800279aaa2b" }, { "control": "54db3434-c9cc-4a09-90a0-7e94aa29ae61", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "54db3434-c9cc-4a09-90a0-7e94aa29ae61", "match": "267fc6f7-f705-11e8-b555-0800279aaa2b" }, { "control": "4b7824ea-dc4e-4938-9ebd-36b865f88585", "match": "267fcb29-f705-11e8-b555-0800279aaa2b" }, { "control": "675a9b3f-8abe-4b6f-948e-b701c2a02a84", "match": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "control": "675a9b3f-8abe-4b6f-948e-b701c2a02a84", "match": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "control": "675a9b3f-8abe-4b6f-948e-b701c2a02a84", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "675a9b3f-8abe-4b6f-948e-b701c2a02a84", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "675a9b3f-8abe-4b6f-948e-b701c2a02a84", "match": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "control": "675a9b3f-8abe-4b6f-948e-b701c2a02a84", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "675a9b3f-8abe-4b6f-948e-b701c2a02a84", "match": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "control": "e30e5bc6-c3f4-4714-9c0a-6aed3e4daa6d", "match": "267fc9c9-f705-11e8-b555-0800279aaa2b" }, { "control": "8a174f26-95ff-41dd-8042-039189065395", "match": "267fdda3-f705-11e8-b555-0800279aaa2b" }, { "control": "8a174f26-95ff-41dd-8042-039189065395", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "9e62441a-c6d5-4707-a835-6230dc5b0d53", "match": "267fdda3-f705-11e8-b555-0800279aaa2b" }, { "control": "f19db716-460e-44f8-a2d2-304cbbe54b73", "match": "267fdda3-f705-11e8-b555-0800279aaa2b" }, { "control": "f19db716-460e-44f8-a2d2-304cbbe54b73", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "e54190a1-12f2-46d1-b36b-0e7b49b85e43", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "a6a327ee-3850-4c6c-8828-03cbe4ac83df", "match": "267fc9c9-f705-11e8-b555-0800279aaa2b" }, { "control": "53cbe570-60ce-4aba-9f32-f7cfce6fdc56", "match": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "control": "53cbe570-60ce-4aba-9f32-f7cfce6fdc56", "match": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "control": "53cbe570-60ce-4aba-9f32-f7cfce6fdc56", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "53cbe570-60ce-4aba-9f32-f7cfce6fdc56", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "53cbe570-60ce-4aba-9f32-f7cfce6fdc56", "match": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "control": "53cbe570-60ce-4aba-9f32-f7cfce6fdc56", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "53cbe570-60ce-4aba-9f32-f7cfce6fdc56", "match": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "control": "d6871e86-4df5-4d80-8529-3ec214940b69", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "d6871e86-4df5-4d80-8529-3ec214940b69", "match": "267fe6b9-f705-11e8-b555-0800279aaa2b" }, { "control": "d6871e86-4df5-4d80-8529-3ec214940b69", "match": "267fda50-f705-11e8-b555-0800279aaa2b" }, { "control": "d6871e86-4df5-4d80-8529-3ec214940b69", "match": "267fe8a1-f705-11e8-b555-0800279aaa2b" }, { "control": "d6871e86-4df5-4d80-8529-3ec214940b69", "match": "267fe847-f705-11e8-b555-0800279aaa2b" }, { "control": "d6871e86-4df5-4d80-8529-3ec214940b69", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "729aa83b-a59b-48a0-b0a0-c592402dcae7", "match": "267fda50-f705-11e8-b555-0800279aaa2b" }, { "control": "729aa83b-a59b-48a0-b0a0-c592402dcae7", "match": "267fdd55-f705-11e8-b555-0800279aaa2b" }, { "control": "729aa83b-a59b-48a0-b0a0-c592402dcae7", "match": "267fd1ea-f705-11e8-b555-0800279aaa2b" }, { "control": "729aa83b-a59b-48a0-b0a0-c592402dcae7", "match": "267fc88e-f705-11e8-b555-0800279aaa2b" }, { "control": "729aa83b-a59b-48a0-b0a0-c592402dcae7", "match": "267fc8cc-f705-11e8-b555-0800279aaa2b" }, { "control": "729aa83b-a59b-48a0-b0a0-c592402dcae7", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "d32c4960-9581-4717-9a02-690d61709153", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "6fd6cc79-208a-4f2c-8a05-9adae75fd255", "match": "267fdf36-f705-11e8-b555-0800279aaa2b" }, { "control": "6fd6cc79-208a-4f2c-8a05-9adae75fd255", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "64f93d70-568f-404a-a049-b7f37598ec66", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "64f93d70-568f-404a-a049-b7f37598ec66", "match": "267fe6b9-f705-11e8-b555-0800279aaa2b" }, { "control": "64f93d70-568f-404a-a049-b7f37598ec66", "match": "267fc6f7-f705-11e8-b555-0800279aaa2b" }, { "control": "64f93d70-568f-404a-a049-b7f37598ec66", "match": "267fd2ee-f705-11e8-b555-0800279aaa2b" }, { "control": "64f93d70-568f-404a-a049-b7f37598ec66", "match": "267fd3e3-f705-11e8-b555-0800279aaa2b" }, { "control": "64f93d70-568f-404a-a049-b7f37598ec66", "match": "267fd12f-f705-11e8-b555-0800279aaa2b" }, { "control": "64f93d70-568f-404a-a049-b7f37598ec66", "match": "267fd16b-f705-11e8-b555-0800279aaa2b" }, { "control": "64f93d70-568f-404a-a049-b7f37598ec66", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "769c7460-a4d0-45f3-a36e-4b8347526278", "match": "267fd073-f705-11e8-b555-0800279aaa2b" }, { "control": "769c7460-a4d0-45f3-a36e-4b8347526278", "match": "267fe8a1-f705-11e8-b555-0800279aaa2b" }, { "control": "769c7460-a4d0-45f3-a36e-4b8347526278", "match": "267fdc38-f705-11e8-b555-0800279aaa2b" }, { "control": "769c7460-a4d0-45f3-a36e-4b8347526278", "match": "267fdcf3-f705-11e8-b555-0800279aaa2b" }, { "control": "769c7460-a4d0-45f3-a36e-4b8347526278", "match": "267fdd55-f705-11e8-b555-0800279aaa2b" }, { "control": "cd6f1fb6-d9ee-40c8-bc00-8b485185cf15", "match": "267fdda3-f705-11e8-b555-0800279aaa2b" }, { "control": "cd6f1fb6-d9ee-40c8-bc00-8b485185cf15", "match": "267fdd55-f705-11e8-b555-0800279aaa2b" }, { "control": "cd6f1fb6-d9ee-40c8-bc00-8b485185cf15", "match": "267fe7e9-f705-11e8-b555-0800279aaa2b" }, { "control": "cd6f1fb6-d9ee-40c8-bc00-8b485185cf15", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "9df48cd7-7ec8-4ac6-9563-68087e9c49d6", "match": "267fdd55-f705-11e8-b555-0800279aaa2b" }, { "control": "9df48cd7-7ec8-4ac6-9563-68087e9c49d6", "match": "267fc88e-f705-11e8-b555-0800279aaa2b" }, { "control": "9df48cd7-7ec8-4ac6-9563-68087e9c49d6", "match": "267fc8cc-f705-11e8-b555-0800279aaa2b" }, { "control": "9df48cd7-7ec8-4ac6-9563-68087e9c49d6", "match": "267fe959-f705-11e8-b555-0800279aaa2b" }, { "control": "650ec6f8-fbad-4fe7-a0db-62d3861a5372", "match": "267fe6b9-f705-11e8-b555-0800279aaa2b" }, { "control": "650ec6f8-fbad-4fe7-a0db-62d3861a5372", "match": "267fe8a1-f705-11e8-b555-0800279aaa2b" }, { "control": "650ec6f8-fbad-4fe7-a0db-62d3861a5372", "match": "267fdc38-f705-11e8-b555-0800279aaa2b" }, { "control": "95f027c8-c84f-474f-bd23-872f96e00dc9", "match": "267fe8a1-f705-11e8-b555-0800279aaa2b" }, { "control": "95f027c8-c84f-474f-bd23-872f96e00dc9", "match": "267fdf36-f705-11e8-b555-0800279aaa2b" }, { "control": "bf85f2a4-2b80-4ae9-b4b5-5c2084c04061", "match": "267fcf90-f705-11e8-b555-0800279aaa2b" }, { "control": "7277cac1-5813-4356-b108-72fe5263f8c3", "match": "267fca6b-f705-11e8-b555-0800279aaa2b" }, { "control": "11fe35fa-d904-4137-9961-307097961e0c", "match": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "control": "11fe35fa-d904-4137-9961-307097961e0c", "match": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "control": "11fe35fa-d904-4137-9961-307097961e0c", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "11fe35fa-d904-4137-9961-307097961e0c", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "11fe35fa-d904-4137-9961-307097961e0c", "match": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "control": "11fe35fa-d904-4137-9961-307097961e0c", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "11fe35fa-d904-4137-9961-307097961e0c", "match": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "control": "a6586afd-bc0f-4334-88da-615989665368", "match": "267fd2b1-f705-11e8-b555-0800279aaa2b" }, { "control": "a6586afd-bc0f-4334-88da-615989665368", "match": "267fd85b-f705-11e8-b555-0800279aaa2b" }, { "control": "a6586afd-bc0f-4334-88da-615989665368", "match": "267fd3a6-f705-11e8-b555-0800279aaa2b" }, { "control": "a6586afd-bc0f-4334-88da-615989665368", "match": "267fd4ed-f705-11e8-b555-0800279aaa2b" }, { "control": "a6586afd-bc0f-4334-88da-615989665368", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "583129dc-d3e3-49c3-8ee9-3fbf18e020de", "match": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "control": "583129dc-d3e3-49c3-8ee9-3fbf18e020de", "match": "267fd2b1-f705-11e8-b555-0800279aaa2b" }, { "control": "583129dc-d3e3-49c3-8ee9-3fbf18e020de", "match": "267fd3a6-f705-11e8-b555-0800279aaa2b" }, { "control": "583129dc-d3e3-49c3-8ee9-3fbf18e020de", "match": "267fd462-f705-11e8-b555-0800279aaa2b" }, { "control": "583129dc-d3e3-49c3-8ee9-3fbf18e020de", "match": "267fd4ac-f705-11e8-b555-0800279aaa2b" }, { "control": "583129dc-d3e3-49c3-8ee9-3fbf18e020de", "match": "267fd4ed-f705-11e8-b555-0800279aaa2b" }, { "control": "09932f73-e48b-4d2b-bced-733f4039902e", "match": "267fd2b1-f705-11e8-b555-0800279aaa2b" }, { "control": "6726eb21-52f9-4922-a1d6-50c098ddba74", "match": "267fdacc-f705-11e8-b555-0800279aaa2b" }, { "control": "edd532b7-577e-441b-820c-3b73fbd11c79", "match": "267fda8c-f705-11e8-b555-0800279aaa2b" }, { "control": "edd532b7-577e-441b-820c-3b73fbd11c79", "match": "267fd4ac-f705-11e8-b555-0800279aaa2b" }, { "control": "edd532b7-577e-441b-820c-3b73fbd11c79", "match": "267fd4ed-f705-11e8-b555-0800279aaa2b" }, { "control": "edd532b7-577e-441b-820c-3b73fbd11c79", "match": "267fe510-f705-11e8-b555-0800279aaa2b" }, { "control": "d44c41d6-5fa9-4fac-9751-a8236a103c35", "match": "267fd3a6-f705-11e8-b555-0800279aaa2b" }, { "control": "c2f67a16-dc82-4d43-a71b-63e2143f9b73", "match": "267fdacc-f705-11e8-b555-0800279aaa2b" }, { "control": "a35f7748-5868-46cd-9dea-b4e87fde8311", "match": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "control": "a35f7748-5868-46cd-9dea-b4e87fde8311", "match": "267fe37d-f705-11e8-b555-0800279aaa2b" }, { "control": "cb78c641-26f3-4a31-bcec-ab7ffdeafef2", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "cb78c641-26f3-4a31-bcec-ab7ffdeafef2", "match": "267fd073-f705-11e8-b555-0800279aaa2b" }, { "control": "cb78c641-26f3-4a31-bcec-ab7ffdeafef2", "match": "267fd1a8-f705-11e8-b555-0800279aaa2b" }, { "control": "cb78c641-26f3-4a31-bcec-ab7ffdeafef2", "match": "267fd0ef-f705-11e8-b555-0800279aaa2b" }, { "control": "cb78c641-26f3-4a31-bcec-ab7ffdeafef2", "match": "267fd22e-f705-11e8-b555-0800279aaa2b" }, { "control": "cb78c641-26f3-4a31-bcec-ab7ffdeafef2", "match": "267fd272-f705-11e8-b555-0800279aaa2b" }, { "control": "cb78c641-26f3-4a31-bcec-ab7ffdeafef2", "match": "267fd529-f705-11e8-b555-0800279aaa2b" }, { "control": "cb78c641-26f3-4a31-bcec-ab7ffdeafef2", "match": "267fd567-f705-11e8-b555-0800279aaa2b" }, { "control": "cb78c641-26f3-4a31-bcec-ab7ffdeafef2", "match": "267fd5ae-f705-11e8-b555-0800279aaa2b" }, { "control": "cb78c641-26f3-4a31-bcec-ab7ffdeafef2", "match": "267fd610-f705-11e8-b555-0800279aaa2b" }, { "control": "cb78c641-26f3-4a31-bcec-ab7ffdeafef2", "match": "267fdb18-f705-11e8-b555-0800279aaa2b" }, { "control": "cb78c641-26f3-4a31-bcec-ab7ffdeafef2", "match": "267fdda3-f705-11e8-b555-0800279aaa2b" }, { "control": "cb78c641-26f3-4a31-bcec-ab7ffdeafef2", "match": "267fe8fe-f705-11e8-b555-0800279aaa2b" }, { "control": "cb78c641-26f3-4a31-bcec-ab7ffdeafef2", "match": "267fe660-f705-11e8-b555-0800279aaa2b" }, { "control": "96e2a11b-1b39-4903-be42-374102c930df", "match": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "control": "96e2a11b-1b39-4903-be42-374102c930df", "match": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "control": "96e2a11b-1b39-4903-be42-374102c930df", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "96e2a11b-1b39-4903-be42-374102c930df", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "96e2a11b-1b39-4903-be42-374102c930df", "match": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "control": "96e2a11b-1b39-4903-be42-374102c930df", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "96e2a11b-1b39-4903-be42-374102c930df", "match": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "control": "83caa43e-7179-4477-8665-66d47d058417", "match": "267fdda3-f705-11e8-b555-0800279aaa2b" }, { "control": "83caa43e-7179-4477-8665-66d47d058417", "match": "267fdc38-f705-11e8-b555-0800279aaa2b" }, { "control": "83caa43e-7179-4477-8665-66d47d058417", "match": "267fdc8c-f705-11e8-b555-0800279aaa2b" }, { "control": "83caa43e-7179-4477-8665-66d47d058417", "match": "267fde31-f705-11e8-b555-0800279aaa2b" }, { "control": "83caa43e-7179-4477-8665-66d47d058417", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "15dfbe37-4a2d-4df7-b00c-f558524b561c", "match": "267fd22e-f705-11e8-b555-0800279aaa2b" }, { "control": "d4546ede-ed2f-4bbc-a485-150bbdb4e9c2", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "3d9c8de5-f6f2-4a5d-8093-74849dc24a82", "match": "267fc80f-f705-11e8-b555-0800279aaa2b" }, { "control": "fa2d6a81-6a4e-41c7-91da-9024f91a7685", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "8cf0e5df-fb43-4dd0-a65e-d635d5902ffc", "match": "267fd22e-f705-11e8-b555-0800279aaa2b" }, { "control": "2fd75399-324e-40ed-9a82-80089816f398", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "039e5e9e-19cf-436b-b4fd-d0cfa4547110", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "bf1d6c37-e1e1-4c78-8055-79a364219193", "match": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "control": "bf1d6c37-e1e1-4c78-8055-79a364219193", "match": "267fcf90-f705-11e8-b555-0800279aaa2b" }, { "control": "bf1d6c37-e1e1-4c78-8055-79a364219193", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "bca47b93-453b-47d8-8527-16c4fdd8f6e5", "match": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "control": "bca47b93-453b-47d8-8527-16c4fdd8f6e5", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "5c1413f5-14f3-48bc-b371-5fda85e52cb8", "match": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "control": "5c1413f5-14f3-48bc-b371-5fda85e52cb8", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" } ], "version": 1 } 2021-10-12T14:56:46.247670+00:00 https://objects.monarc.lu/object/get/34 2024-05-02T13:22:55.421652+00:00 MONARC { "label": "NIS security measures - ISO/IEC 27002", "refs": [ "https://www.enisa.europa.eu/topics/nis-directive/minimum-security-measures-for-operators-of-essentials-services" ], "security referentials UUID": [ "3f4a2a67-a1f9-46e1-8d71-7f6486217bb7", "98ca84fb-db87-11e8-ac77-0800279aaa2b" ], "uuid": "f461053a-ab34-42a6-80cd-83a140b06de1", "values": [ { "control": "02527779-a76f-42fc-b420-6726099d4241", "match": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "control": "02527779-a76f-42fc-b420-6726099d4241", "match": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "control": "cfda8669-f42c-4917-833e-b873110b4380", "match": "267fc6f7-f705-11e8-b555-0800279aaa2b" }, { "control": "66b045d6-77a5-426f-afe5-55cac81ac5c8", "match": "267fc88e-f705-11e8-b555-0800279aaa2b" }, { "control": "66b045d6-77a5-426f-afe5-55cac81ac5c8", "match": "267fc8cc-f705-11e8-b555-0800279aaa2b" }, { "control": "11c11899-6a4d-4937-ae09-fc3dcfdb26f9", "match": "267fc90c-f705-11e8-b555-0800279aaa2b" }, { "control": "11c11899-6a4d-4937-ae09-fc3dcfdb26f9", "match": "267fc94c-f705-11e8-b555-0800279aaa2b" }, { "control": "11c11899-6a4d-4937-ae09-fc3dcfdb26f9", "match": "267fc989-f705-11e8-b555-0800279aaa2b" }, { "control": "11c11899-6a4d-4937-ae09-fc3dcfdb26f9", "match": "267fc9c9-f705-11e8-b555-0800279aaa2b" }, { "control": "11c11899-6a4d-4937-ae09-fc3dcfdb26f9", "match": "267fca19-f705-11e8-b555-0800279aaa2b" }, { "control": "cfda8669-f42c-4917-833e-b873110b4380", "match": "267fca6b-f705-11e8-b555-0800279aaa2b" }, { "control": "cfda8669-f42c-4917-833e-b873110b4380", "match": "267fcaad-f705-11e8-b555-0800279aaa2b" }, { "control": "cfda8669-f42c-4917-833e-b873110b4380", "match": "267fcaeb-f705-11e8-b555-0800279aaa2b" }, { "control": "cfda8669-f42c-4917-833e-b873110b4380", "match": "267fcb29-f705-11e8-b555-0800279aaa2b" }, { "control": "cfda8669-f42c-4917-833e-b873110b4380", "match": "267fcb79-f705-11e8-b555-0800279aaa2b" }, { "control": "11c11899-6a4d-4937-ae09-fc3dcfdb26f9", "match": "267fcbce-f705-11e8-b555-0800279aaa2b" }, { "control": "6b327343-7f81-4a40-bc46-194cf5aa54df", "match": "267fcc3c-f705-11e8-b555-0800279aaa2b" }, { "control": "9fa537a3-efc0-4624-aeae-ab975076e1c0", "match": "267fcc3c-f705-11e8-b555-0800279aaa2b" }, { "control": "157d5514-b3cd-4d31-9bff-560a1a436d96", "match": "267fcca4-f705-11e8-b555-0800279aaa2b" }, { "control": "157d5514-b3cd-4d31-9bff-560a1a436d96", "match": "267fcce9-f705-11e8-b555-0800279aaa2b" }, { "control": "157d5514-b3cd-4d31-9bff-560a1a436d96", "match": "267fcd30-f705-11e8-b555-0800279aaa2b" }, { "control": "157d5514-b3cd-4d31-9bff-560a1a436d96", "match": "267fcd6f-f705-11e8-b555-0800279aaa2b" }, { "control": "157d5514-b3cd-4d31-9bff-560a1a436d96", "match": "267fcdac-f705-11e8-b555-0800279aaa2b" }, { "control": "157d5514-b3cd-4d31-9bff-560a1a436d96", "match": "267fcdec-f705-11e8-b555-0800279aaa2b" }, { "control": "157d5514-b3cd-4d31-9bff-560a1a436d96", "match": "267fce44-f705-11e8-b555-0800279aaa2b" }, { "control": "157d5514-b3cd-4d31-9bff-560a1a436d96", "match": "267fce8a-f705-11e8-b555-0800279aaa2b" }, { "control": "157d5514-b3cd-4d31-9bff-560a1a436d96", "match": "267fcecb-f705-11e8-b555-0800279aaa2b" }, { "control": "157d5514-b3cd-4d31-9bff-560a1a436d96", "match": "267fcf0a-f705-11e8-b555-0800279aaa2b" }, { "control": "157d5514-b3cd-4d31-9bff-560a1a436d96", "match": "267fcf4f-f705-11e8-b555-0800279aaa2b" }, { "control": "157d5514-b3cd-4d31-9bff-560a1a436d96", "match": "267fcf90-f705-11e8-b555-0800279aaa2b" }, { "control": "157d5514-b3cd-4d31-9bff-560a1a436d96", "match": "267fcfdf-f705-11e8-b555-0800279aaa2b" }, { "control": "8e6bf606-42cf-4f85-bedd-5e633d241183", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "26b54bed-01d5-4614-b0ed-907af072b8a9", "match": "267fd12f-f705-11e8-b555-0800279aaa2b" }, { "control": "26b54bed-01d5-4614-b0ed-907af072b8a9", "match": "267fd16b-f705-11e8-b555-0800279aaa2b" }, { "control": "7d1e4532-ddb1-408c-8a9d-ffed0cef3821", "match": "267fd1a8-f705-11e8-b555-0800279aaa2b" }, { "control": "752f00ca-196b-4055-b660-4a09185ce3a7", "match": "267fd1ea-f705-11e8-b555-0800279aaa2b" }, { "control": "a3f6ee47-de81-400a-a7dc-79e79fb73729", "match": "267fd2b1-f705-11e8-b555-0800279aaa2b" }, { "control": "a3f6ee47-de81-400a-a7dc-79e79fb73729", "match": "267fd2ee-f705-11e8-b555-0800279aaa2b" }, { "control": "11c11899-6a4d-4937-ae09-fc3dcfdb26f9", "match": "267fd32a-f705-11e8-b555-0800279aaa2b" }, { "control": "11c11899-6a4d-4937-ae09-fc3dcfdb26f9", "match": "267fd369-f705-11e8-b555-0800279aaa2b" }, { "control": "11c11899-6a4d-4937-ae09-fc3dcfdb26f9", "match": "267fd421-f705-11e8-b555-0800279aaa2b" }, { "control": "752f00ca-196b-4055-b660-4a09185ce3a7", "match": "267fd4ac-f705-11e8-b555-0800279aaa2b" }, { "control": "752f00ca-196b-4055-b660-4a09185ce3a7", "match": "267fd4ed-f705-11e8-b555-0800279aaa2b" }, { "control": "1b9d05fc-e385-4fdb-aa44-54e069a9ea91", "match": "267fd529-f705-11e8-b555-0800279aaa2b" }, { "control": "725706a3-fa1d-48e1-8458-21974439b34b", "match": "267fd529-f705-11e8-b555-0800279aaa2b" }, { "control": "957b42b2-b3c6-4d0c-b32e-fcc4bea29ffd", "match": "267fd529-f705-11e8-b555-0800279aaa2b" }, { "control": "1b9d05fc-e385-4fdb-aa44-54e069a9ea91", "match": "267fd567-f705-11e8-b555-0800279aaa2b" }, { "control": "725706a3-fa1d-48e1-8458-21974439b34b", "match": "267fd567-f705-11e8-b555-0800279aaa2b" }, { "control": "957b42b2-b3c6-4d0c-b32e-fcc4bea29ffd", "match": "267fd567-f705-11e8-b555-0800279aaa2b" }, { "control": "1b9d05fc-e385-4fdb-aa44-54e069a9ea91", "match": "267fd5ae-f705-11e8-b555-0800279aaa2b" }, { "control": "725706a3-fa1d-48e1-8458-21974439b34b", "match": "267fd5ae-f705-11e8-b555-0800279aaa2b" }, { "control": "957b42b2-b3c6-4d0c-b32e-fcc4bea29ffd", "match": "267fd5ae-f705-11e8-b555-0800279aaa2b" }, { "control": "1b9d05fc-e385-4fdb-aa44-54e069a9ea91", "match": "267fd610-f705-11e8-b555-0800279aaa2b" }, { "control": "725706a3-fa1d-48e1-8458-21974439b34b", "match": "267fd610-f705-11e8-b555-0800279aaa2b" }, { "control": "957b42b2-b3c6-4d0c-b32e-fcc4bea29ffd", "match": "267fd610-f705-11e8-b555-0800279aaa2b" }, { "control": "f5f8ef4a-25f2-4169-b279-424081fc6125", "match": "267fd659-f705-11e8-b555-0800279aaa2b" }, { "control": "6b327343-7f81-4a40-bc46-194cf5aa54df", "match": "267fd69f-f705-11e8-b555-0800279aaa2b" }, { "control": "9fa537a3-efc0-4624-aeae-ab975076e1c0", "match": "267fd69f-f705-11e8-b555-0800279aaa2b" }, { "control": "6b327343-7f81-4a40-bc46-194cf5aa54df", "match": "267fd6e4-f705-11e8-b555-0800279aaa2b" }, { "control": "9fa537a3-efc0-4624-aeae-ab975076e1c0", "match": "267fd6e4-f705-11e8-b555-0800279aaa2b" }, { "control": "6b327343-7f81-4a40-bc46-194cf5aa54df", "match": "267fd723-f705-11e8-b555-0800279aaa2b" }, { "control": "9fa537a3-efc0-4624-aeae-ab975076e1c0", "match": "267fd723-f705-11e8-b555-0800279aaa2b" }, { "control": "157d5514-b3cd-4d31-9bff-560a1a436d96", "match": "267fd7a0-f705-11e8-b555-0800279aaa2b" }, { "control": "157d5514-b3cd-4d31-9bff-560a1a436d96", "match": "267fd7dd-f705-11e8-b555-0800279aaa2b" }, { "control": "f5f8ef4a-25f2-4169-b279-424081fc6125", "match": "267fd81b-f705-11e8-b555-0800279aaa2b" }, { "control": "a3f6ee47-de81-400a-a7dc-79e79fb73729", "match": "267fd85b-f705-11e8-b555-0800279aaa2b" }, { "control": "6b327343-7f81-4a40-bc46-194cf5aa54df", "match": "267fd899-f705-11e8-b555-0800279aaa2b" }, { "control": "9fa537a3-efc0-4624-aeae-ab975076e1c0", "match": "267fd899-f705-11e8-b555-0800279aaa2b" }, { "control": "4baf165d-b157-4c19-bbd6-ad3ddd5dbe79", "match": "267fd8d8-f705-11e8-b555-0800279aaa2b" }, { "control": "4baf165d-b157-4c19-bbd6-ad3ddd5dbe79", "match": "267fd917-f705-11e8-b555-0800279aaa2b" }, { "control": "4baf165d-b157-4c19-bbd6-ad3ddd5dbe79", "match": "267fd954-f705-11e8-b555-0800279aaa2b" }, { "control": "4baf165d-b157-4c19-bbd6-ad3ddd5dbe79", "match": "267fd993-f705-11e8-b555-0800279aaa2b" }, { "control": "efcb645f-ca20-484d-a3b7-6ef98db907ff", "match": "267fd9d0-f705-11e8-b555-0800279aaa2b" }, { "control": "efcb645f-ca20-484d-a3b7-6ef98db907ff", "match": "267fda0e-f705-11e8-b555-0800279aaa2b" }, { "control": "752f00ca-196b-4055-b660-4a09185ce3a7", "match": "267fda50-f705-11e8-b555-0800279aaa2b" }, { "control": "fd44edba-005b-447c-8612-c0a92cbb0ec6", "match": "267fda8c-f705-11e8-b555-0800279aaa2b" }, { "control": "fd44edba-005b-447c-8612-c0a92cbb0ec6", "match": "267fdacc-f705-11e8-b555-0800279aaa2b" }, { "control": "7374508b-6114-4219-8834-7b87117fcbf9", "match": "267fdb18-f705-11e8-b555-0800279aaa2b" }, { "control": "8e6bf606-42cf-4f85-bedd-5e633d241183", "match": "267fdb18-f705-11e8-b555-0800279aaa2b" }, { "control": "4baf165d-b157-4c19-bbd6-ad3ddd5dbe79", "match": "267fdbf1-f705-11e8-b555-0800279aaa2b" }, { "control": "752f00ca-196b-4055-b660-4a09185ce3a7", "match": "267fdc38-f705-11e8-b555-0800279aaa2b" }, { "control": "752f00ca-196b-4055-b660-4a09185ce3a7", "match": "267fdc8c-f705-11e8-b555-0800279aaa2b" }, { "control": "752f00ca-196b-4055-b660-4a09185ce3a7", "match": "267fdcf3-f705-11e8-b555-0800279aaa2b" }, { "control": "752f00ca-196b-4055-b660-4a09185ce3a7", "match": "267fdd55-f705-11e8-b555-0800279aaa2b" }, { "control": "7374508b-6114-4219-8834-7b87117fcbf9", "match": "267fdda3-f705-11e8-b555-0800279aaa2b" }, { "control": "752f00ca-196b-4055-b660-4a09185ce3a7", "match": "267fdf36-f705-11e8-b555-0800279aaa2b" }, { "control": "0ca52ad9-4570-46be-88ce-d22efd4a145b", "match": "267fdf76-f705-11e8-b555-0800279aaa2b" }, { "control": "b24b90b0-eeea-4a56-b5ef-2c484467c97a", "match": "267fdf76-f705-11e8-b555-0800279aaa2b" }, { "control": "e1a91f54-34e4-45c7-8eae-dfc6dee15854", "match": "267fdf76-f705-11e8-b555-0800279aaa2b" }, { "control": "0ca52ad9-4570-46be-88ce-d22efd4a145b", "match": "267fdfbe-f705-11e8-b555-0800279aaa2b" }, { "control": "b24b90b0-eeea-4a56-b5ef-2c484467c97a", "match": "267fdfbe-f705-11e8-b555-0800279aaa2b" }, { "control": "e1a91f54-34e4-45c7-8eae-dfc6dee15854", "match": "267fdfbe-f705-11e8-b555-0800279aaa2b" }, { "control": "0ca52ad9-4570-46be-88ce-d22efd4a145b", "match": "267fe022-f705-11e8-b555-0800279aaa2b" }, { "control": "b24b90b0-eeea-4a56-b5ef-2c484467c97a", "match": "267fe022-f705-11e8-b555-0800279aaa2b" }, { "control": "e1a91f54-34e4-45c7-8eae-dfc6dee15854", "match": "267fe022-f705-11e8-b555-0800279aaa2b" }, { "control": "8ead422e-2d73-48e8-82f9-b82fe363d072", "match": "267fe660-f705-11e8-b555-0800279aaa2b" }, { "control": "11c11899-6a4d-4937-ae09-fc3dcfdb26f9", "match": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "control": "6b327343-7f81-4a40-bc46-194cf5aa54df", "match": "267fe782-f705-11e8-b555-0800279aaa2b" }, { "control": "9fa537a3-efc0-4624-aeae-ab975076e1c0", "match": "267fe782-f705-11e8-b555-0800279aaa2b" }, { "control": "752f00ca-196b-4055-b660-4a09185ce3a7", "match": "267fe7e9-f705-11e8-b555-0800279aaa2b" }, { "control": "752f00ca-196b-4055-b660-4a09185ce3a7", "match": "267fe847-f705-11e8-b555-0800279aaa2b" }, { "control": "752f00ca-196b-4055-b660-4a09185ce3a7", "match": "267fe8a1-f705-11e8-b555-0800279aaa2b" }, { "control": "7374508b-6114-4219-8834-7b87117fcbf9", "match": "267fe8fe-f705-11e8-b555-0800279aaa2b" }, { "control": "66b045d6-77a5-426f-afe5-55cac81ac5c8", "match": "267fe959-f705-11e8-b555-0800279aaa2b" }, { "control": "f739cbb5-8ed4-4136-b4c0-4fd3edb84cd8", "match": "267fe9b4-f705-11e8-b555-0800279aaa2b" }, { "control": "ea405481-cbe2-4e15-b2a3-f45563e160cc", "match": "267fea11-f705-11e8-b555-0800279aaa2b" }, { "control": "f739cbb5-8ed4-4136-b4c0-4fd3edb84cd8", "match": "267fea11-f705-11e8-b555-0800279aaa2b" }, { "control": "f87f15fe-0170-4164-90de-091d9519d140", "match": "267fea72-f705-11e8-b555-0800279aaa2b" } ], "version": 1 } 2021-10-12T15:01:35.953599+00:00 https://objects.monarc.lu/object/get/5214 2024-05-02T13:22:55.421335+00:00 ILNAS-OLAS { "authors": [ "L\u00e9on TREFF" ], "label": "ILNAS 107", "language": "FR", "refs": "https://ilnas.services-publics.lu/ecnor/displayStandard.action?id=222513", "uuid": "c81cfb5e-0786-4778-95c7-44c33b5177de", "values": [ { "category": "Mesures", "code": "L.5.2.2", "label": "R\u00f4les et responsabilit\u00e9s", "referential": "c81cfb5e-0786-4778-95c7-44c33b5177de", "referential_label": "ILNAS 107", "uuid": "00dfdbd6-6ff9-4763-b39d-e4195843a582" }, { "category": "Mesures", "code": "L.5.2.8", "label": "Protection des donn\u00e9es", "referential": "c81cfb5e-0786-4778-95c7-44c33b5177de", "referential_label": "ILNAS 107", "uuid": "4658beef-31ed-4529-92f4-763c7ea699c8" }, { "category": "Mesures", "code": "L.5.2.1", "label": "Disponibilit\u00e9 et int\u00e9grit\u00e9 de la documentation relative aux actifs de support", "referential": "c81cfb5e-0786-4778-95c7-44c33b5177de", "referential_label": "ILNAS 107", "uuid": "4ed219b4-aa8f-4196-a2f9-b5eab0f2252c" }, { "category": "Mesures", "code": "L.5.2.6", "label": "Conditions environnementales", "referential": "c81cfb5e-0786-4778-95c7-44c33b5177de", "referential_label": "ILNAS 107", "uuid": "798e1bcb-159b-4808-ac29-4abcf32405d2" }, { "category": "Mesures", "code": "L.5.2.9", "label": "Transfert de l'information", "referential": "c81cfb5e-0786-4778-95c7-44c33b5177de", "referential_label": "ILNAS 107", "uuid": "7f9deeca-75c3-4012-ab81-4254ca6cc0ce" }, { "category": "Mesures", "code": "L.5.2.10", "label": "Continuit\u00e9 des activit\u00e9s", "referential": "c81cfb5e-0786-4778-95c7-44c33b5177de", "referential_label": "ILNAS 107", "uuid": "9a14a2a0-5855-4ca2-84b9-9af909f0083a" }, { "category": "Mesures", "code": "L.5.2.7", "label": "Stockage des actifs de support", "referential": "c81cfb5e-0786-4778-95c7-44c33b5177de", "referential_label": "ILNAS 107", "uuid": "9bb10d1d-ad23-48da-837e-ccea19ae6533" }, { "category": "Mesures", "code": "L.5.2.5", "label": "Sauvegarde des actifs de support", "referential": "c81cfb5e-0786-4778-95c7-44c33b5177de", "referential_label": "ILNAS 107", "uuid": "9e43828d-61d7-4ab7-a606-0b79619a832d" }, { "category": "Mesures", "code": "L.5.2.11", "label": "Conformit\u00e9 des fournisseurs", "referential": "c81cfb5e-0786-4778-95c7-44c33b5177de", "referential_label": "ILNAS 107", "uuid": "c53a1246-3c60-4470-94df-b17c27058e82" }, { "category": "Mesures", "code": "L.5.2.3", "label": "Gestion des changements", "referential": "c81cfb5e-0786-4778-95c7-44c33b5177de", "referential_label": "ILNAS 107", "uuid": "ecd468f3-9de5-4123-86ef-2c6d92fdad39" }, { "category": "Mesures", "code": "L.5.2.4", "label": "Gestion des acc\u00e8s", "referential": "c81cfb5e-0786-4778-95c7-44c33b5177de", "referential_label": "ILNAS 107", "uuid": "f22c39eb-7a90-4e01-945d-a9c9ad2b148a" } ], "version": 1, "version_ext": "2020" } 2021-10-12T15:01:35.953612+00:00 https://objects.monarc.lu/object/get/5215 2024-05-02T13:22:55.420050+00:00 ILNAS-OLAS { "label": "ILNAS 107 - ISO/IEC 27002", "refs": [ "" ], "security referentials UUID": [ "c81cfb5e-0786-4778-95c7-44c33b5177de", "98ca84fb-db87-11e8-ac77-0800279aaa2b" ], "uuid": "12708347-a1c6-4c4b-aaa5-05544fbb4c8e", "values": [ { "control": "00dfdbd6-6ff9-4763-b39d-e4195843a582", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "c53a1246-3c60-4470-94df-b17c27058e82", "match": "267fc88e-f705-11e8-b555-0800279aaa2b" }, { "control": "c53a1246-3c60-4470-94df-b17c27058e82", "match": "267fc8cc-f705-11e8-b555-0800279aaa2b" }, { "control": "f22c39eb-7a90-4e01-945d-a9c9ad2b148a", "match": "267fcc3c-f705-11e8-b555-0800279aaa2b" }, { "control": "798e1bcb-159b-4808-ac29-4abcf32405d2", "match": "267fce44-f705-11e8-b555-0800279aaa2b" }, { "control": "4ed219b4-aa8f-4196-a2f9-b5eab0f2252c", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "9a14a2a0-5855-4ca2-84b9-9af909f0083a", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "ecd468f3-9de5-4123-86ef-2c6d92fdad39", "match": "267fd073-f705-11e8-b555-0800279aaa2b" }, { "control": "9e43828d-61d7-4ab7-a606-0b79619a832d", "match": "267fd272-f705-11e8-b555-0800279aaa2b" }, { "control": "ecd468f3-9de5-4123-86ef-2c6d92fdad39", "match": "267fd2ee-f705-11e8-b555-0800279aaa2b" }, { "control": "9bb10d1d-ad23-48da-837e-ccea19ae6533", "match": "267fd529-f705-11e8-b555-0800279aaa2b" }, { "control": "9bb10d1d-ad23-48da-837e-ccea19ae6533", "match": "267fd567-f705-11e8-b555-0800279aaa2b" }, { "control": "f22c39eb-7a90-4e01-945d-a9c9ad2b148a", "match": "267fd69f-f705-11e8-b555-0800279aaa2b" }, { "control": "f22c39eb-7a90-4e01-945d-a9c9ad2b148a", "match": "267fd6e4-f705-11e8-b555-0800279aaa2b" }, { "control": "f22c39eb-7a90-4e01-945d-a9c9ad2b148a", "match": "267fd723-f705-11e8-b555-0800279aaa2b" }, { "control": "f22c39eb-7a90-4e01-945d-a9c9ad2b148a", "match": "267fd899-f705-11e8-b555-0800279aaa2b" }, { "control": "ecd468f3-9de5-4123-86ef-2c6d92fdad39", "match": "267fdc38-f705-11e8-b555-0800279aaa2b" }, { "control": "9a14a2a0-5855-4ca2-84b9-9af909f0083a", "match": "267fdf76-f705-11e8-b555-0800279aaa2b" }, { "control": "9a14a2a0-5855-4ca2-84b9-9af909f0083a", "match": "267fdfbe-f705-11e8-b555-0800279aaa2b" }, { "control": "9a14a2a0-5855-4ca2-84b9-9af909f0083a", "match": "267fe022-f705-11e8-b555-0800279aaa2b" }, { "control": "4658beef-31ed-4529-92f4-763c7ea699c8", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "7f9deeca-75c3-4012-ab81-4254ca6cc0ce", "match": "267fe600-f705-11e8-b555-0800279aaa2b" }, { "control": "f22c39eb-7a90-4e01-945d-a9c9ad2b148a", "match": "267fe782-f705-11e8-b555-0800279aaa2b" }, { "control": "9a14a2a0-5855-4ca2-84b9-9af909f0083a", "match": "267fea72-f705-11e8-b555-0800279aaa2b" } ], "version": 0 } 2021-10-12T15:01:35.953619+00:00 https://objects.monarc.lu/object/get/38 2024-05-02T13:22:55.419129+00:00 MONARC { "authors": [ "The MONARC project" ], "label": "ISO/IEC 27002 [2013]", "language": "DE", "refs": [ "https://www.iso.org/standard/54533.html" ], "uuid": "98ca84fb-db87-11e8-ac77-0800279aaa2b", "values": [ { "category": "Informationssicherheitspolitik", "code": "5.1.1", "label": "Informationssicherheitsrichtlinien", "uuid": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "category": "Informationssicherheitspolitik", "code": "5.1.2", "label": "\u00dcberpr\u00fcfung der Informationssicherheitsrichtlinien", "uuid": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "category": "Personalsicherheit", "code": "7.2.1", "label": "Verantwortlichkeiten der Leitung", "uuid": "267fc6f7-f705-11e8-b555-0800279aaa2b" }, { "category": "Organisation der Informationssicherheit", "code": "6.1.1", "label": "Informationssicherheitsrollen und -verantwortlichkeiten", "uuid": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "category": "Kommunikationssicherheit", "code": "13.2.4", "label": "Vertraulichkeits- oder Geheimhaltungsvereinbarungen", "uuid": "267fc77e-f705-11e8-b555-0800279aaa2b" }, { "category": "Organisation der Informationssicherheit", "code": "6.1.3", "label": "Kontakt mit Beh\u00f6rden", "uuid": "267fc7c0-f705-11e8-b555-0800279aaa2b" }, { "category": "Organisation der Informationssicherheit", "code": "6.1.4", "label": "Kontakt mit speziellen Interessensgruppen", "uuid": "267fc80f-f705-11e8-b555-0800279aaa2b" }, { "category": "Konformit\u00e4t", "code": "18.2.1", "label": "Unabh\u00e4ngige \u00dcberpr\u00fcfung der Informationssicherheit", "uuid": "267fc84f-f705-11e8-b555-0800279aaa2b" }, { "category": "Lieferantenbeziehungen", "code": "15.1.1", "label": "Informationssicherheitsrichtlinie f\u00fcr Lieferantenbeziehungen", "uuid": "267fc88e-f705-11e8-b555-0800279aaa2b" }, { "category": "Lieferantenbeziehungen", "code": "15.1.2", "label": "Behandlung von Sicherheit in Lieferantenvereinbarungen", "uuid": "267fc8cc-f705-11e8-b555-0800279aaa2b" }, { "category": "Asset Management", "code": "8.1.1", "label": "Inventarisierung der Werte", "uuid": "267fc90c-f705-11e8-b555-0800279aaa2b" }, { "category": "Asset Management", "code": "8.1.2", "label": "Zust\u00e4ndigkeit f\u00fcr Werte", "uuid": "267fc94c-f705-11e8-b555-0800279aaa2b" }, { "category": "Asset Management", "code": "8.1.3", "label": "Zul\u00e4ssiger Gebrauch von Werten", "uuid": "267fc989-f705-11e8-b555-0800279aaa2b" }, { "category": "Asset Management", "code": "8.2.1", "label": "Klassifizierung von Information", "uuid": "267fc9c9-f705-11e8-b555-0800279aaa2b" }, { "category": "Asset Management", "code": "8.2.2", "label": "Kennzeichnung von Information", "uuid": "267fca19-f705-11e8-b555-0800279aaa2b" }, { "category": "Personalsicherheit", "code": "7.1.1", "label": "Sicherheits\u00fcberpr\u00fcfung", "uuid": "267fca6b-f705-11e8-b555-0800279aaa2b" }, { "category": "Personalsicherheit", "code": "7.1.2", "label": "Besch\u00e4ftigungs- und Vertragsbedingungen", "uuid": "267fcaad-f705-11e8-b555-0800279aaa2b" }, { "category": "Personalsicherheit", "code": "7.2.2", "label": "Informationssicherheitsbewusstsein, -ausbildung und -schulung", "uuid": "267fcaeb-f705-11e8-b555-0800279aaa2b" }, { "category": "Personalsicherheit", "code": "7.2.3", "label": "Ma\u00dfregelungsprozess", "uuid": "267fcb29-f705-11e8-b555-0800279aaa2b" }, { "category": "Personalsicherheit", "code": "7.3.1", "label": "Verantwortlichkeiten bei Beendigung oder \u00c4nderung der Besch\u00e4ftigung", "uuid": "267fcb79-f705-11e8-b555-0800279aaa2b" }, { "category": "Asset Management", "code": "8.1.4", "label": "R\u00fcckgabe von Werten", "uuid": "267fcbce-f705-11e8-b555-0800279aaa2b" }, { "category": "Zugriffskontrolle", "code": "9.2.6", "label": "Entzug oder Anpassung von Zugangsrechten", "uuid": "267fcc3c-f705-11e8-b555-0800279aaa2b" }, { "category": "Physische und Umgebungssicherheit", "code": "11.1.1", "label": "Physische Sicherheitsperimeter", "uuid": "267fcca4-f705-11e8-b555-0800279aaa2b" }, { "category": "Physische und Umgebungssicherheit", "code": "11.1.2", "label": "Physische Zutrittssteuerung", "uuid": "267fcce9-f705-11e8-b555-0800279aaa2b" }, { "category": "Physische und Umgebungssicherheit", "code": "11.1.3", "label": "Sichern von B\u00fcros, R\u00e4umen und Einrichtungen", "uuid": "267fcd30-f705-11e8-b555-0800279aaa2b" }, { "category": "Physische und Umgebungssicherheit", "code": "11.1.4", "label": "Schutz vor externen und umweltbedingten Bedrohungen", "uuid": "267fcd6f-f705-11e8-b555-0800279aaa2b" }, { "category": "Physische und Umgebungssicherheit", "code": "11.1.5", "label": "Arbeiten in Sicherheitsbereichen", "uuid": "267fcdac-f705-11e8-b555-0800279aaa2b" }, { "category": "Physische und Umgebungssicherheit", "code": "11.1.6", "label": "Anlieferungs- und Ladebereiche", "uuid": "267fcdec-f705-11e8-b555-0800279aaa2b" }, { "category": "Physische und Umgebungssicherheit", "code": "11.2.1", "label": "Platzierung und Schutz von Ger\u00e4ten und Betriebsmitteln", "uuid": "267fce44-f705-11e8-b555-0800279aaa2b" }, { "category": "Physische und Umgebungssicherheit", "code": "11.2.2", "label": "Versorgungseinrichtungen", "uuid": "267fce8a-f705-11e8-b555-0800279aaa2b" }, { "category": "Physische und Umgebungssicherheit", "code": "11.2.3", "label": "Sicherheit der Verkabelung", "uuid": "267fcecb-f705-11e8-b555-0800279aaa2b" }, { "category": "Physische und Umgebungssicherheit", "code": "11.2.4", "label": "Instandhaltung von Ger\u00e4ten und Betriebsmitteln", "uuid": "267fcf0a-f705-11e8-b555-0800279aaa2b" }, { "category": "Physische und Umgebungssicherheit", "code": "11.2.6", "label": "Sicherheit von Ger\u00e4ten, Betriebsmitteln und Werten au\u00dferhalb der R\u00e4umlichkeiten", "uuid": "267fcf4f-f705-11e8-b555-0800279aaa2b" }, { "category": "Physische und Umgebungssicherheit", "code": "11.2.7", "label": "Sichere Entsorgung oder Wiederverwendung von Ger\u00e4ten und Betriebsmitteln", "uuid": "267fcf90-f705-11e8-b555-0800279aaa2b" }, { "category": "Physische und Umgebungssicherheit", "code": "11.2.5", "label": "Entfernen von Werten", "uuid": "267fcfdf-f705-11e8-b555-0800279aaa2b" }, { "category": "Betriebssicherheit", "code": "12.1.1", "label": "Dokumentierte Betriebsabl\u00e4ufe", "uuid": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "category": "Betriebssicherheit", "code": "12.1.2", "label": "\u00c4nderungssteuerung", "uuid": "267fd073-f705-11e8-b555-0800279aaa2b" }, { "category": "Organisation der Informationssicherheit", "code": "6.1.2", "label": "Aufgabentrennung", "uuid": "267fd0b1-f705-11e8-b555-0800279aaa2b" }, { "category": "Betriebssicherheit", "code": "12.1.4", "label": "Trennung von Entwicklungs-, Test- und Betriebsumgebungen", "uuid": "267fd0ef-f705-11e8-b555-0800279aaa2b" }, { "category": "Lieferantenbeziehungen", "code": "15.2.1", "label": "\u00dcberwachung und \u00dcberpr\u00fcfung von Lieferantendienstleistungen", "uuid": "267fd12f-f705-11e8-b555-0800279aaa2b" }, { "category": "Lieferantenbeziehungen", "code": "15.2.2", "label": "Handhabung der \u00c4nderungen von Lieferantendienstleistungen", "uuid": "267fd16b-f705-11e8-b555-0800279aaa2b" }, { "category": "Betriebssicherheit", "code": "12.1.3", "label": "Kapazit\u00e4tssteuerung", "uuid": "267fd1a8-f705-11e8-b555-0800279aaa2b" }, { "category": "Systemerwerb, Entwicklung und Wartung", "code": "14.2.9", "label": "Systemabnahmetest", "uuid": "267fd1ea-f705-11e8-b555-0800279aaa2b" }, { "category": "Betriebssicherheit", "code": "12.2.1", "label": "Ma\u00dfnahmen gegen Schadsoftware", "uuid": "267fd22e-f705-11e8-b555-0800279aaa2b" }, { "category": "Betriebssicherheit", "code": "12.3.1", "label": "Sicherung von Information", "uuid": "267fd272-f705-11e8-b555-0800279aaa2b" }, { "category": "Kommunikationssicherheit", "code": "13.1.1", "label": "Netzwerksteuerungsma\u00dfnahmen", "uuid": "267fd2b1-f705-11e8-b555-0800279aaa2b" }, { "category": "Kommunikationssicherheit", "code": "13.1.2", "label": "Sicherheit von Netzwerkdiensten", "uuid": "267fd2ee-f705-11e8-b555-0800279aaa2b" }, { "category": "Asset Management", "code": "8.3.1", "label": "Handhabung von Wechseldatentr\u00e4gern", "uuid": "267fd32a-f705-11e8-b555-0800279aaa2b" }, { "category": "Asset Management", "code": "8.3.2", "label": "Entsorgung von Datentr\u00e4gern", "uuid": "267fd369-f705-11e8-b555-0800279aaa2b" }, { "category": "Kommunikationssicherheit", "code": "13.2.1", "label": "Richtlinien und Verfahren f\u00fcr die Informations\u00fcbertragung", "uuid": "267fd3a6-f705-11e8-b555-0800279aaa2b" }, { "category": "Kommunikationssicherheit", "code": "13.2.2", "label": "Vereinbarungen zur Informations\u00fcbertragung", "uuid": "267fd3e3-f705-11e8-b555-0800279aaa2b" }, { "category": "Asset Management", "code": "8.3.3", "label": "Transport von Datentr\u00e4gern", "uuid": "267fd421-f705-11e8-b555-0800279aaa2b" }, { "category": "Kommunikationssicherheit", "code": "13.2.3", "label": "Elektronische Nachrichten\u00fcbermittlung", "uuid": "267fd462-f705-11e8-b555-0800279aaa2b" }, { "category": "Systemerwerb, Entwicklung und Wartung", "code": "14.1.2", "label": "Sicherung von Anwendungsdiensten in \u00f6ffentlichen Netzwerken", "uuid": "267fd4ac-f705-11e8-b555-0800279aaa2b" }, { "category": "Systemerwerb, Entwicklung und Wartung", "code": "14.1.3", "label": "Schutz der Transaktionen bei Anwendungsdiensten", "uuid": "267fd4ed-f705-11e8-b555-0800279aaa2b" }, { "category": "Betriebssicherheit", "code": "12.4.1", "label": "Ereignisprotokollierung", "uuid": "267fd529-f705-11e8-b555-0800279aaa2b" }, { "category": "Betriebssicherheit", "code": "12.4.2", "label": "Schutz der Protokollinformation", "uuid": "267fd567-f705-11e8-b555-0800279aaa2b" }, { "category": "Betriebssicherheit", "code": "12.4.3", "label": "Administratoren- und Bedienerprotokolle", "uuid": "267fd5ae-f705-11e8-b555-0800279aaa2b" }, { "category": "Betriebssicherheit", "code": "12.4.4", "label": "Uhrensynchronisation", "uuid": "267fd610-f705-11e8-b555-0800279aaa2b" }, { "category": "Zugriffskontrolle", "code": "9.1.1", "label": "Zugangssteuerungsrichtlinie", "uuid": "267fd659-f705-11e8-b555-0800279aaa2b" }, { "category": "Zugriffskontrolle", "code": "9.2.3", "label": "Verwaltung privilegierter Zugangsrechte", "uuid": "267fd69f-f705-11e8-b555-0800279aaa2b" }, { "category": "Zugriffskontrolle", "code": "9.2.4", "label": "Verwaltung geheimer Authentisierungsinformation von Benutzern", "uuid": "267fd6e4-f705-11e8-b555-0800279aaa2b" }, { "category": "Zugriffskontrolle", "code": "9.2.5", "label": "\u00dcberpr\u00fcfung von Benutzerzugangsrechten", "uuid": "267fd723-f705-11e8-b555-0800279aaa2b" }, { "category": "Zugriffskontrolle", "code": "9.3.1", "label": "Gebrauch geheimer Authentisierungsinformation", "uuid": "267fd761-f705-11e8-b555-0800279aaa2b" }, { "category": "Physische und Umgebungssicherheit", "code": "11.2.8", "label": "Unbeaufsichtigte Benutzerger\u00e4te", "uuid": "267fd7a0-f705-11e8-b555-0800279aaa2b" }, { "category": "Physische und Umgebungssicherheit", "code": "11.2.9", "label": "Richtlinien f\u00fcr eine aufger\u00e4umte Arbeitsumgebung und Bildschirmsperren", "uuid": "267fd7dd-f705-11e8-b555-0800279aaa2b" }, { "category": "Zugriffskontrolle", "code": "9.1.2", "label": "Zugang zu Netzwerken und Netzwerkdiensten", "uuid": "267fd81b-f705-11e8-b555-0800279aaa2b" }, { "category": "Kommunikationssicherheit", "code": "13.1.3", "label": "Trennung in Netzwerken", "uuid": "267fd85b-f705-11e8-b555-0800279aaa2b" }, { "category": "Zugriffskontrolle", "code": "9.2.1", "label": "Registrierung und Deregistrierung von Benutzern", "uuid": "267fd899-f705-11e8-b555-0800279aaa2b" }, { "category": "Zugriffskontrolle", "code": "9.4.3", "label": "System zur Verwaltung von Kennw\u00f6rtern", "uuid": "267fd8d8-f705-11e8-b555-0800279aaa2b" }, { "category": "Zugriffskontrolle", "code": "9.4.4", "label": "Gebrauch von Hilfsprogrammen mit privilegierten Rechten", "uuid": "267fd917-f705-11e8-b555-0800279aaa2b" }, { "category": "Zugriffskontrolle", "code": "9.4.2", "label": "Sichere Anmeldeverfahren", "uuid": "267fd954-f705-11e8-b555-0800279aaa2b" }, { "category": "Zugriffskontrolle", "code": "9.4.1", "label": "Informationszugangsbeschr\u00e4nkung", "uuid": "267fd993-f705-11e8-b555-0800279aaa2b" }, { "category": "Organisation der Informationssicherheit", "code": "6.2.1", "label": "Richtlinie zu Mobilger\u00e4ten", "uuid": "267fd9d0-f705-11e8-b555-0800279aaa2b" }, { "category": "Organisation der Informationssicherheit", "code": "6.2.2", "label": "Telearbeit", "uuid": "267fda0e-f705-11e8-b555-0800279aaa2b" }, { "category": "Systemerwerb, Entwicklung und Wartung", "code": "14.1.1", "label": "Analyse und Spezifikation von Informationssicherheitsanforderungen", "uuid": "267fda50-f705-11e8-b555-0800279aaa2b" }, { "category": "Kryptografie", "code": "10.1.1", "label": "Richtlinie zum Gebrauch von kryptographischen Ma\u00dfnahmen", "uuid": "267fda8c-f705-11e8-b555-0800279aaa2b" }, { "category": "Kryptografie", "code": "10.1.2", "label": "Schl\u00fcsselverwaltung", "uuid": "267fdacc-f705-11e8-b555-0800279aaa2b" }, { "category": "Betriebssicherheit", "code": "12.5.1", "label": "Installation von Software auf Systemen im Betrieb", "uuid": "267fdb18-f705-11e8-b555-0800279aaa2b" }, { "category": "Systemerwerb, Entwicklung und Wartung", "code": "14.3.1", "label": "Schutz von Testdaten", "uuid": "267fdb78-f705-11e8-b555-0800279aaa2b" }, { "category": "Zugriffskontrolle", "code": "9.4.5", "label": "Zugangssteuerung f\u00fcr Quellcode von Programmen", "uuid": "267fdbf1-f705-11e8-b555-0800279aaa2b" }, { "category": "Systemerwerb, Entwicklung und Wartung", "code": "14.2.2", "label": "Verfahren zur Verwaltung von System\u00e4nderungen", "uuid": "267fdc38-f705-11e8-b555-0800279aaa2b" }, { "category": "Systemerwerb, Entwicklung und Wartung", "code": "14.2.3", "label": "Technische \u00dcberpr\u00fcfung von Anwendungen nach \u00c4nderungen an der Betriebsplattform", "uuid": "267fdc8c-f705-11e8-b555-0800279aaa2b" }, { "category": "Systemerwerb, Entwicklung und Wartung", "code": "14.2.4", "label": "Beschr\u00e4nkung von \u00c4nderungen an Softwarepaketen", "uuid": "267fdcf3-f705-11e8-b555-0800279aaa2b" }, { "category": "Systemerwerb, Entwicklung und Wartung", "code": "14.2.7", "label": "Ausgegliederte Entwicklung", "uuid": "267fdd55-f705-11e8-b555-0800279aaa2b" }, { "category": "Betriebssicherheit", "code": "12.6.1", "label": "Handhabung von technischen Schwachstellen", "uuid": "267fdda3-f705-11e8-b555-0800279aaa2b" }, { "category": "Informationssicherheits-St\u00f6rfallmanagement", "code": "16.1.2", "label": "Meldung von Informationssicherheitsereignissen", "uuid": "267fddeb-f705-11e8-b555-0800279aaa2b" }, { "category": "Informationssicherheits-St\u00f6rfallmanagement", "code": "16.1.3", "label": "Meldung von Schw\u00e4chen in der Informationssicherheit", "uuid": "267fde31-f705-11e8-b555-0800279aaa2b" }, { "category": "Informationssicherheits-St\u00f6rfallmanagement", "code": "16.1.1", "label": "Verantwortlichkeiten und Verfahren", "uuid": "267fde78-f705-11e8-b555-0800279aaa2b" }, { "category": "Informationssicherheits-St\u00f6rfallmanagement", "code": "16.1.6", "label": "Erkenntnisse aus Informationssicherheitsvorf\u00e4llen", "uuid": "267fdeb8-f705-11e8-b555-0800279aaa2b" }, { "category": "Informationssicherheits-St\u00f6rfallmanagement", "code": "16.1.7", "label": "Sammeln von Beweismaterial", "uuid": "267fdef6-f705-11e8-b555-0800279aaa2b" }, { "category": "Systemerwerb, Entwicklung und Wartung", "code": "14.2.5", "label": "Grunds\u00e4tze f\u00fcr die Analyse, Entwicklung und Pflege sicherer Systeme", "uuid": "267fdf36-f705-11e8-b555-0800279aaa2b" }, { "category": "Informationssicherheitsaspekte des betrieblichen Kontinuit\u00e4tsmanagement", "code": "17.1.1", "label": "Planung zur Aufrechterhaltung der Informationssicherheit", "uuid": "267fdf76-f705-11e8-b555-0800279aaa2b" }, { "category": "Informationssicherheitsaspekte des betrieblichen Kontinuit\u00e4tsmanagement", "code": "17.1.2", "label": "Umsetzung der Aufrechterhaltung der Informationssicherheit", "uuid": "267fdfbe-f705-11e8-b555-0800279aaa2b" }, { "category": "Informationssicherheitsaspekte des betrieblichen Kontinuit\u00e4tsmanagement", "code": "17.1.3", "label": "\u00dcberpr\u00fcfen und Bewerten der Aufrechterhaltung der Informationssicherheit", "uuid": "267fe022-f705-11e8-b555-0800279aaa2b" }, { "category": "Konformit\u00e4t", "code": "18.1.1", "label": "Bestimmung der anwendbaren Gesetzgebung und der vertraglichen Anforderungen", "uuid": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "category": "Konformit\u00e4t", "code": "18.1.2", "label": "Geistige Eigentumsrechte", "uuid": "267fe307-f705-11e8-b555-0800279aaa2b" }, { "category": "Konformit\u00e4t", "code": "18.1.3", "label": "Schutz von Aufzeichnungen", "uuid": "267fe37d-f705-11e8-b555-0800279aaa2b" }, { "category": "Konformit\u00e4t", "code": "18.1.4", "label": "Privatsph\u00e4re und Schutz von personenbezogener Information", "uuid": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "category": "Konformit\u00e4t", "code": "18.1.5", "label": "Regelungen bez\u00fcglich kryptographischer Ma\u00dfnahmen", "uuid": "267fe510-f705-11e8-b555-0800279aaa2b" }, { "category": "Konformit\u00e4t", "code": "18.2.2", "label": "Einhaltung von Sicherheitsrichtlinien und -standards", "uuid": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "category": "Konformit\u00e4t", "code": "18.2.3", "label": "\u00dcberpr\u00fcfung der Einhaltung von technischen Vorgaben", "uuid": "267fe600-f705-11e8-b555-0800279aaa2b" }, { "category": "Betriebssicherheit", "code": "12.7.1", "label": "Ma\u00dfnahmen f\u00fcr Audits von Informationssystemen", "uuid": "267fe660-f705-11e8-b555-0800279aaa2b" }, { "category": "Organisation der Informationssicherheit", "code": "6.1.5", "label": "Informationssicherheit im Projektmanagement", "uuid": "267fe6b9-f705-11e8-b555-0800279aaa2b" }, { "category": "Asset Management", "code": "8.2.3", "label": "Handhabung von Werten", "uuid": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "category": "Zugriffskontrolle", "code": "9.2.2", "label": "Zuteilung von Benutzerzug\u00e4ngen", "uuid": "267fe782-f705-11e8-b555-0800279aaa2b" }, { "category": "Systemerwerb, Entwicklung und Wartung", "code": "14.2.8", "label": "Testen der Systemsicherheit", "uuid": "267fe7e9-f705-11e8-b555-0800279aaa2b" }, { "category": "Systemerwerb, Entwicklung und Wartung", "code": "14.2.6", "label": "Sichere Entwicklungsumgebung", "uuid": "267fe847-f705-11e8-b555-0800279aaa2b" }, { "category": "Systemerwerb, Entwicklung und Wartung", "code": "14.2.1", "label": "Richtlinie f\u00fcr sichere Entwicklung", "uuid": "267fe8a1-f705-11e8-b555-0800279aaa2b" }, { "category": "Betriebssicherheit", "code": "12.6.2", "label": "Einschr\u00e4nkungen von Softwareinstallation", "uuid": "267fe8fe-f705-11e8-b555-0800279aaa2b" }, { "category": "Lieferantenbeziehungen", "code": "15.1.3", "label": "Lieferkette f\u00fcr Informations- und Kommunikationstechnologie", "uuid": "267fe959-f705-11e8-b555-0800279aaa2b" }, { "category": "Informationssicherheits-St\u00f6rfallmanagement", "code": "16.1.4", "label": "Beurteilung von und Entscheidung \u00fcber Informationssicherheitsereignisse", "uuid": "267fe9b4-f705-11e8-b555-0800279aaa2b" }, { "category": "Informationssicherheits-St\u00f6rfallmanagement", "code": "16.1.5", "label": "Reaktion auf Informationssicherheitsvorf\u00e4lle", "uuid": "267fea11-f705-11e8-b555-0800279aaa2b" }, { "category": "Informationssicherheitsaspekte des betrieblichen Kontinuit\u00e4tsmanagement", "code": "17.2.1", "label": "Verf\u00fcgbarkeit von informationsverarbeitenden Einrichtungen", "uuid": "267fea72-f705-11e8-b555-0800279aaa2b" } ], "version": 1, "version_ext": "ISO/IEC 27002:2013" } 2022-02-21T11:40:26.844963+00:00 https://objects.monarc.lu/object/get/37 2024-05-02T13:22:55.418213+00:00 MONARC { "authors": [ "The MONARC project" ], "label": "ISO/IEC 27002 [2013]", "language": "FR", "refs": [ "https://www.iso.org/standard/54533.html" ], "uuid": "98ca84fb-db87-11e8-ac77-0800279aaa2b", "values": [ { "category": "Politiques de s\u00e9curit\u00e9 de l'information", "code": "5.1.1", "label": "Politiques de s\u00e9curit\u00e9 de l\u2019information", "uuid": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "category": "Politiques de s\u00e9curit\u00e9 de l'information", "code": "5.1.2", "label": "Revue des politiques de s\u00e9curit\u00e9 de l\u2019information", "uuid": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "category": "La s\u00e9curit\u00e9 des ressources humaines", "code": "7.2.1", "label": "Responsabilit\u00e9s de la direction", "uuid": "267fc6f7-f705-11e8-b555-0800279aaa2b" }, { "category": "Organisation de la s\u00e9curit\u00e9 de l'information", "code": "6.1.1", "label": "Fonctions et responsabilit\u00e9s li\u00e9es \u00e0 la s\u00e9curit\u00e9 de l\u2019information", "uuid": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 des communications", "code": "13.2.4", "label": "Engagements de confidentialit\u00e9 ou de non-divulgation", "uuid": "267fc77e-f705-11e8-b555-0800279aaa2b" }, { "category": "Organisation de la s\u00e9curit\u00e9 de l'information", "code": "6.1.3", "label": "Relations avec les autorit\u00e9s", "uuid": "267fc7c0-f705-11e8-b555-0800279aaa2b" }, { "category": "Organisation de la s\u00e9curit\u00e9 de l'information", "code": "6.1.4", "label": "Relations avec des groupes de travail sp\u00e9cialis\u00e9s", "uuid": "267fc80f-f705-11e8-b555-0800279aaa2b" }, { "category": "Conformit\u00e9", "code": "18.2.1", "label": "Revue ind\u00e9pendante de la s\u00e9curit\u00e9 de l'information", "uuid": "267fc84f-f705-11e8-b555-0800279aaa2b" }, { "category": "Relations avec le fournisseurs", "code": "15.1.1", "label": "Politique de s\u00e9curit\u00e9 de l\u2019information dans les relations avec les fournisseurs", "uuid": "267fc88e-f705-11e8-b555-0800279aaa2b" }, { "category": "Relations avec le fournisseurs", "code": "15.1.2", "label": "La s\u00e9curit\u00e9 dans les accords conclus avec les fournisseurs", "uuid": "267fc8cc-f705-11e8-b555-0800279aaa2b" }, { "category": "Gestion des actifs", "code": "8.1.1", "label": "Inventaire des actifs", "uuid": "267fc90c-f705-11e8-b555-0800279aaa2b" }, { "category": "Gestion des actifs", "code": "8.1.2", "label": "Propri\u00e9t\u00e9 des actifs", "uuid": "267fc94c-f705-11e8-b555-0800279aaa2b" }, { "category": "Gestion des actifs", "code": "8.1.3", "label": "Utilisation correcte des actifs", "uuid": "267fc989-f705-11e8-b555-0800279aaa2b" }, { "category": "Gestion des actifs", "code": "8.2.1", "label": "Classification des informations", "uuid": "267fc9c9-f705-11e8-b555-0800279aaa2b" }, { "category": "Gestion des actifs", "code": "8.2.2", "label": "Marquage des informations", "uuid": "267fca19-f705-11e8-b555-0800279aaa2b" }, { "category": "La s\u00e9curit\u00e9 des ressources humaines", "code": "7.1.1", "label": "S\u00e9lection des candidats", "uuid": "267fca6b-f705-11e8-b555-0800279aaa2b" }, { "category": "La s\u00e9curit\u00e9 des ressources humaines", "code": "7.1.2", "label": "Termes et conditions d'embauche", "uuid": "267fcaad-f705-11e8-b555-0800279aaa2b" }, { "category": "La s\u00e9curit\u00e9 des ressources humaines", "code": "7.2.2", "label": "Sensibilisation, qualification et formations en mati\u00e8re de s\u00e9curit\u00e9 de l'information", "uuid": "267fcaeb-f705-11e8-b555-0800279aaa2b" }, { "category": "La s\u00e9curit\u00e9 des ressources humaines", "code": "7.2.3", "label": "Processus disciplinaire", "uuid": "267fcb29-f705-11e8-b555-0800279aaa2b" }, { "category": "La s\u00e9curit\u00e9 des ressources humaines", "code": "7.3.1", "label": "Ach\u00e8vement ou modification des responsabilit\u00e9s associ\u00e9es au contrat de travail", "uuid": "267fcb79-f705-11e8-b555-0800279aaa2b" }, { "category": "Gestion des actifs", "code": "8.1.4", "label": "Restitution des actifs", "uuid": "267fcbce-f705-11e8-b555-0800279aaa2b" }, { "category": "Contr\u00f4le d'acc\u00e8s", "code": "9.2.6", "label": "Suppression ou adaptation des droits d\u2019acc\u00e8s", "uuid": "267fcc3c-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 physique et environnementale", "code": "11.1.1", "label": "P\u00e9rim\u00e8tre de s\u00e9curit\u00e9 physique", "uuid": "267fcca4-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 physique et environnementale", "code": "11.1.2", "label": "Contr\u00f4les physiques des acc\u00e8s", "uuid": "267fcce9-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 physique et environnementale", "code": "11.1.3", "label": "S\u00e9curisation des bureaux, des salles et des \u00e9quipements", "uuid": "267fcd30-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 physique et environnementale", "code": "11.1.4", "label": "Protection contre les menaces ext\u00e9rieures et environnementales", "uuid": "267fcd6f-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 physique et environnementale", "code": "11.1.5", "label": "Travail dans les zones s\u00e9curis\u00e9es", "uuid": "267fcdac-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 physique et environnementale", "code": "11.1.6", "label": "Zones de livraison et de chargement", "uuid": "267fcdec-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 physique et environnementale", "code": "11.2.1", "label": "Emplacement et protection du mat\u00e9riel", "uuid": "267fce44-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 physique et environnementale", "code": "11.2.2", "label": "Services g\u00e9n\u00e9raux", "uuid": "267fce8a-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 physique et environnementale", "code": "11.2.3", "label": "S\u00e9curit\u00e9 du c\u00e2blage", "uuid": "267fcecb-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 physique et environnementale", "code": "11.2.4", "label": "Maintenance du mat\u00e9riel", "uuid": "267fcf0a-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 physique et environnementale", "code": "11.2.6", "label": "S\u00e9curit\u00e9 du mat\u00e9riel et des actifs hors des locaux", "uuid": "267fcf4f-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 physique et environnementale", "code": "11.2.7", "label": "Mise au rebut ou recyclage s\u00e9curis\u00e9(e) du mat\u00e9riel", "uuid": "267fcf90-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 physique et environnementale", "code": "11.2.5", "label": "Sortie des actifs", "uuid": "267fcfdf-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 li\u00e9e \u00e0 l'exploitation", "code": "12.1.1", "label": "Proc\u00e9dures d\u2019exploitation document\u00e9es", "uuid": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 li\u00e9e \u00e0 l'exploitation", "code": "12.1.2", "label": "Gestion des changements", "uuid": "267fd073-f705-11e8-b555-0800279aaa2b" }, { "category": "Organisation de la s\u00e9curit\u00e9 de l'information", "code": "6.1.2", "label": "S\u00e9paration des t\u00e2ches", "uuid": "267fd0b1-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 li\u00e9e \u00e0 l'exploitation", "code": "12.1.4", "label": "S\u00e9paration des environnements de d\u00e9veloppement, de test et d\u2019exploitation", "uuid": "267fd0ef-f705-11e8-b555-0800279aaa2b" }, { "category": "Relations avec le fournisseurs", "code": "15.2.1", "label": "Surveillance et revue des services des fournisseurs", "uuid": "267fd12f-f705-11e8-b555-0800279aaa2b" }, { "category": "Relations avec le fournisseurs", "code": "15.2.2", "label": "Gestion des changements apport\u00e9s dans les services des fournisseurs", "uuid": "267fd16b-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 li\u00e9e \u00e0 l'exploitation", "code": "12.1.3", "label": "Dimensionnement", "uuid": "267fd1a8-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisition, d\u00e9veloppement et maintenance des syst\u00e8mes d'information", "code": "14.2.9", "label": "Test de conformit\u00e9 du syst\u00e8me", "uuid": "267fd1ea-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 li\u00e9e \u00e0 l'exploitation", "code": "12.2.1", "label": "Mesures contre les logiciels malveillants", "uuid": "267fd22e-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 li\u00e9e \u00e0 l'exploitation", "code": "12.3.1", "label": "Sauvegarde des informations", "uuid": "267fd272-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 des communications", "code": "13.1.1", "label": "Contr\u00f4le des r\u00e9seaux", "uuid": "267fd2b1-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 des communications", "code": "13.1.2", "label": "S\u00e9curit\u00e9 des services de r\u00e9seau", "uuid": "267fd2ee-f705-11e8-b555-0800279aaa2b" }, { "category": "Gestion des actifs", "code": "8.3.1", "label": "Gestion des supports amovibles", "uuid": "267fd32a-f705-11e8-b555-0800279aaa2b" }, { "category": "Gestion des actifs", "code": "8.3.2", "label": "Mise au rebut des supports", "uuid": "267fd369-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 des communications", "code": "13.2.1", "label": "Politiques et proc\u00e9dures de transfert de l\u2019information", "uuid": "267fd3a6-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 des communications", "code": "13.2.2", "label": "Accords en mati\u00e8re de transfert d\u2019information", "uuid": "267fd3e3-f705-11e8-b555-0800279aaa2b" }, { "category": "Gestion des actifs", "code": "8.3.3", "label": "Transfert physique des supports", "uuid": "267fd421-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 des communications", "code": "13.2.3", "label": "Messagerie \u00e9lectronique", "uuid": "267fd462-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisition, d\u00e9veloppement et maintenance des syst\u00e8mes d'information", "code": "14.1.2", "label": "S\u00e9curisation des services d\u2019application sur les r\u00e9seaux publics", "uuid": "267fd4ac-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisition, d\u00e9veloppement et maintenance des syst\u00e8mes d'information", "code": "14.1.3", "label": "Protection des transactions li\u00e9es aux services d\u2019application", "uuid": "267fd4ed-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 li\u00e9e \u00e0 l'exploitation", "code": "12.4.1", "label": "Journalisation des \u00e9v\u00e9nements", "uuid": "267fd529-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 li\u00e9e \u00e0 l'exploitation", "code": "12.4.2", "label": "Protection de l\u2019information journalis\u00e9e", "uuid": "267fd567-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 li\u00e9e \u00e0 l'exploitation", "code": "12.4.3", "label": "Journaux administrateur et op\u00e9rateur", "uuid": "267fd5ae-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 li\u00e9e \u00e0 l'exploitation", "code": "12.4.4", "label": "Synchronisation des horloges", "uuid": "267fd610-f705-11e8-b555-0800279aaa2b" }, { "category": "Contr\u00f4le d'acc\u00e8s", "code": "9.1.1", "label": "Politique de contr\u00f4le d\u2019acc\u00e8s", "uuid": "267fd659-f705-11e8-b555-0800279aaa2b" }, { "category": "Contr\u00f4le d'acc\u00e8s", "code": "9.2.3", "label": "Gestion des privil\u00e8ges d\u2019acc\u00e8s", "uuid": "267fd69f-f705-11e8-b555-0800279aaa2b" }, { "category": "Contr\u00f4le d'acc\u00e8s", "code": "9.2.4", "label": "Gestion des informations secr\u00e8tes d\u2019authentification des utilisateurs", "uuid": "267fd6e4-f705-11e8-b555-0800279aaa2b" }, { "category": "Contr\u00f4le d'acc\u00e8s", "code": "9.2.5", "label": "Revue des droits d\u2019acc\u00e8s utilisateur", "uuid": "267fd723-f705-11e8-b555-0800279aaa2b" }, { "category": "Contr\u00f4le d'acc\u00e8s", "code": "9.3.1", "label": "Utilisation d\u2019informations secr\u00e8tes d\u2019authentification", "uuid": "267fd761-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 physique et environnementale", "code": "11.2.8", "label": "Mat\u00e9riel utilisateur laiss\u00e9 sans surveillance", "uuid": "267fd7a0-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 physique et environnementale", "code": "11.2.9", "label": "Politique du bureau propre et de l\u2019\u00e9cran vide", "uuid": "267fd7dd-f705-11e8-b555-0800279aaa2b" }, { "category": "Contr\u00f4le d'acc\u00e8s", "code": "9.1.2", "label": "Acc\u00e8s aux r\u00e9seaux et aux services en r\u00e9seau", "uuid": "267fd81b-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 des communications", "code": "13.1.3", "label": "Cloisonnement des r\u00e9seaux", "uuid": "267fd85b-f705-11e8-b555-0800279aaa2b" }, { "category": "Contr\u00f4le d'acc\u00e8s", "code": "9.2.1", "label": "Enregistrement et d\u00e9sinscription des utilisateurs", "uuid": "267fd899-f705-11e8-b555-0800279aaa2b" }, { "category": "Contr\u00f4le d'acc\u00e8s", "code": "9.4.3", "label": "Syst\u00e8me de gestion des mots de passe", "uuid": "267fd8d8-f705-11e8-b555-0800279aaa2b" }, { "category": "Contr\u00f4le d'acc\u00e8s", "code": "9.4.4", "label": "Utilisation de programmes utilitaires \u00e0 privil\u00e8ges", "uuid": "267fd917-f705-11e8-b555-0800279aaa2b" }, { "category": "Contr\u00f4le d'acc\u00e8s", "code": "9.4.2", "label": "S\u00e9curiser les proc\u00e9dures de connexion", "uuid": "267fd954-f705-11e8-b555-0800279aaa2b" }, { "category": "Contr\u00f4le d'acc\u00e8s", "code": "9.4.1", "label": "Restriction d\u2019acc\u00e8s \u00e0 l\u2019information", "uuid": "267fd993-f705-11e8-b555-0800279aaa2b" }, { "category": "Organisation de la s\u00e9curit\u00e9 de l'information", "code": "6.2.1", "label": "Politique en mati\u00e8re d'appareils mobiles", "uuid": "267fd9d0-f705-11e8-b555-0800279aaa2b" }, { "category": "Organisation de la s\u00e9curit\u00e9 de l'information", "code": "6.2.2", "label": "T\u00e9l\u00e9travail", "uuid": "267fda0e-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisition, d\u00e9veloppement et maintenance des syst\u00e8mes d'information", "code": "14.1.1", "label": "Analyse et sp\u00e9cification des exigences de s\u00e9curit\u00e9 de l\u2019information", "uuid": "267fda50-f705-11e8-b555-0800279aaa2b" }, { "category": "Cryptographie", "code": "10.1.1", "label": "Politique d\u2019utilisation des mesures cryptographiques", "uuid": "267fda8c-f705-11e8-b555-0800279aaa2b" }, { "category": "Cryptographie", "code": "10.1.2", "label": "Gestion des cl\u00e9s", "uuid": "267fdacc-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 li\u00e9e \u00e0 l'exploitation", "code": "12.5.1", "label": "Installation de logiciels sur des syst\u00e8mes en exploitation", "uuid": "267fdb18-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisition, d\u00e9veloppement et maintenance des syst\u00e8mes d'information", "code": "14.3.1", "label": "Protection des donn\u00e9es de test", "uuid": "267fdb78-f705-11e8-b555-0800279aaa2b" }, { "category": "Contr\u00f4le d'acc\u00e8s", "code": "9.4.5", "label": "Contr\u00f4le d\u2019acc\u00e8s au code source des programmes", "uuid": "267fdbf1-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisition, d\u00e9veloppement et maintenance des syst\u00e8mes d'information", "code": "14.2.2", "label": "Proc\u00e9dures de contr\u00f4le des changements apport\u00e9s au syst\u00e8me", "uuid": "267fdc38-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisition, d\u00e9veloppement et maintenance des syst\u00e8mes d'information", "code": "14.2.3", "label": "Revue technique des applications apr\u00e8s changement apport\u00e9 \u00e0 la plateforme d\u2019exploitation", "uuid": "267fdc8c-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisition, d\u00e9veloppement et maintenance des syst\u00e8mes d'information", "code": "14.2.4", "label": "Restrictions relatives aux changements apport\u00e9s aux progiciels", "uuid": "267fdcf3-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisition, d\u00e9veloppement et maintenance des syst\u00e8mes d'information", "code": "14.2.7", "label": "D\u00e9veloppement externalis\u00e9", "uuid": "267fdd55-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 li\u00e9e \u00e0 l'exploitation", "code": "12.6.1", "label": "Gestion des vuln\u00e9rabilit\u00e9s techniques", "uuid": "267fdda3-f705-11e8-b555-0800279aaa2b" }, { "category": "Gestion des incidents li\u00e9s \u00e0 la s\u00e9curit\u00e9 de l'information", "code": "16.1.2", "label": "Signalement des \u00e9v\u00e9nements li\u00e9s \u00e0 la s\u00e9curit\u00e9 de l\u2019information", "uuid": "267fddeb-f705-11e8-b555-0800279aaa2b" }, { "category": "Gestion des incidents li\u00e9s \u00e0 la s\u00e9curit\u00e9 de l'information", "code": "16.1.3", "label": "Signalement des failles li\u00e9es \u00e0 la s\u00e9curit\u00e9 de l\u2019information", "uuid": "267fde31-f705-11e8-b555-0800279aaa2b" }, { "category": "Gestion des incidents li\u00e9s \u00e0 la s\u00e9curit\u00e9 de l'information", "code": "16.1.1", "label": "Responsabilit\u00e9s et proc\u00e9dures", "uuid": "267fde78-f705-11e8-b555-0800279aaa2b" }, { "category": "Gestion des incidents li\u00e9s \u00e0 la s\u00e9curit\u00e9 de l'information", "code": "16.1.6", "label": "Tirer des enseignements des incidents li\u00e9s \u00e0 la s\u00e9curit\u00e9 de l\u2019information", "uuid": "267fdeb8-f705-11e8-b555-0800279aaa2b" }, { "category": "Gestion des incidents li\u00e9s \u00e0 la s\u00e9curit\u00e9 de l'information", "code": "16.1.7", "label": "Recueil de preuves", "uuid": "267fdef6-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisition, d\u00e9veloppement et maintenance des syst\u00e8mes d'information", "code": "14.2.5", "label": "Principes d\u2019ing\u00e9nierie de la s\u00e9curit\u00e9 des syst\u00e8mes", "uuid": "267fdf36-f705-11e8-b555-0800279aaa2b" }, { "category": "Aspects de la s\u00e9curit\u00e9 de l'information dans la gestion de la continuit\u00e9 de l'activit\u00e9", "code": "17.1.1", "label": "Organisation de la continuit\u00e9 de la s\u00e9curit\u00e9 de l\u2019information", "uuid": "267fdf76-f705-11e8-b555-0800279aaa2b" }, { "category": "Aspects de la s\u00e9curit\u00e9 de l'information dans la gestion de la continuit\u00e9 de l'activit\u00e9", "code": "17.1.2", "label": "Mise en oeuvre de la continuit\u00e9 de la s\u00e9curit\u00e9 de l\u2019information", "uuid": "267fdfbe-f705-11e8-b555-0800279aaa2b" }, { "category": "Aspects de la s\u00e9curit\u00e9 de l'information dans la gestion de la continuit\u00e9 de l'activit\u00e9", "code": "17.1.3", "label": "V\u00e9rifier, revoir et \u00e9valuer la continuit\u00e9 de la s\u00e9curit\u00e9 de l\u2019information", "uuid": "267fe022-f705-11e8-b555-0800279aaa2b" }, { "category": "Conformit\u00e9", "code": "18.1.1", "label": "Identification de la l\u00e9gislation et des exigences contractuelles applicables", "uuid": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "category": "Conformit\u00e9", "code": "18.1.2", "label": "Droits de propri\u00e9t\u00e9 intellectuelle", "uuid": "267fe307-f705-11e8-b555-0800279aaa2b" }, { "category": "Conformit\u00e9", "code": "18.1.3", "label": "Protection des enregistrements", "uuid": "267fe37d-f705-11e8-b555-0800279aaa2b" }, { "category": "Conformit\u00e9", "code": "18.1.4", "label": "Protection de la vie priv\u00e9e et protection des donn\u00e9es \u00e0 caract\u00e8re personnel", "uuid": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "category": "Conformit\u00e9", "code": "18.1.5", "label": "R\u00e9glementation relative aux mesures cryptographiques", "uuid": "267fe510-f705-11e8-b555-0800279aaa2b" }, { "category": "Conformit\u00e9", "code": "18.2.2", "label": "Conformit\u00e9 avec les politiques et les normes de s\u00e9curit\u00e9", "uuid": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "category": "Conformit\u00e9", "code": "18.2.3", "label": "Examen de la conformit\u00e9 technique", "uuid": "267fe600-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 li\u00e9e \u00e0 l'exploitation", "code": "12.7.1", "label": "Mesures relatives \u00e0 l\u2019audit des syst\u00e8mes d\u2019information", "uuid": "267fe660-f705-11e8-b555-0800279aaa2b" }, { "category": "Organisation de la s\u00e9curit\u00e9 de l'information", "code": "6.1.5", "label": "La s\u00e9curit\u00e9 de l\u2019information dans la gestion de projet", "uuid": "267fe6b9-f705-11e8-b555-0800279aaa2b" }, { "category": "Gestion des actifs", "code": "8.2.3", "label": "Manipulation des actifs", "uuid": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "category": "Contr\u00f4le d'acc\u00e8s", "code": "9.2.2", "label": "Ma\u00eetrise de la gestion des acc\u00e8s utilisateur", "uuid": "267fe782-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisition, d\u00e9veloppement et maintenance des syst\u00e8mes d'information", "code": "14.2.8", "label": "Phase de test de la s\u00e9curit\u00e9 du syst\u00e8me", "uuid": "267fe7e9-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisition, d\u00e9veloppement et maintenance des syst\u00e8mes d'information", "code": "14.2.6", "label": "Environnement de d\u00e9veloppement s\u00e9curis\u00e9", "uuid": "267fe847-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisition, d\u00e9veloppement et maintenance des syst\u00e8mes d'information", "code": "14.2.1", "label": "Politique de d\u00e9veloppement s\u00e9curis\u00e9", "uuid": "267fe8a1-f705-11e8-b555-0800279aaa2b" }, { "category": "S\u00e9curit\u00e9 li\u00e9e \u00e0 l'exploitation", "code": "12.6.2", "label": "Restrictions li\u00e9es \u00e0 l\u2019installation de logiciels", "uuid": "267fe8fe-f705-11e8-b555-0800279aaa2b" }, { "category": "Relations avec le fournisseurs", "code": "15.1.3", "label": "Chaine d\u2019approvisionnement informatique", "uuid": "267fe959-f705-11e8-b555-0800279aaa2b" }, { "category": "Gestion des incidents li\u00e9s \u00e0 la s\u00e9curit\u00e9 de l'information", "code": "16.1.4", "label": "Appr\u00e9ciation des \u00e9v\u00e9nements li\u00e9s \u00e0 la s\u00e9curit\u00e9 de l\u2019information et prise de d\u00e9cision", "uuid": "267fe9b4-f705-11e8-b555-0800279aaa2b" }, { "category": "Gestion des incidents li\u00e9s \u00e0 la s\u00e9curit\u00e9 de l'information", "code": "16.1.5", "label": "R\u00e9ponse aux incidents li\u00e9s \u00e0 la s\u00e9curit\u00e9 de l\u2019information", "uuid": "267fea11-f705-11e8-b555-0800279aaa2b" }, { "category": "Aspects de la s\u00e9curit\u00e9 de l'information dans la gestion de la continuit\u00e9 de l'activit\u00e9", "code": "17.2.1", "label": "Disponibilit\u00e9 des moyens de traitement de l\u2019information", "uuid": "267fea72-f705-11e8-b555-0800279aaa2b" } ], "version": 1, "version_ext": "ISO/IEC 27002:2013" } 2022-02-21T11:40:47.184025+00:00 https://objects.monarc.lu/object/get/39 2024-05-02T13:22:55.417281+00:00 MONARC { "authors": [ "The MONARC project" ], "label": "ISO/IEC 27002 [2013]", "language": "NL", "refs": [ "https://www.iso.org/standard/54533.html" ], "uuid": "98ca84fb-db87-11e8-ac77-0800279aaa2b", "values": [ { "category": "Informatiebeveiligingsbeleid", "code": "5.1.1", "label": "Informatiebeveiligingsbeleidslijnen", "uuid": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "category": "Informatiebeveiligingsbeleid", "code": "5.1.2", "label": "Beoordeling van de informatiebeveiligingsbeleidslijnen", "uuid": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "category": "Veilig personeel", "code": "7.2.1", "label": "Verantwoordelijkheden van de directie", "uuid": "267fc6f7-f705-11e8-b555-0800279aaa2b" }, { "category": "Organiseren van informatiebeveiliging", "code": "6.1.1", "label": "Functies en verantwoordelijkheden i.v.m. informatiebeveiliging", "uuid": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "category": "Communicatiebeveiliging", "code": "13.2.4", "label": "Verplichtingen inzake vertrouwelijkheid en niet-verspreiding", "uuid": "267fc77e-f705-11e8-b555-0800279aaa2b" }, { "category": "Organiseren van informatiebeveiliging", "code": "6.1.3", "label": "Relaties met de overheden", "uuid": "267fc7c0-f705-11e8-b555-0800279aaa2b" }, { "category": "Organiseren van informatiebeveiliging", "code": "6.1.4", "label": "Relaties met gespecialiseerde werkgroepen", "uuid": "267fc80f-f705-11e8-b555-0800279aaa2b" }, { "category": "Naleving", "code": "18.2.1", "label": "Onafhankelijke beoordeling van de informatiebeveiligingsbeleidslijnen", "uuid": "267fc84f-f705-11e8-b555-0800279aaa2b" }, { "category": "Leveranciersrelaties", "code": "15.1.1", "label": "Informatiebeveiligingsbeleid in de relaties met leveranciers", "uuid": "267fc88e-f705-11e8-b555-0800279aaa2b" }, { "category": "Leveranciersrelaties", "code": "15.1.2", "label": "Veiligheid in de met leveranciers gesloten akkoorden", "uuid": "267fc8cc-f705-11e8-b555-0800279aaa2b" }, { "category": "Beheer van bedrijfsmiddelen", "code": "8.1.1", "label": "Inventaris van de activa", "uuid": "267fc90c-f705-11e8-b555-0800279aaa2b" }, { "category": "Beheer van bedrijfsmiddelen", "code": "8.1.2", "label": "Eigendom van de activa", "uuid": "267fc94c-f705-11e8-b555-0800279aaa2b" }, { "category": "Beheer van bedrijfsmiddelen", "code": "8.1.3", "label": "Correct gebruik van de activa", "uuid": "267fc989-f705-11e8-b555-0800279aaa2b" }, { "category": "Beheer van bedrijfsmiddelen", "code": "8.2.1", "label": "Classificatie van de informatie", "uuid": "267fc9c9-f705-11e8-b555-0800279aaa2b" }, { "category": "Beheer van bedrijfsmiddelen", "code": "8.2.2", "label": "Markering van de informatie", "uuid": "267fca19-f705-11e8-b555-0800279aaa2b" }, { "category": "Veilig personeel", "code": "7.1.1", "label": "Selectie van de kandidaten", "uuid": "267fca6b-f705-11e8-b555-0800279aaa2b" }, { "category": "Veilig personeel", "code": "7.1.2", "label": "Rekruteringsvoorwaarden", "uuid": "267fcaad-f705-11e8-b555-0800279aaa2b" }, { "category": "Veilig personeel", "code": "7.2.2", "label": "Sensibilisering, kwalificatie en opleidingen inzake informatiebeveiliging", "uuid": "267fcaeb-f705-11e8-b555-0800279aaa2b" }, { "category": "Veilig personeel", "code": "7.2.3", "label": "Disciplinair proces", "uuid": "267fcb29-f705-11e8-b555-0800279aaa2b" }, { "category": "Veilig personeel", "code": "7.3.1", "label": "Voltooiing of wijziging van de verantwoordelijkheden die samenhangen met het arbeidscontract", "uuid": "267fcb79-f705-11e8-b555-0800279aaa2b" }, { "category": "Beheer van bedrijfsmiddelen", "code": "8.1.4", "label": "Teruggave van de activa", "uuid": "267fcbce-f705-11e8-b555-0800279aaa2b" }, { "category": "Toegangsbeveiliging", "code": "9.2.6", "label": "Opheffing of aanpassing van de toegangsrechten", "uuid": "267fcc3c-f705-11e8-b555-0800279aaa2b" }, { "category": "Fysieke beveiliging en beveiliging van de omgeving", "code": "11.1.1", "label": "Fysieke veiligheidsperimeter", "uuid": "267fcca4-f705-11e8-b555-0800279aaa2b" }, { "category": "Fysieke beveiliging en beveiliging van de omgeving", "code": "11.1.2", "label": "Fysieke toegangscontroles", "uuid": "267fcce9-f705-11e8-b555-0800279aaa2b" }, { "category": "Fysieke beveiliging en beveiliging van de omgeving", "code": "11.1.3", "label": "Beveiliging van de kantoren, de lokalen en de uitrustingen", "uuid": "267fcd30-f705-11e8-b555-0800279aaa2b" }, { "category": "Fysieke beveiliging en beveiliging van de omgeving", "code": "11.1.4", "label": "Beveiliging tegen externe en milieubedreigingen", "uuid": "267fcd6f-f705-11e8-b555-0800279aaa2b" }, { "category": "Fysieke beveiliging en beveiliging van de omgeving", "code": "11.1.5", "label": "Werk in de beveiligde zones", "uuid": "267fcdac-f705-11e8-b555-0800279aaa2b" }, { "category": "Fysieke beveiliging en beveiliging van de omgeving", "code": "11.1.6", "label": "Leverings- en laad- en loszones", "uuid": "267fcdec-f705-11e8-b555-0800279aaa2b" }, { "category": "Fysieke beveiliging en beveiliging van de omgeving", "code": "11.2.1", "label": "Plaats en bescherming van de hardware", "uuid": "267fce44-f705-11e8-b555-0800279aaa2b" }, { "category": "Fysieke beveiliging en beveiliging van de omgeving", "code": "11.2.2", "label": "Algemene diensten", "uuid": "267fce8a-f705-11e8-b555-0800279aaa2b" }, { "category": "Fysieke beveiliging en beveiliging van de omgeving", "code": "11.2.3", "label": "Veiligheid van de bekabeling", "uuid": "267fcecb-f705-11e8-b555-0800279aaa2b" }, { "category": "Fysieke beveiliging en beveiliging van de omgeving", "code": "11.2.4", "label": "Onderhoud van de hardware", "uuid": "267fcf0a-f705-11e8-b555-0800279aaa2b" }, { "category": "Fysieke beveiliging en beveiliging van de omgeving", "code": "11.2.6", "label": "Veiligheid van de hardware en de activa buiten de bedrijfsruimten", "uuid": "267fcf4f-f705-11e8-b555-0800279aaa2b" }, { "category": "Fysieke beveiliging en beveiliging van de omgeving", "code": "11.2.7", "label": "Veilige afdanking of recyclage van de hardware", "uuid": "267fcf90-f705-11e8-b555-0800279aaa2b" }, { "category": "Fysieke beveiliging en beveiliging van de omgeving", "code": "11.2.5", "label": "Afdanking van de activa", "uuid": "267fcfdf-f705-11e8-b555-0800279aaa2b" }, { "category": "Beveiliging bedrijfsvoering", "code": "12.1.1", "label": "Gedocumenteerde exploitatieprocedures", "uuid": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "category": "Beveiliging bedrijfsvoering", "code": "12.1.2", "label": "Beheer van verandering (change management)", "uuid": "267fd073-f705-11e8-b555-0800279aaa2b" }, { "category": "Organiseren van informatiebeveiliging", "code": "6.1.2", "label": "Scheiding van de taken", "uuid": "267fd0b1-f705-11e8-b555-0800279aaa2b" }, { "category": "Beveiliging bedrijfsvoering", "code": "12.1.4", "label": "Scheiding van de ontwikkelings-, test- en exploitatieomgevingen", "uuid": "267fd0ef-f705-11e8-b555-0800279aaa2b" }, { "category": "Leveranciersrelaties", "code": "15.2.1", "label": "Toezicht op en beoordeling van de diensten van de leveranciers", "uuid": "267fd12f-f705-11e8-b555-0800279aaa2b" }, { "category": "Leveranciersrelaties", "code": "15.2.2", "label": "Beheer van de wijzigingen aangebracht in de diensten van de leveranciers", "uuid": "267fd16b-f705-11e8-b555-0800279aaa2b" }, { "category": "Beveiliging bedrijfsvoering", "code": "12.1.3", "label": "Dimensionering", "uuid": "267fd1a8-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisitie, ontwikkeling en onderhoud van informatiesystemen", "code": "14.2.9", "label": "Systeemconformiteitstest", "uuid": "267fd1ea-f705-11e8-b555-0800279aaa2b" }, { "category": "Beveiliging bedrijfsvoering", "code": "12.2.1", "label": "Maatregelen tegen malware", "uuid": "267fd22e-f705-11e8-b555-0800279aaa2b" }, { "category": "Beveiliging bedrijfsvoering", "code": "12.3.1", "label": "Back-up van de informatie", "uuid": "267fd272-f705-11e8-b555-0800279aaa2b" }, { "category": "Communicatiebeveiliging", "code": "13.1.1", "label": "Controle van de netwerken", "uuid": "267fd2b1-f705-11e8-b555-0800279aaa2b" }, { "category": "Communicatiebeveiliging", "code": "13.1.2", "label": "Veiligheid van de netwerkdiensten", "uuid": "267fd2ee-f705-11e8-b555-0800279aaa2b" }, { "category": "Beheer van bedrijfsmiddelen", "code": "8.3.1", "label": "Beheer van de draagbare informatiedragers", "uuid": "267fd32a-f705-11e8-b555-0800279aaa2b" }, { "category": "Beheer van bedrijfsmiddelen", "code": "8.3.2", "label": "Afdanking van informatiedragers", "uuid": "267fd369-f705-11e8-b555-0800279aaa2b" }, { "category": "Communicatiebeveiliging", "code": "13.2.1", "label": "Beleid en procedures op het vlak van informatiedoorgifte", "uuid": "267fd3a6-f705-11e8-b555-0800279aaa2b" }, { "category": "Communicatiebeveiliging", "code": "13.2.2", "label": "Akkoorden op het vlak van informatiedoorgifte", "uuid": "267fd3e3-f705-11e8-b555-0800279aaa2b" }, { "category": "Beheer van bedrijfsmiddelen", "code": "8.3.3", "label": "Fysieke doorgifte van informatiedragers", "uuid": "267fd421-f705-11e8-b555-0800279aaa2b" }, { "category": "Communicatiebeveiliging", "code": "13.2.3", "label": "E-mail", "uuid": "267fd462-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisitie, ontwikkeling en onderhoud van informatiesystemen", "code": "14.1.2", "label": "Beveiliging van de toepassingsdiensten op de openbare communicatienetwerken", "uuid": "267fd4ac-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisitie, ontwikkeling en onderhoud van informatiesystemen", "code": "14.1.3", "label": "Bescherming van de transacties i.v.m. de toepassingsdiensten", "uuid": "267fd4ed-f705-11e8-b555-0800279aaa2b" }, { "category": "Beveiliging bedrijfsvoering", "code": "12.4.1", "label": "Loggen van evenementen", "uuid": "267fd529-f705-11e8-b555-0800279aaa2b" }, { "category": "Beveiliging bedrijfsvoering", "code": "12.4.2", "label": "Beveiliging van de gelogde informatie", "uuid": "267fd567-f705-11e8-b555-0800279aaa2b" }, { "category": "Beveiliging bedrijfsvoering", "code": "12.4.3", "label": "Administrator- en operatorlogboeken", "uuid": "267fd5ae-f705-11e8-b555-0800279aaa2b" }, { "category": "Beveiliging bedrijfsvoering", "code": "12.4.4", "label": "Synchronisatie van de klokken", "uuid": "267fd610-f705-11e8-b555-0800279aaa2b" }, { "category": "Toegangsbeveiliging", "code": "9.1.1", "label": "Toegangscontrolebeleid", "uuid": "267fd659-f705-11e8-b555-0800279aaa2b" }, { "category": "Toegangsbeveiliging", "code": "9.2.3", "label": "Beheer van de toegangsrechten", "uuid": "267fd69f-f705-11e8-b555-0800279aaa2b" }, { "category": "Toegangsbeveiliging", "code": "9.2.4", "label": "Beheer van de geheime gebruikersauthenticatiegegevens", "uuid": "267fd6e4-f705-11e8-b555-0800279aaa2b" }, { "category": "Toegangsbeveiliging", "code": "9.2.5", "label": "Beoordeling van de gebruikerstoegangsrechten", "uuid": "267fd723-f705-11e8-b555-0800279aaa2b" }, { "category": "Toegangsbeveiliging", "code": "9.3.1", "label": "Gebruik van geheime authenticatiegegevens", "uuid": "267fd761-f705-11e8-b555-0800279aaa2b" }, { "category": "Fysieke beveiliging en beveiliging van de omgeving", "code": "11.2.8", "label": "Onbewaakt achtergelaten gebruikershardware", "uuid": "267fd7a0-f705-11e8-b555-0800279aaa2b" }, { "category": "Fysieke beveiliging en beveiliging van de omgeving", "code": "11.2.9", "label": "Clean desk- en leeg-schermbeleid", "uuid": "267fd7dd-f705-11e8-b555-0800279aaa2b" }, { "category": "Toegangsbeveiliging", "code": "9.1.2", "label": "Toegang tot de netwerken en de netwerkdiensten", "uuid": "267fd81b-f705-11e8-b555-0800279aaa2b" }, { "category": "Communicatiebeveiliging", "code": "13.1.3", "label": "Scheiding van de netwerken", "uuid": "267fd85b-f705-11e8-b555-0800279aaa2b" }, { "category": "Toegangsbeveiliging", "code": "9.2.1", "label": "Registratie en uitschrijving van de gebruikers", "uuid": "267fd899-f705-11e8-b555-0800279aaa2b" }, { "category": "Toegangsbeveiliging", "code": "9.4.3", "label": "Wachtwoordbeheerssysteem", "uuid": "267fd8d8-f705-11e8-b555-0800279aaa2b" }, { "category": "Toegangsbeveiliging", "code": "9.4.4", "label": "Gebruik van utility-programma\u2019s met bevoegdheden", "uuid": "267fd917-f705-11e8-b555-0800279aaa2b" }, { "category": "Toegangsbeveiliging", "code": "9.4.2", "label": "Beveiligen van de verbindingsprocedures", "uuid": "267fd954-f705-11e8-b555-0800279aaa2b" }, { "category": "Toegangsbeveiliging", "code": "9.4.1", "label": "Beperking van de toegang tot de informatie", "uuid": "267fd993-f705-11e8-b555-0800279aaa2b" }, { "category": "Organiseren van informatiebeveiliging", "code": "6.2.1", "label": "Beleid inzake mobiele toestellen", "uuid": "267fd9d0-f705-11e8-b555-0800279aaa2b" }, { "category": "Organiseren van informatiebeveiliging", "code": "6.2.2", "label": "Telewerk", "uuid": "267fda0e-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisitie, ontwikkeling en onderhoud van informatiesystemen", "code": "14.1.1", "label": "Analyse en specificatie van de eisen inzake informatiebeveiliging", "uuid": "267fda50-f705-11e8-b555-0800279aaa2b" }, { "category": "Cryptografie", "code": "10.1.1", "label": "Beleid inzake het gebruik van cryptografische maatregelen", "uuid": "267fda8c-f705-11e8-b555-0800279aaa2b" }, { "category": "Cryptografie", "code": "10.1.2", "label": "Beheer van de sleutels", "uuid": "267fdacc-f705-11e8-b555-0800279aaa2b" }, { "category": "Beveiliging bedrijfsvoering", "code": "12.5.1", "label": "Installatie van software op werkende systemen", "uuid": "267fdb18-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisitie, ontwikkeling en onderhoud van informatiesystemen", "code": "14.3.1", "label": "Beveiliging van de testgegevens", "uuid": "267fdb78-f705-11e8-b555-0800279aaa2b" }, { "category": "Toegangsbeveiliging", "code": "9.4.5", "label": "Controle van de toegang tot de broncode van de programma\u2019s", "uuid": "267fdbf1-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisitie, ontwikkeling en onderhoud van informatiesystemen", "code": "14.2.2", "label": "Procedures voor de controle van de aan het systeem aangebrachte wijzigingen", "uuid": "267fdc38-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisitie, ontwikkeling en onderhoud van informatiesystemen", "code": "14.2.3", "label": "Technische beoordeling van de toepassingen na het aanbrengen van wijzigingen aan het besturingsplatform", "uuid": "267fdc8c-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisitie, ontwikkeling en onderhoud van informatiesystemen", "code": "14.2.4", "label": "Beperkingen op het vlak van het aanbrengen van wijzigingen aan softwarepakketten.", "uuid": "267fdcf3-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisitie, ontwikkeling en onderhoud van informatiesystemen", "code": "14.2.7", "label": "Geoutsourcete ontwikkeling ", "uuid": "267fdd55-f705-11e8-b555-0800279aaa2b" }, { "category": "Beveiliging bedrijfsvoering", "code": "12.6.1", "label": "Beheer van de technische kwetsbaarheden", "uuid": "267fdda3-f705-11e8-b555-0800279aaa2b" }, { "category": "Beheer van informatiebeveiligingsincidenten", "code": "16.1.2", "label": "Signalering van de gebeurtenissen i.v.m. informatiebeveiliging", "uuid": "267fddeb-f705-11e8-b555-0800279aaa2b" }, { "category": "Beheer van informatiebeveiligingsincidenten", "code": "16.1.3", "label": "Signalering van fouten i.v.m. informatiebeveiliging", "uuid": "267fde31-f705-11e8-b555-0800279aaa2b" }, { "category": "Beheer van informatiebeveiligingsincidenten", "code": "16.1.1", "label": "Verantwoordelijkheden en procedures", "uuid": "267fde78-f705-11e8-b555-0800279aaa2b" }, { "category": "Beheer van informatiebeveiligingsincidenten", "code": "16.1.6", "label": "Lessen trekken uit incidenten i.v.m. informatiebeveiliging", "uuid": "267fdeb8-f705-11e8-b555-0800279aaa2b" }, { "category": "Beheer van informatiebeveiligingsincidenten", "code": "16.1.7", "label": "Verzameling van bewijzen", "uuid": "267fdef6-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisitie, ontwikkeling en onderhoud van informatiesystemen", "code": "14.2.5", "label": "Engineeringbeginselen van systeembeveiliging", "uuid": "267fdf36-f705-11e8-b555-0800279aaa2b" }, { "category": "Informatiebeveiligingsaspecten van bedrijfscontinu\u00efteitsbeheer", "code": "17.1.1", "label": "Organisatie van de continu\u00efteit van de informatiebeveiliging", "uuid": "267fdf76-f705-11e8-b555-0800279aaa2b" }, { "category": "Informatiebeveiligingsaspecten van bedrijfscontinu\u00efteitsbeheer", "code": "17.1.2", "label": "Implementatie van de continu\u00efteit van de informatiebeveiliging", "uuid": "267fdfbe-f705-11e8-b555-0800279aaa2b" }, { "category": "Informatiebeveiligingsaspecten van bedrijfscontinu\u00efteitsbeheer", "code": "17.1.3", "label": "Verifi\u00ebren, herzien en evalueren van de continu\u00efteit van de informatiebeveiliging", "uuid": "267fe022-f705-11e8-b555-0800279aaa2b" }, { "category": "Naleving", "code": "18.1.1", "label": "Identificatie van de wetgeving en de geldende contractuele eisen", "uuid": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "category": "Naleving", "code": "18.1.2", "label": "Intellectuele eigendomsrechten", "uuid": "267fe307-f705-11e8-b555-0800279aaa2b" }, { "category": "Naleving", "code": "18.1.3", "label": "Bescherming van de opnamen", "uuid": "267fe37d-f705-11e8-b555-0800279aaa2b" }, { "category": "Naleving", "code": "18.1.4", "label": "Bescherming van het priv\u00e9leven en bescherming van persoonlijke gegevens", "uuid": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "category": "Naleving", "code": "18.1.5", "label": "Voorschriften op het vlak van cryptografische maatregelen", "uuid": "267fe510-f705-11e8-b555-0800279aaa2b" }, { "category": "Naleving", "code": "18.2.2", "label": "Conformiteit met het veiligheidsbeleid en de veiligheidsnormen", "uuid": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "category": "Naleving", "code": "18.2.3", "label": "Onderzoek van de technische conformiteit", "uuid": "267fe600-f705-11e8-b555-0800279aaa2b" }, { "category": "Beveiliging bedrijfsvoering", "code": "12.7.1", "label": "Maatregelen betreffende de audit van de informatiesystemen", "uuid": "267fe660-f705-11e8-b555-0800279aaa2b" }, { "category": "Organiseren van informatiebeveiliging", "code": "6.1.5", "label": "Informatiebeveiliging in projectmanagement", "uuid": "267fe6b9-f705-11e8-b555-0800279aaa2b" }, { "category": "Beheer van bedrijfsmiddelen", "code": "8.2.3", "label": "Manipulatie van de activa", "uuid": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "category": "Toegangsbeveiliging", "code": "9.2.2", "label": "Beheersing van het gebruikerstoegangsbeheer", "uuid": "267fe782-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisitie, ontwikkeling en onderhoud van informatiesystemen", "code": "14.2.8", "label": "Testfase van systeembeveiliging", "uuid": "267fe7e9-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisitie, ontwikkeling en onderhoud van informatiesystemen", "code": "14.2.6", "label": "Beveiligde ontwikkelingsomgeving", "uuid": "267fe847-f705-11e8-b555-0800279aaa2b" }, { "category": "Acquisitie, ontwikkeling en onderhoud van informatiesystemen", "code": "14.2.1", "label": "Beveiligd ontwikkelingsbeleid", "uuid": "267fe8a1-f705-11e8-b555-0800279aaa2b" }, { "category": "Beveiliging bedrijfsvoering", "code": "12.6.2", "label": "Beperkingen inzake de installatie van software", "uuid": "267fe8fe-f705-11e8-b555-0800279aaa2b" }, { "category": "Leveranciersrelaties", "code": "15.1.3", "label": "IT-bevoorradingsketen", "uuid": "267fe959-f705-11e8-b555-0800279aaa2b" }, { "category": "Beheer van informatiebeveiligingsincidenten", "code": "16.1.4", "label": "Beoordeling van de gebeurtenissen i.v.m. informatiebeveiliging en besluitvorming", "uuid": "267fe9b4-f705-11e8-b555-0800279aaa2b" }, { "category": "Beheer van informatiebeveiligingsincidenten", "code": "16.1.5", "label": "Reactie op incidenten i.v.m. informatiebeveiliging", "uuid": "267fea11-f705-11e8-b555-0800279aaa2b" }, { "category": "Informatiebeveiligingsaspecten van bedrijfscontinu\u00efteitsbeheer", "code": "17.2.1", "label": "Beschikbaarheid van de informatieverwerkingsmiddelen", "uuid": "267fea72-f705-11e8-b555-0800279aaa2b" } ], "version": 1, "version_ext": "ISO/IEC 27002:2013" } 2022-02-21T11:41:18.995587+00:00 https://objects.monarc.lu/object/get/28 2024-05-02T13:22:55.416321+00:00 MONARC { "label": "ISO/IEC 27002 [2013]", "language": "EN", "refs": [ "https://www.iso.org/standard/54533.html" ], "uuid": "98ca84fb-db87-11e8-ac77-0800279aaa2b", "values": [ { "category": "Information security policies", "code": "5.1.1", "label": "Policies for information security", "uuid": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "category": "Information security policies", "code": "5.1.2", "label": "Review of the policies for information security", "uuid": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "category": "Organization of information security", "code": "6.1.1", "label": "Information security roles and responsibilities", "uuid": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "category": "Organization of information security", "code": "6.1.2", "label": "Segregation of duties", "uuid": "267fd0b1-f705-11e8-b555-0800279aaa2b" }, { "category": "Organization of information security", "code": "6.1.3", "label": "Contact with authorities", "uuid": "267fc7c0-f705-11e8-b555-0800279aaa2b" }, { "category": "Organization of information security", "code": "6.1.4", "label": "Contact with special interest groups", "uuid": "267fc80f-f705-11e8-b555-0800279aaa2b" }, { "category": "Organization of information security", "code": "6.1.5", "label": "Information Security in Project Management", "uuid": "267fe6b9-f705-11e8-b555-0800279aaa2b" }, { "category": "Organization of information security", "code": "6.2.1", "label": "Mobile device policy", "uuid": "267fd9d0-f705-11e8-b555-0800279aaa2b" }, { "category": "Organization of information security", "code": "6.2.2", "label": "Teleworking", "uuid": "267fda0e-f705-11e8-b555-0800279aaa2b" }, { "category": "Human resource security", "code": "7.1.1", "label": "Screening", "uuid": "267fca6b-f705-11e8-b555-0800279aaa2b" }, { "category": "Human resource security", "code": "7.1.2", "label": "Terms and conditions of employment", "uuid": "267fcaad-f705-11e8-b555-0800279aaa2b" }, { "category": "Human resource security", "code": "7.2.1", "label": "Management responsibilities", "uuid": "267fc6f7-f705-11e8-b555-0800279aaa2b" }, { "category": "Human resource security", "code": "7.2.2", "label": "Information security awareness, education and training", "uuid": "267fcaeb-f705-11e8-b555-0800279aaa2b" }, { "category": "Human resource security", "code": "7.2.3", "label": "Disciplinary process", "uuid": "267fcb29-f705-11e8-b555-0800279aaa2b" }, { "category": "Human resource security", "code": "7.3.1", "label": "Termination or change of employment responsibilities", "uuid": "267fcb79-f705-11e8-b555-0800279aaa2b" }, { "category": "Asset management", "code": "8.1.1", "label": "Inventory of Assets", "uuid": "267fc90c-f705-11e8-b555-0800279aaa2b" }, { "category": "Asset management", "code": "8.1.2", "label": "Ownership of assets", "uuid": "267fc94c-f705-11e8-b555-0800279aaa2b" }, { "category": "Asset management", "code": "8.1.3", "label": "Acceptable use of assets", "uuid": "267fc989-f705-11e8-b555-0800279aaa2b" }, { "category": "Asset management", "code": "8.1.4", "label": "Return of assets", "uuid": "267fcbce-f705-11e8-b555-0800279aaa2b" }, { "category": "Asset management", "code": "8.2.1", "label": "Classification guidelines", "uuid": "267fc9c9-f705-11e8-b555-0800279aaa2b" }, { "category": "Asset management", "code": "8.2.2", "label": "Labelling of information", "uuid": "267fca19-f705-11e8-b555-0800279aaa2b" }, { "category": "Asset management", "code": "8.2.3", "label": "Handling of assets", "uuid": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "category": "Asset management", "code": "8.3.1", "label": "Management of removeable media", "uuid": "267fd32a-f705-11e8-b555-0800279aaa2b" }, { "category": "Asset management", "code": "8.3.2", "label": "Disposal of media", "uuid": "267fd369-f705-11e8-b555-0800279aaa2b" }, { "category": "Asset management", "code": "8.3.3", "label": "Physical Media transfer", "uuid": "267fd421-f705-11e8-b555-0800279aaa2b" }, { "category": "Access control", "code": "9.1.1", "label": "Access control policy", "uuid": "267fd659-f705-11e8-b555-0800279aaa2b" }, { "category": "Access control", "code": "9.1.2", "label": "Access to networks and network services", "uuid": "267fd81b-f705-11e8-b555-0800279aaa2b" }, { "category": "Access control", "code": "9.2.1", "label": "User registration and deregistration", "uuid": "267fd899-f705-11e8-b555-0800279aaa2b" }, { "category": "Access control", "code": "9.2.2", "label": "User access provisioning", "uuid": "267fe782-f705-11e8-b555-0800279aaa2b" }, { "category": "Access control", "code": "9.2.3", "label": "Management of privileged access rights", "uuid": "267fd69f-f705-11e8-b555-0800279aaa2b" }, { "category": "Access control", "code": "9.2.4", "label": "Management of secret authentication information of users", "uuid": "267fd6e4-f705-11e8-b555-0800279aaa2b" }, { "category": "Access control", "code": "9.2.5", "label": "Review of user access rights", "uuid": "267fd723-f705-11e8-b555-0800279aaa2b" }, { "category": "Access control", "code": "9.2.6", "label": "Removal or adjustment of access rights", "uuid": "267fcc3c-f705-11e8-b555-0800279aaa2b" }, { "category": "Access control", "code": "9.3.1", "label": "Use of secret authentication information", "uuid": "267fd761-f705-11e8-b555-0800279aaa2b" }, { "category": "Access control", "code": "9.4.1", "label": "Information access restriction", "uuid": "267fd993-f705-11e8-b555-0800279aaa2b" }, { "category": "Access control", "code": "9.4.2", "label": "Secure log-on procedures", "uuid": "267fd954-f705-11e8-b555-0800279aaa2b" }, { "category": "Access control", "code": "9.4.3", "label": "Password management system", "uuid": "267fd8d8-f705-11e8-b555-0800279aaa2b" }, { "category": "Access control", "code": "9.4.4", "label": "Use of privileged utility programs", "uuid": "267fd917-f705-11e8-b555-0800279aaa2b" }, { "category": "Access control", "code": "9.4.5", "label": "Access control to program source code", "uuid": "267fdbf1-f705-11e8-b555-0800279aaa2b" }, { "category": "Cryptography", "code": "10.1.1", "label": "Policy on the use of cryptographic controls", "uuid": "267fda8c-f705-11e8-b555-0800279aaa2b" }, { "category": "Cryptography", "code": "10.1.2", "label": "Key management", "uuid": "267fdacc-f705-11e8-b555-0800279aaa2b" }, { "category": "Physical and environmental security", "code": "11.1.1", "label": "Physical security perimeter", "uuid": "267fcca4-f705-11e8-b555-0800279aaa2b" }, { "category": "Physical and environmental security", "code": "11.1.2", "label": "Physical entry controls", "uuid": "267fcce9-f705-11e8-b555-0800279aaa2b" }, { "category": "Physical and environmental security", "code": "11.1.3", "label": "Securing offices, rooms and facilities", "uuid": "267fcd30-f705-11e8-b555-0800279aaa2b" }, { "category": "Physical and environmental security", "code": "11.1.4", "label": "Protecting against external and environmental attacks", "uuid": "267fcd6f-f705-11e8-b555-0800279aaa2b" }, { "category": "Physical and environmental security", "code": "11.1.5", "label": "Working in secure areas", "uuid": "267fcdac-f705-11e8-b555-0800279aaa2b" }, { "category": "Physical and environmental security", "code": "11.1.6", "label": "Delivery and loading areas", "uuid": "267fcdec-f705-11e8-b555-0800279aaa2b" }, { "category": "Physical and environmental security", "code": "11.2.1", "label": "Equipment siting and protection", "uuid": "267fce44-f705-11e8-b555-0800279aaa2b" }, { "category": "Physical and environmental security", "code": "11.2.2", "label": "Supporting utilities", "uuid": "267fce8a-f705-11e8-b555-0800279aaa2b" }, { "category": "Physical and environmental security", "code": "11.2.3", "label": "Cabling Security", "uuid": "267fcecb-f705-11e8-b555-0800279aaa2b" }, { "category": "Physical and environmental security", "code": "11.2.4", "label": "Equipment maintenance", "uuid": "267fcf0a-f705-11e8-b555-0800279aaa2b" }, { "category": "Physical and environmental security", "code": "11.2.5", "label": "Security of equipment off-premises", "uuid": "267fcfdf-f705-11e8-b555-0800279aaa2b" }, { "category": "Physical and environmental security", "code": "11.2.6", "label": "Security of equipment and assets off-premises", "uuid": "267fcf4f-f705-11e8-b555-0800279aaa2b" }, { "category": "Physical and environmental security", "code": "11.2.7", "label": "Secure disposal or re-use of equipment", "uuid": "267fcf90-f705-11e8-b555-0800279aaa2b" }, { "category": "Physical and environmental security", "code": "11.2.8", "label": "Unattended user equipment", "uuid": "267fd7a0-f705-11e8-b555-0800279aaa2b" }, { "category": "Physical and environmental security", "code": "11.2.9", "label": "Clear desk and clear screen policy", "uuid": "267fd7dd-f705-11e8-b555-0800279aaa2b" }, { "category": "Operations security", "code": "12.1.1", "label": "Documented operating procedures", "uuid": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "category": "Operations security", "code": "12.1.2", "label": "Change management", "uuid": "267fd073-f705-11e8-b555-0800279aaa2b" }, { "category": "Operations security", "code": "12.1.3", "label": "Capacity management", "uuid": "267fd1a8-f705-11e8-b555-0800279aaa2b" }, { "category": "Operations security", "code": "12.1.4", "label": "Separation of development, testing and operational environments", "uuid": "267fd0ef-f705-11e8-b555-0800279aaa2b" }, { "category": "Operations security", "code": "12.2.1", "label": "Controls against malicious code", "uuid": "267fd22e-f705-11e8-b555-0800279aaa2b" }, { "category": "Operations security", "code": "12.3.1", "label": "Information Backup", "uuid": "267fd272-f705-11e8-b555-0800279aaa2b" }, { "category": "Operations security", "code": "12.4.1", "label": "Event logging", "uuid": "267fd529-f705-11e8-b555-0800279aaa2b" }, { "category": "Operations security", "code": "12.4.2", "label": "Protection of log information", "uuid": "267fd567-f705-11e8-b555-0800279aaa2b" }, { "category": "Operations security", "code": "12.4.3", "label": "Administrator and operator logs", "uuid": "267fd5ae-f705-11e8-b555-0800279aaa2b" }, { "category": "Operations security", "code": "12.4.4", "label": "Clock synchronisation", "uuid": "267fd610-f705-11e8-b555-0800279aaa2b" }, { "category": "Operations security", "code": "12.5.1", "label": "Installation of software on operational systems", "uuid": "267fdb18-f705-11e8-b555-0800279aaa2b" }, { "category": "Operations security", "code": "12.6.1", "label": "Management of technical vulnerabilities", "uuid": "267fdda3-f705-11e8-b555-0800279aaa2b" }, { "category": "Operations security", "code": "12.6.2", "label": "Restrictions on software installation", "uuid": "267fe8fe-f705-11e8-b555-0800279aaa2b" }, { "category": "Operations security", "code": "12.7.1", "label": "Information systems audit controls", "uuid": "267fe660-f705-11e8-b555-0800279aaa2b" }, { "category": "Communications security", "code": "13.1.1", "label": "Network controls", "uuid": "267fd2b1-f705-11e8-b555-0800279aaa2b" }, { "category": "Communications security", "code": "13.1.2", "label": "Security of network services", "uuid": "267fd2ee-f705-11e8-b555-0800279aaa2b" }, { "category": "Communications security", "code": "13.1.3", "label": "Segregation in networks", "uuid": "267fd85b-f705-11e8-b555-0800279aaa2b" }, { "category": "Communications security", "code": "13.2.1", "label": "Information transfer policies and procedures", "uuid": "267fd3a6-f705-11e8-b555-0800279aaa2b" }, { "category": "Communications security", "code": "13.2.2", "label": "Agreements on information transfer", "uuid": "267fd3e3-f705-11e8-b555-0800279aaa2b" }, { "category": "Communications security", "code": "13.2.3", "label": "Electronic messaging", "uuid": "267fd462-f705-11e8-b555-0800279aaa2b" }, { "category": "Communications security", "code": "13.2.4", "label": "Confidentiality or non-disclosure agreements", "uuid": "267fc77e-f705-11e8-b555-0800279aaa2b" }, { "category": "System acquisition, development and maintenance", "code": "14.1.1", "label": "Information security requirements analysis and specification", "uuid": "267fda50-f705-11e8-b555-0800279aaa2b" }, { "category": "System acquisition, development and maintenance", "code": "14.1.2", "label": "Securing application services on public networks", "uuid": "267fd4ac-f705-11e8-b555-0800279aaa2b" }, { "category": "System acquisition, development and maintenance", "code": "14.1.3", "label": "Protecting application services transactions", "uuid": "267fd4ed-f705-11e8-b555-0800279aaa2b" }, { "category": "System acquisition, development and maintenance", "code": "14.2.1", "label": "Secure development policy", "uuid": "267fe8a1-f705-11e8-b555-0800279aaa2b" }, { "category": "System acquisition, development and maintenance", "code": "14.2.2", "label": "System change control procedures", "uuid": "267fdc38-f705-11e8-b555-0800279aaa2b" }, { "category": "System acquisition, development and maintenance", "code": "14.2.3", "label": "Technical review of applications after operating platform changes", "uuid": "267fdc8c-f705-11e8-b555-0800279aaa2b" }, { "category": "System acquisition, development and maintenance", "code": "14.2.4", "label": "Restrictions on changes to software packages", "uuid": "267fdcf3-f705-11e8-b555-0800279aaa2b" }, { "category": "System acquisition, development and maintenance", "code": "14.2.5", "label": "Secure system engineering principles", "uuid": "267fdf36-f705-11e8-b555-0800279aaa2b" }, { "category": "System acquisition, development and maintenance", "code": "14.2.6", "label": "Secure development environment", "uuid": "267fe847-f705-11e8-b555-0800279aaa2b" }, { "category": "System acquisition, development and maintenance", "code": "14.2.7", "label": "Outsourced software development", "uuid": "267fdd55-f705-11e8-b555-0800279aaa2b" }, { "category": "System acquisition, development and maintenance", "code": "14.2.8", "label": "System security testing", "uuid": "267fe7e9-f705-11e8-b555-0800279aaa2b" }, { "category": "System acquisition, development and maintenance", "code": "14.2.9", "label": "System acceptance testing", "uuid": "267fd1ea-f705-11e8-b555-0800279aaa2b" }, { "category": "System acquisition, development and maintenance", "code": "14.3.1", "label": "Protection of test data", "uuid": "267fdb78-f705-11e8-b555-0800279aaa2b" }, { "category": "Supplier relationships", "code": "15.1.1", "label": "Information security policy for supplier relationships", "uuid": "267fc88e-f705-11e8-b555-0800279aaa2b" }, { "category": "Supplier relationships", "code": "15.1.2", "label": "Addressing security within supplier agreements", "uuid": "267fc8cc-f705-11e8-b555-0800279aaa2b" }, { "category": "Supplier relationships", "code": "15.1.3", "label": "Informaiton and communication technology supply chain", "uuid": "267fe959-f705-11e8-b555-0800279aaa2b" }, { "category": "Supplier relationships", "code": "15.2.1", "label": "Monitoring and review of supplier services", "uuid": "267fd12f-f705-11e8-b555-0800279aaa2b" }, { "category": "Supplier relationships", "code": "15.2.2", "label": "Managing changes to supplier services", "uuid": "267fd16b-f705-11e8-b555-0800279aaa2b" }, { "category": "information security incident management", "code": "16.1.1", "label": "Responsibilities and procedures", "uuid": "267fde78-f705-11e8-b555-0800279aaa2b" }, { "category": "information security incident management", "code": "16.1.2", "label": "Reporting information security events", "uuid": "267fddeb-f705-11e8-b555-0800279aaa2b" }, { "category": "information security incident management", "code": "16.1.3", "label": "Reporting information security weaknesses", "uuid": "267fde31-f705-11e8-b555-0800279aaa2b" }, { "category": "information security incident management", "code": "16.1.4", "label": "Assessment of and decision on information security events", "uuid": "267fe9b4-f705-11e8-b555-0800279aaa2b" }, { "category": "information security incident management", "code": "16.1.5", "label": "Response in information security incidents", "uuid": "267fea11-f705-11e8-b555-0800279aaa2b" }, { "category": "information security incident management", "code": "16.1.6", "label": "Learning from information security incidents", "uuid": "267fdeb8-f705-11e8-b555-0800279aaa2b" }, { "category": "information security incident management", "code": "16.1.7", "label": "Collection of evidence", "uuid": "267fdef6-f705-11e8-b555-0800279aaa2b" }, { "category": "Information security aspects of business continuity management", "code": "17.1.1", "label": "Planning information security continuity", "uuid": "267fdf76-f705-11e8-b555-0800279aaa2b" }, { "category": "Information security aspects of business continuity management", "code": "17.1.2", "label": "Implementing information security continuity", "uuid": "267fdfbe-f705-11e8-b555-0800279aaa2b" }, { "category": "Information security aspects of business continuity management", "code": "17.1.3", "label": "Verify, review and evaluate information security continuity", "uuid": "267fe022-f705-11e8-b555-0800279aaa2b" }, { "category": "Information security aspects of business continuity management", "code": "17.2.1", "label": "Availability of information processing facilities", "uuid": "267fea72-f705-11e8-b555-0800279aaa2b" }, { "category": "Compliance", "code": "18.1.1", "label": "Identification of applicable legislation", "uuid": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "category": "Compliance", "code": "18.1.2", "label": "Intellectual Property Rights", "uuid": "267fe307-f705-11e8-b555-0800279aaa2b" }, { "category": "Compliance", "code": "18.1.3", "label": "Protection of records", "uuid": "267fe37d-f705-11e8-b555-0800279aaa2b" }, { "category": "Compliance", "code": "18.1.4", "label": "Privacy and protection of personally identifiable information", "uuid": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "category": "Compliance", "code": "18.1.5", "label": "Regulation of cryptographic controls", "uuid": "267fe510-f705-11e8-b555-0800279aaa2b" }, { "category": "Compliance", "code": "18.2.1", "label": "Independent review of information security", "uuid": "267fc84f-f705-11e8-b555-0800279aaa2b" }, { "category": "Compliance", "code": "18.2.2", "label": "Compliance with security policies and standards", "uuid": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "category": "Compliance", "code": "18.2.3", "label": "Technical compliance review", "uuid": "267fe600-f705-11e8-b555-0800279aaa2b" } ], "version": 1, "version_ext": "ISO/IEC 27002:2013" } 2022-02-21T12:45:14.000538+00:00 https://objects.monarc.lu/object/get/5228 2024-05-02T13:22:55.415655+00:00 MONARC { "label": "ISO/IEC 27002 [2013] - ISO/IEC 27002 [2022]", "refs": [ "https://www.iso.org/standard/75652.html" ], "security referentials UUID": [ "98ca84fb-db87-11e8-ac77-0800279aaa2b", "831acc76-2bcc-4376-836a-f6b0ee6df568" ], "uuid": "dee86397-a961-4598-a22c-2b7b20dc9675", "values": [ { "control": "ac5590c1-5e43-4a29-87fb-5ba7416a0831", "match": "267fc596-f705-11e8-b555-0800279aaa2b" }, { "control": "ac5590c1-5e43-4a29-87fb-5ba7416a0831", "match": "267fc6a6-f705-11e8-b555-0800279aaa2b" }, { "control": "957e0fb3-f06e-4ef5-b152-f1045b3a576f", "match": "267fc6f7-f705-11e8-b555-0800279aaa2b" }, { "control": "dcdebb24-3cf2-4c27-bb01-4cd04118e6f5", "match": "267fc73c-f705-11e8-b555-0800279aaa2b" }, { "control": "e283f5ed-3a64-4bed-b479-35e4cd8173e6", "match": "267fc77e-f705-11e8-b555-0800279aaa2b" }, { "control": "7a5c4510-1d09-481b-822d-2d58745d390b", "match": "267fc7c0-f705-11e8-b555-0800279aaa2b" }, { "control": "33aa534c-482a-4503-919c-635ac65d084e", "match": "267fc80f-f705-11e8-b555-0800279aaa2b" }, { "control": "41d38a42-6f44-4561-b0a2-801095d4eec9", "match": "267fc84f-f705-11e8-b555-0800279aaa2b" }, { "control": "239e3bca-0b4b-4692-9ba1-9e2a73d6cc40", "match": "267fc88e-f705-11e8-b555-0800279aaa2b" }, { "control": "0a23f517-b172-47b2-bc0a-0f693d2900b0", "match": "267fc8cc-f705-11e8-b555-0800279aaa2b" }, { "control": "48ecb62f-f73d-4c65-a8e4-2fa831346a70", "match": "267fc90c-f705-11e8-b555-0800279aaa2b" }, { "control": "48ecb62f-f73d-4c65-a8e4-2fa831346a70", "match": "267fc94c-f705-11e8-b555-0800279aaa2b" }, { "control": "95882551-578c-4c0d-afe8-1dff2b251da4", "match": "267fc989-f705-11e8-b555-0800279aaa2b" }, { "control": "4ca57d37-8fc9-4d15-b6a7-64416a520ac1", "match": "267fc9c9-f705-11e8-b555-0800279aaa2b" }, { "control": "006fc402-2bba-4bcb-85b6-7bb9de4c54cd", "match": "267fca19-f705-11e8-b555-0800279aaa2b" }, { "control": "9e7bdc0e-1603-4545-a2cc-0650fe035e37", "match": "267fca6b-f705-11e8-b555-0800279aaa2b" }, { "control": "83389b64-b080-4625-8e81-05174311e2d8", "match": "267fcaad-f705-11e8-b555-0800279aaa2b" }, { "control": "bb6eac6b-129a-4ea8-8c26-3df5e05d9680", "match": "267fcaeb-f705-11e8-b555-0800279aaa2b" }, { "control": "9acaadb0-2f58-4d9b-963b-7671ed0471a6", "match": "267fcb29-f705-11e8-b555-0800279aaa2b" }, { "control": "e4ef6822-7f1f-46f8-9700-37cde17e81b8", "match": "267fcb79-f705-11e8-b555-0800279aaa2b" }, { "control": "fb24425c-10df-4bc3-9b48-d72b952b92b5", "match": "267fcbce-f705-11e8-b555-0800279aaa2b" }, { "control": "c26bedb1-42f5-4154-8cea-b923b1103cfe", "match": "267fcc3c-f705-11e8-b555-0800279aaa2b" }, { "control": "26fbd0ef-28da-4930-850f-8519da290fd4", "match": "267fcca4-f705-11e8-b555-0800279aaa2b" }, { "control": "14667423-4f22-49dd-a0fc-bbf3c25597d3", "match": "267fcce9-f705-11e8-b555-0800279aaa2b" }, { "control": "474fedbd-0b89-436c-ac04-41c21d6e7420", "match": "267fcd30-f705-11e8-b555-0800279aaa2b" }, { "control": "07285d43-9ee2-406b-a9fa-3ad36650054b", "match": "267fcd6f-f705-11e8-b555-0800279aaa2b" }, { "control": "cb371cfa-e8d4-4a83-af29-2f8982929268", "match": "267fcdac-f705-11e8-b555-0800279aaa2b" }, { "control": "14667423-4f22-49dd-a0fc-bbf3c25597d3", "match": "267fcdec-f705-11e8-b555-0800279aaa2b" }, { "control": "a3897661-541e-4c4c-9844-2981d8288ec6", "match": "267fce44-f705-11e8-b555-0800279aaa2b" }, { "control": "fc66f113-3f02-4354-8610-879b5467971a", "match": "267fce8a-f705-11e8-b555-0800279aaa2b" }, { "control": "00e9c4c9-c718-4834-a312-c08abb03838c", "match": "267fcecb-f705-11e8-b555-0800279aaa2b" }, { "control": "096b291e-bded-40aa-a3f7-492bcc5dcf4c", "match": "267fcf0a-f705-11e8-b555-0800279aaa2b" }, { "control": "68c2f82b-83a3-4aaf-9bce-c57b3f537fa6", "match": "267fcf4f-f705-11e8-b555-0800279aaa2b" }, { "control": "43e73ea3-8fcd-455c-b05e-c5d8a747ec33", "match": "267fcf90-f705-11e8-b555-0800279aaa2b" }, { "control": "1167decd-0e55-4359-8fb2-599c490d89fa", "match": "267fcfdf-f705-11e8-b555-0800279aaa2b" }, { "control": "4c41ffb8-fbf4-48b7-9e16-52293fbcc3c3", "match": "267fd029-f705-11e8-b555-0800279aaa2b" }, { "control": "866a0676-f2bd-4499-ba25-cd6f9466969a", "match": "267fd073-f705-11e8-b555-0800279aaa2b" }, { "control": "6ea4f43d-0d12-4edf-8191-bf469f25e252", "match": "267fd0b1-f705-11e8-b555-0800279aaa2b" }, { "control": "00383120-11a9-4b95-bfb9-47b3d4975bcb", "match": "267fd0ef-f705-11e8-b555-0800279aaa2b" }, { "control": "307d39d8-d31f-4b55-8a0e-9632cd0e380a", "match": "267fd12f-f705-11e8-b555-0800279aaa2b" }, { "control": "307d39d8-d31f-4b55-8a0e-9632cd0e380a", "match": "267fd16b-f705-11e8-b555-0800279aaa2b" }, { "control": "e8d6402b-f022-494b-b289-3d5d98368e8e", "match": "267fd1a8-f705-11e8-b555-0800279aaa2b" }, { "control": "991f8c55-2da0-4dbf-b604-cbadc8df8389", "match": "267fd1ea-f705-11e8-b555-0800279aaa2b" }, { "control": "f331b956-c83b-47b6-a563-09222b1ae7a0", "match": "267fd22e-f705-11e8-b555-0800279aaa2b" }, { "control": "e2e52a80-4222-4f57-b471-92ce90a83ed7", "match": "267fd272-f705-11e8-b555-0800279aaa2b" }, { "control": "3cfb677a-cc3c-437d-aabf-c0ad88d740a5", "match": "267fd2b1-f705-11e8-b555-0800279aaa2b" }, { "control": "47ad87a1-dd3e-443e-8d82-2ec782979637", "match": "267fd2ee-f705-11e8-b555-0800279aaa2b" }, { "control": "1167decd-0e55-4359-8fb2-599c490d89fa", "match": "267fd32a-f705-11e8-b555-0800279aaa2b" }, { "control": "1167decd-0e55-4359-8fb2-599c490d89fa", "match": "267fd369-f705-11e8-b555-0800279aaa2b" }, { "control": "1fbd96df-158c-47a2-8dc5-a22c6f915a79", "match": "267fd3a6-f705-11e8-b555-0800279aaa2b" }, { "control": "1fbd96df-158c-47a2-8dc5-a22c6f915a79", "match": "267fd3e3-f705-11e8-b555-0800279aaa2b" }, { "control": "1167decd-0e55-4359-8fb2-599c490d89fa", "match": "267fd421-f705-11e8-b555-0800279aaa2b" }, { "control": "1fbd96df-158c-47a2-8dc5-a22c6f915a79", "match": "267fd462-f705-11e8-b555-0800279aaa2b" }, { "control": "8298dbd1-c18e-4f03-bb63-4867bfeaf716", "match": "267fd4ac-f705-11e8-b555-0800279aaa2b" }, { "control": "8298dbd1-c18e-4f03-bb63-4867bfeaf716", "match": "267fd4ed-f705-11e8-b555-0800279aaa2b" }, { "control": "6e2ed592-c992-4076-b9ec-b7e9a78a7029", "match": "267fd529-f705-11e8-b555-0800279aaa2b" }, { "control": "6e2ed592-c992-4076-b9ec-b7e9a78a7029", "match": "267fd567-f705-11e8-b555-0800279aaa2b" }, { "control": "6e2ed592-c992-4076-b9ec-b7e9a78a7029", "match": "267fd5ae-f705-11e8-b555-0800279aaa2b" }, { "control": "dab5cccf-c67d-45b0-a3d4-89ef9f51a2f2", "match": "267fd610-f705-11e8-b555-0800279aaa2b" }, { "control": "de075220-6acf-4ca7-837b-713b1f87f5f3", "match": "267fd659-f705-11e8-b555-0800279aaa2b" }, { "control": "8890016c-2883-4771-b346-2e8ec19ff2dd", "match": "267fd69f-f705-11e8-b555-0800279aaa2b" }, { "control": "7fe8f85a-6c22-4680-b076-88d74ba5c4e3", "match": "267fd6e4-f705-11e8-b555-0800279aaa2b" }, { "control": "c26bedb1-42f5-4154-8cea-b923b1103cfe", "match": "267fd723-f705-11e8-b555-0800279aaa2b" }, { "control": "7fe8f85a-6c22-4680-b076-88d74ba5c4e3", "match": "267fd761-f705-11e8-b555-0800279aaa2b" }, { "control": "26f82aa2-2a5b-49d9-92dd-53a2d98d743f", "match": "267fd7a0-f705-11e8-b555-0800279aaa2b" }, { "control": "069bd61a-62a9-4158-b5f9-59e4ee0c8614", "match": "267fd7dd-f705-11e8-b555-0800279aaa2b" }, { "control": "de075220-6acf-4ca7-837b-713b1f87f5f3", "match": "267fd81b-f705-11e8-b555-0800279aaa2b" }, { "control": "6c305573-67ac-488e-882a-8e94e6373355", "match": "267fd85b-f705-11e8-b555-0800279aaa2b" }, { "control": "d2cb623e-3cc6-46fd-bbe7-3239e5fa2626", "match": "267fd899-f705-11e8-b555-0800279aaa2b" }, { "control": "7fe8f85a-6c22-4680-b076-88d74ba5c4e3", "match": "267fd8d8-f705-11e8-b555-0800279aaa2b" }, { "control": "9389f178-57cb-4b52-b464-5b983d10ae90", "match": "267fd917-f705-11e8-b555-0800279aaa2b" }, { "control": "1d9e4229-e86e-4cb1-8e63-fd30711040dd", "match": "267fd954-f705-11e8-b555-0800279aaa2b" }, { "control": "8eda18e5-8a5e-404a-9f2b-1880fa0e400d", "match": "267fd993-f705-11e8-b555-0800279aaa2b" }, { "control": "26f82aa2-2a5b-49d9-92dd-53a2d98d743f", "match": "267fd9d0-f705-11e8-b555-0800279aaa2b" }, { "control": "276430e7-47c5-461b-a5c4-7b46dae11759", "match": "267fda0e-f705-11e8-b555-0800279aaa2b" }, { "control": "45d81142-d8b8-45c5-811b-8a636c404af8", "match": "267fda50-f705-11e8-b555-0800279aaa2b" }, { "control": "1a0fe2b2-4401-4d3d-b4a2-53d7d95a76c9", "match": "267fda8c-f705-11e8-b555-0800279aaa2b" }, { "control": "1a0fe2b2-4401-4d3d-b4a2-53d7d95a76c9", "match": "267fdacc-f705-11e8-b555-0800279aaa2b" }, { "control": "5773b0a9-8687-4802-9f19-2d1fba45e6a5", "match": "267fdb18-f705-11e8-b555-0800279aaa2b" }, { "control": "7df0a5ac-79b3-416c-8a38-c22f5c4d94d5", "match": "267fdb78-f705-11e8-b555-0800279aaa2b" }, { "control": "b56726a8-3883-4893-ae75-2ba555411148", "match": "267fdbf1-f705-11e8-b555-0800279aaa2b" }, { "control": "866a0676-f2bd-4499-ba25-cd6f9466969a", "match": "267fdc38-f705-11e8-b555-0800279aaa2b" }, { "control": "866a0676-f2bd-4499-ba25-cd6f9466969a", "match": "267fdc8c-f705-11e8-b555-0800279aaa2b" }, { "control": "866a0676-f2bd-4499-ba25-cd6f9466969a", "match": "267fdcf3-f705-11e8-b555-0800279aaa2b" }, { "control": "d5f93f4a-eac7-4200-b90b-c02db54c76f4", "match": "267fdd55-f705-11e8-b555-0800279aaa2b" }, { "control": "b2fc0199-a3a8-4386-88d1-0f3b776c3e5d", "match": "267fdda3-f705-11e8-b555-0800279aaa2b" }, { "control": "ed627a92-cb52-472a-aa2e-b981f8b12de5", "match": "267fddeb-f705-11e8-b555-0800279aaa2b" }, { "control": "ed627a92-cb52-472a-aa2e-b981f8b12de5", "match": "267fde31-f705-11e8-b555-0800279aaa2b" }, { "control": "07e0fb5e-7b82-4f85-b7c7-d22b205436b1", "match": "267fde78-f705-11e8-b555-0800279aaa2b" }, { "control": "1c03c68f-29a0-4606-b99d-072491f53e96", "match": "267fdeb8-f705-11e8-b555-0800279aaa2b" }, { "control": "432a79d3-45e9-477e-b63a-ab7566bb8590", "match": "267fdef6-f705-11e8-b555-0800279aaa2b" }, { "control": "497618e9-e495-42b6-b04e-21801f9c01f7", "match": "267fdf36-f705-11e8-b555-0800279aaa2b" }, { "control": "a197825e-e8f5-47f5-851d-66105a6fc3b2", "match": "267fdf76-f705-11e8-b555-0800279aaa2b" }, { "control": "a197825e-e8f5-47f5-851d-66105a6fc3b2", "match": "267fdfbe-f705-11e8-b555-0800279aaa2b" }, { "control": "a197825e-e8f5-47f5-851d-66105a6fc3b2", "match": "267fe022-f705-11e8-b555-0800279aaa2b" }, { "control": "7f58e55e-17f5-4dca-a7e5-4566192fa8f1", "match": "267fe08b-f705-11e8-b555-0800279aaa2b" }, { "control": "3d347675-c00a-4fa2-a0af-a5b66cbd8edd", "match": "267fe307-f705-11e8-b555-0800279aaa2b" }, { "control": "9f8e81c8-8a90-4b5e-bcf1-ff2e8b4384e8", "match": "267fe37d-f705-11e8-b555-0800279aaa2b" }, { "control": "6a6b0a5f-4e3a-4845-94cc-890aee7f19d9", "match": "267fe3de-f705-11e8-b555-0800279aaa2b" }, { "control": "7f58e55e-17f5-4dca-a7e5-4566192fa8f1", "match": "267fe510-f705-11e8-b555-0800279aaa2b" }, { "control": "3ff683de-9ca5-482d-8423-06d4d8e315a3", "match": "267fe58f-f705-11e8-b555-0800279aaa2b" }, { "control": "3ff683de-9ca5-482d-8423-06d4d8e315a3", "match": "267fe600-f705-11e8-b555-0800279aaa2b" }, { "control": "b2fc0199-a3a8-4386-88d1-0f3b776c3e5d", "match": "267fe600-f705-11e8-b555-0800279aaa2b" }, { "control": "744146f1-5a14-43c0-b675-8c2649486f64", "match": "267fe660-f705-11e8-b555-0800279aaa2b" }, { "control": "45d81142-d8b8-45c5-811b-8a636c404af8", "match": "267fe6b9-f705-11e8-b555-0800279aaa2b" }, { "control": "95882551-578c-4c0d-afe8-1dff2b251da4", "match": "267fe71a-f705-11e8-b555-0800279aaa2b" }, { "control": "c26bedb1-42f5-4154-8cea-b923b1103cfe", "match": "267fe782-f705-11e8-b555-0800279aaa2b" }, { "control": "991f8c55-2da0-4dbf-b604-cbadc8df8389", "match": "267fe7e9-f705-11e8-b555-0800279aaa2b" }, { "control": "00383120-11a9-4b95-bfb9-47b3d4975bcb", "match": "267fe847-f705-11e8-b555-0800279aaa2b" }, { "control": "3ddf1641-0529-44d2-8a23-b5811555cdd2", "match": "267fe8a1-f705-11e8-b555-0800279aaa2b" }, { "control": "5773b0a9-8687-4802-9f19-2d1fba45e6a5", "match": "267fe8fe-f705-11e8-b555-0800279aaa2b" }, { "control": "86fdcdd5-2d94-43ad-aab1-ccc64b3e42f7", "match": "267fe959-f705-11e8-b555-0800279aaa2b" }, { "control": "0aa214a8-51a6-45df-a279-03f04ea5c19e", "match": "267fe9b4-f705-11e8-b555-0800279aaa2b" }, { "control": "865ca2d0-30e8-47f2-9f25-4256943a0d72", "match": "267fea11-f705-11e8-b555-0800279aaa2b" }, { "control": "6a76bfdb-843e-4aa2-8cd7-f738f68845e4", "match": "267fea72-f705-11e8-b555-0800279aaa2b" } ], "version": 0 } 2022-02-21T13:50:17.977517+00:00 https://objects.monarc.lu/object/get/5104 2024-05-02T13:22:55.415430+00:00 MONARC [ { "controller": { "contact": "16, boulevard d\u2019Avranches L-1160 Luxembourg (+352) 274 00 98 601 info@securitymadein.lu", "name": "Security made in L\u00ebtzebuerg g.i.e." }, "name": "Gestion utilisateurs cloud (my.monarc.lu)", "personal_data": [ { "data_categories": [ { "name": "nom" }, { "name": "e-mail" }, { "name": "pr\u00e9nom" } ], "data_subject": "utilisateurs", "description": "Le nom et pr\u00e9nom sont utilis\u00e9s pour identifier les actions de l'utilisateurs sur l'outil. L'adresse mail est n\u00e9cessaire pour reinialiser le mot de passe et s'authentifier dans l'outil", "retention_period": 0, "retention_period_description": "Jusqu'\u00e0 que l'utilisateur supprime son compte ou apr\u00e8s une inactivit\u00e9 de deux ans", "retention_period_mode": "day(s)" } ], "processors": [ { "activities": "Backup H\u00e9bergement", "contact": "4 Rue d'Arlon, 8399 Windhof (+352) 26 10 30 61 info@conostix.com", "name": "CONOSTIX S.A.", "representative": { "contact": "4 Rue d'Arlon, 8399 Windhof (+352) 26 10 30 61 info@conostix.com", "name": "Yves de Pril" }, "security_measures": "Datacenter Tiers IV" } ], "purposes": "G\u00e9rer l'authentification des utilisateurs sur le cloud my.monarc.lu", "recipients": [ { "description": "L'\u00e9quipe CASES g\u00e8re la cr\u00e9ation et suppression des nouveaux utilisateurs", "name": "CASES", "type": "internal" } ], "representative": { "contact": "16, boulevard d\u2019Avranches L-1160 Luxembourg (+352) 274 00 98 601 info@securitymadein.lu", "name": "Pascal Steichen" }, "security_measures": "Backup Chiffrement Control d'acc\u00e8s" } ] 2022-05-17T09:39:22.418853+00:00 https://objects.monarc.lu/object/get/5138 2024-05-02T13:22:55.414207+00:00 MONARC { "object": { "asset": { "amvs": [], "asset": { "code": "CONT", "description": "Conteneur d'actifs", "label": "Conteneur", "language": "FR", "type": "Primary", "uuid": "d2023c8f-44d1-11e9-a78c-0800277f0571", "version": 1 }, "measures": [], "threats": [], "vuls": [] }, "children": [ { "asset": { "amvs": [ { "asset": "4447ebac-6831-4617-a653-4aedfe235faf", "threat": "b402d5f5-4576-11e9-9173-0800277f0571", "uuid": "26c8f378-14a7-4dda-885e-4e371ce0ed99", "vulnerability": "69fc01e7-4591-11e9-9173-0800277f0571" } ], "asset": { "code": "OV_IOT_ACTUATORS", "description": "", "label": "IoT - Actionneurs", "language": "FR", "type": "Secondary", "uuid": "4447ebac-6831-4617-a653-4aedfe235faf", "version": 1 }, "measures": [], "threats": [ { "a": false, "c": false, "code": "MDA18", "description": "R\u00e9ception et exploitation dans le syst\u00e8me d'information de l'organisme de donn\u00e9es erron\u00e9es ou de mat\u00e9riels non adapt\u00e9s provenant de sources ext\u00e9rieures.", "i": true, "label": "Information sans garantie de l'origine", "language": "FR", "theme": "Compromission des informations", "uuid": "b402d5f5-4576-11e9-9173-0800277f0571" } ], "vuls": [ { "code": "1094", "description": "", "label": "Le syst\u00e8me permet l'\u00e9mission et la r\u00e9ception d'information sans authentification des \u00e9metteurs ni des destinataires", "language": "FR", "mode": 0, "uuid": "69fc01e7-4591-11e9-9173-0800277f0571" } ] }, "children": [], "object": { "label": "Actionneur", "language": "FR", "name": "Actionneur", "scope": "local", "uuid": "5581f4e4-75ea-4fe0-ac43-a4d8311ab6bf", "version": 1 }, "rolfRisks": [], "rolfTags": [] }, { "asset": { "amvs": [ { "asset": "fcea8308-cdd4-4207-a324-ed3f2c6800ff", "threat": "b402d5af-4576-11e9-9173-0800277f0571", "uuid": "d1140297-6b68-4ccf-9716-665c0b3d4306", "vulnerability": "69fc0555-4591-11e9-9173-0800277f0571" } ], "asset": { "code": "OV_IOT_DEVICE", "description": "Partie physique de l'objet connect\u00e9", "label": "IoT - Partie physique de l'objet connect\u00e9", "language": "FR", "type": "Secondary", "uuid": "fcea8308-cdd4-4207-a324-ed3f2c6800ff", "version": 1 }, "measures": [], "threats": [ { "a": true, "c": true, "code": "MD36", "description": "Le mat\u00e9riel est accessible par des personnes \u00e9trang\u00e8res en interne ou en externe. Il est possible de le d\u00e9t\u00e9riorer ou de le voler.", "i": false, "label": "", "language": "FR", "theme": "Compromission des informations", "uuid": "b402d5af-4576-11e9-9173-0800277f0571" } ], "vuls": [ { "code": "1183", "description": "Des personnes non autoris\u00e9es peuvent acc\u00e9der \u00e0 l'information sans barri\u00e8res physiques ?Acc\u00e8s facile ? Locaux publics ? Passage ou couloir \u00e0 proximit\u00e9 ?", "label": "L'acc\u00e8s est possible pour des personnes n'ayant aucun motif de service", "language": "FR", "mode": 0, "uuid": "69fc0555-4591-11e9-9173-0800277f0571" } ] }, "children": [], "object": { "label": "Device", "language": "FR", "name": "Device", "scope": "local", "uuid": "59617857-43b1-4660-b571-3f75fa22a1ae", "version": 1 }, "rolfRisks": [], "rolfTags": [] }, { "asset": { "amvs": [ { "asset": "d2023de2-44d1-11e9-a78c-0800277f0571", "threat": "b402d513-4576-11e9-9173-0800277f0571", "uuid": "7f9fb547-4f02-11e9-b3ea-0800277f0571", "vulnerability": "69fc04ed-4591-11e9-9173-0800277f0571" }, { "asset": "d2023de2-44d1-11e9-a78c-0800277f0571", "threat": "b402d5ea-4576-11e9-9173-0800277f0571", "uuid": "7f9fb55e-4f02-11e9-b3ea-0800277f0571", "vulnerability": "69fc0627-4591-11e9-9173-0800277f0571" }, { "asset": "d2023de2-44d1-11e9-a78c-0800277f0571", "threat": "b402d513-4576-11e9-9173-0800277f0571", "uuid": "7f9fb58d-4f02-11e9-b3ea-0800277f0571", "vulnerability": "69fc05b4-4591-11e9-9173-0800277f0571" }, { "asset": "d2023de2-44d1-11e9-a78c-0800277f0571", "threat": "b402d5d5-4576-11e9-9173-0800277f0571", "uuid": "d2522441-1a7b-456f-8b4b-8f2d6b586632", "vulnerability": "69fc051f-4591-11e9-9173-0800277f0571" } ], "asset": { "code": "OV_IOT_OS", "description": "Syst\u00e8me d'exploitation ou middleware de l'objet connect\u00e9", "label": "IoT - Syst\u00e8me d'exploitation", "language": "FR", "type": "Secondary", "uuid": "d2023de2-44d1-11e9-a78c-0800277f0571", "version": 1 }, "measures": [], "threats": [ { "a": true, "c": false, "code": "MA15", "description": "Erreur de conception, erreur d'installation ou n\u00e9gligence d'exploitation commise lors de modification provoquant une ex\u00e9cution non-conforme.", "i": true, "label": "Dysfonctionnement logiciel", "language": "FR", "theme": "D\u00e9faillances techniques", "uuid": "b402d513-4576-11e9-9173-0800277f0571" }, { "a": true, "c": true, "code": "MDA17", "description": "Personne poss\u00e9dant des droits privil\u00e9gi\u00e9s (administrateur de r\u00e9seaux, personnel informaticien...) et pouvant modifier les caract\u00e9ristiques d'exploitation des ressources.", "i": true, "label": "Abus de droits", "language": "FR", "theme": "Compromission des fonctions", "uuid": "b402d5ea-4576-11e9-9173-0800277f0571" }, { "a": true, "c": true, "code": "MDA13", "description": "Logiciel non d\u00e9sir\u00e9 executant des op\u00e9rations cherchant \u00e0 nuire \u00e0 l'organisme.", "i": true, "label": "Infection par un malware", "language": "FR", "theme": "Compromission des informations", "uuid": "b402d5d5-4576-11e9-9173-0800277f0571" } ], "vuls": [ { "code": "1172", "description": "Y a-t-il des accords contractuels formels avec les tiers principaux ?Existe-t-il des r\u00e8gles d'intervention ? Nom de personnes ? D\u00e9lais ?", "label": "Pas d'accord de services avec les tiers (internes ou externes)", "language": "FR", "mode": 0, "uuid": "69fc04ed-4591-11e9-9173-0800277f0571" }, { "code": "1224", "description": "Liaison maintenue en permanence\u00c9changes en clair Absence de compte-rendu", "label": "La t\u00e9l\u00e9maintenance n'est pas g\u00e9r\u00e9e correctement par le fournisseur", "language": "FR", "mode": 0, "uuid": "69fc0627-4591-11e9-9173-0800277f0571" }, { "code": "1213", "description": "La gestion des changements sur les logiciels ou sur le syst\u00e8me d'information est elle correcte ?Planification des changements ? Estimation des charges ? Tests avant mise en production ?", "label": "Pr\u00e9sences de lacunes dans la gestion des changements ou la maintenance des logiciels", "language": "FR", "mode": 0, "uuid": "69fc05b4-4591-11e9-9173-0800277f0571" }, { "code": "1178", "description": "Existe-t-il une proc\u00e9dure ? Formelle ?Quelle est la p\u00e9riodicit\u00e9 d'application ? Qui est le responsable ?Des tests sont-ils effectu\u00e9s ? Avant ? Apr\u00e8s ?", "label": "La gestion des mises \u00e0 jour (patch) comporte des lacunes", "language": "FR", "mode": 0, "uuid": "69fc051f-4591-11e9-9173-0800277f0571" } ] }, "children": [], "object": { "label": "Syst\u00e8me d'exploitation", "language": "FR", "name": "Syst\u00e8me d'exploitation", "scope": "local", "uuid": "4b31e8dd-24d8-4780-aa62-d5f4fff53760", "version": 1 }, "rolfRisks": [], "rolfTags": [] }, { "asset": { "amvs": [ { "asset": "7b8a1bca-0172-43e5-89e6-590c6a7d76af", "threat": "b402d5df-4576-11e9-9173-0800277f0571", "uuid": "02c8ec95-756a-447b-916b-312b29c2e43c", "vulnerability": "69fc0101-4591-11e9-9173-0800277f0571" }, { "asset": "7b8a1bca-0172-43e5-89e6-590c6a7d76af", "threat": "b402d557-4576-11e9-9173-0800277f0571", "uuid": "4896c568-6eb2-4454-9d80-bad8f8106a0f", "vulnerability": "69fc0952-4591-11e9-9173-0800277f0571" } ], "asset": { "code": "OV_IOT_NETWORK_INTERFACE", "description": "IOT - Interface r\u00e9seau", "label": "IoT - Interface r\u00e9seau", "language": "FR", "type": "Secondary", "uuid": "7b8a1bca-0172-43e5-89e6-590c6a7d76af", "version": 1 }, "measures": [], "threats": [ { "a": true, "c": false, "code": "MDA16", "description": "Personne ou ressource de type mat\u00e9riel, logiciel ou r\u00e9seau simulant un besoin de ressource intense en provoquant un parasitage intense et continu de la ressource.", "i": false, "label": "Saturation du syst\u00e8me informatique", "language": "FR", "theme": "D\u00e9faillances techniques", "uuid": "b402d5df-4576-11e9-9173-0800277f0571" }, { "a": false, "c": true, "code": "MD15", "description": "Personne \u00e9tant connect\u00e9e aux \u00e9quipements ou aux supports de communication ou plac\u00e9e dans le p\u00e9rim\u00e8tre de couverture d'\u00e9mission d'une communication.", "i": false, "label": "\u00c9coute passive", "language": "FR", "theme": "Compromission des fonctions", "uuid": "b402d557-4576-11e9-9173-0800277f0571" } ], "vuls": [ { "code": "1070", "description": "", "label": "Mauvais dimensionnement des ressources (ex.: trop d'utilisateurs par rapport aux nombres possibles de connexions et \u00e0 la bande passante)", "language": "FR", "mode": 0, "uuid": "69fc0101-4591-11e9-9173-0800277f0571" }, { "code": "210", "description": "", "label": "Mat\u00e9riel disposant d'interface de communication \u00e9coutable (infra rouge, 802.11, Bluetooth...)", "language": "FR", "mode": 0, "uuid": "69fc0952-4591-11e9-9173-0800277f0571" } ] }, "children": [], "object": { "label": "Interfaces de communication", "language": "FR", "name": "Interface de communication", "scope": "local", "uuid": "926e6d32-9bca-4675-b817-b572f5947072", "version": 1 }, "rolfRisks": [], "rolfTags": [] }, { "asset": { "amvs": [ { "asset": "bc411cb6-d2fc-4e0c-8ed1-e5259e213e9b", "threat": "b402d5c9-4576-11e9-9173-0800277f0571", "uuid": "5cf11c67-0843-4dec-bb0e-c649d97a2bc4", "vulnerability": "69fc057e-4591-11e9-9173-0800277f0571" }, { "asset": "bc411cb6-d2fc-4e0c-8ed1-e5259e213e9b", "threat": "b402d620-4576-11e9-9173-0800277f0571", "uuid": "a162b328-c313-4464-80ba-f1db359d7655", "vulnerability": "69fc0f0d-4591-11e9-9173-0800277f0571" } ], "asset": { "code": "OV_IOT_STORAGE_LOCAL", "description": "El\u00e9ments sauvegard\u00e9s en local sur l'objet connect\u00e9", "label": "IoT - Storage local", "language": "FR", "type": "Secondary", "uuid": "bc411cb6-d2fc-4e0c-8ed1-e5259e213e9b", "version": 1 }, "measures": [], "threats": [ { "a": false, "c": true, "code": "MDA12", "description": "R\u00e9cup\u00e9ration de supports \u00e9lectroniques (disques durs, disquettes, cartouches de sauvegarde, cl\u00e9s USB, disquettes ZIP, disques durs amovibles...) ou papier (listing, \u00e9ditions incompl\u00e8tes, messages...) destin\u00e9s au recyclage et contenant des informations r\u00e9c", "i": false, "label": "R\u00e9cup\u00e9ration de supports recycl\u00e9s ou mis au rebut", "language": "FR", "theme": "Compromission des informations", "uuid": "b402d5c9-4576-11e9-9173-0800277f0571" }, { "a": true, "c": false, "code": "MDA29", "description": "Ev\u00e8nement provoquant la destruction d\u2019un mat\u00e9riel ou d'un support.", "i": false, "label": "Destruction de mat\u00e9riel ou de supports", "language": "FR", "theme": "Sinistres physiques", "uuid": "b402d620-4576-11e9-9173-0800277f0571" } ], "vuls": [ { "code": "1191", "description": "Existe-t-il une proc\u00e9dure formelle ?Est-elle respect\u00e9e ?La chaine de mise au rebut est-elle correcte ?", "label": "La mise au rebut n'est pas correctement assur\u00e9e", "language": "FR", "mode": 0, "uuid": "69fc057e-4591-11e9-9173-0800277f0571" }, { "code": "283", "description": "", "label": "Absence de sauvegarde des donn\u00e9es contenues sur les supports", "language": "FR", "mode": 0, "uuid": "69fc0f0d-4591-11e9-9173-0800277f0571" } ] }, "children": [], "object": { "label": "Storage local", "language": "FR", "name": "Storage local", "scope": "local", "uuid": "7da319ff-851c-414f-bb76-50cfc48254b5", "version": 1 }, "rolfRisks": [], "rolfTags": [] }, { "asset": { "amvs": [ { "asset": "d2023dd3-44d1-11e9-a78c-0800277f0571", "threat": "b402d4e0-4576-11e9-9173-0800277f0571", "uuid": "1631becd-9756-46f3-b23d-a3d93bac3fab", "vulnerability": "69fc0515-4591-11e9-9173-0800277f0571" }, { "asset": "d2023dd3-44d1-11e9-a78c-0800277f0571", "threat": "b402d600-4576-11e9-9173-0800277f0571", "uuid": "7f9fb735-4f02-11e9-b3ea-0800277f0571", "vulnerability": "69fc04e2-4591-11e9-9173-0800277f0571" }, { "asset": "d2023dd3-44d1-11e9-a78c-0800277f0571", "threat": "b402d530-4576-11e9-9173-0800277f0571", "uuid": "7f9fb74c-4f02-11e9-b3ea-0800277f0571", "vulnerability": "69fc04c4-4591-11e9-9173-0800277f0571" }, { "asset": "d2023dd3-44d1-11e9-a78c-0800277f0571", "threat": "b402d530-4576-11e9-9173-0800277f0571", "uuid": "7f9fb763-4f02-11e9-b3ea-0800277f0571", "vulnerability": "69fc04d1-4591-11e9-9173-0800277f0571" }, { "asset": "d2023dd3-44d1-11e9-a78c-0800277f0571", "threat": "b402d600-4576-11e9-9173-0800277f0571", "uuid": "7f9fb77a-4f02-11e9-b3ea-0800277f0571", "vulnerability": "69fc061d-4591-11e9-9173-0800277f0571" }, { "asset": "d2023dd3-44d1-11e9-a78c-0800277f0571", "threat": "b402d58f-4576-11e9-9173-0800277f0571", "uuid": "7f9fb7a9-4f02-11e9-b3ea-0800277f0571", "vulnerability": "69fc1924-4591-11e9-9173-0800277f0571" }, { "asset": "d2023dd3-44d1-11e9-a78c-0800277f0571", "threat": "b402d557-4576-11e9-9173-0800277f0571", "uuid": "7f9fb7ca-4f02-11e9-b3ea-0800277f0571", "vulnerability": "69fc0560-4591-11e9-9173-0800277f0571" } ], "asset": { "code": "OV_IOT_APP", "description": "Application du device IOT", "label": "IoT - Application utilisateur", "language": "FR", "type": "Secondary", "uuid": "d2023dd3-44d1-11e9-a78c-0800277f0571", "version": 1 }, "measures": [], "threats": [ { "a": true, "c": true, "code": "MA11", "description": "Personne commettant une erreur de manipulation, de saisie, d'utilisation de mat\u00e9riels ou logiciels.", "i": true, "label": "Erreur d'utilisation", "language": "FR", "theme": "Compromission des fonctions", "uuid": "b402d4e0-4576-11e9-9173-0800277f0571" }, { "a": false, "c": true, "code": "MDA20", "description": "Personne qui, volontairement ou par n\u00e9gligence, diffuse de l'information .", "i": false, "label": "Divulgation d'information", "language": "FR", "theme": "Compromission des informations", "uuid": "b402d600-4576-11e9-9173-0800277f0571" }, { "a": true, "c": true, "code": "MD14", "description": "Personne se faisant passer pour une autre de mani\u00e8re \u00e0 utiliser ces privil\u00e8ges d'acc\u00e8s au syst\u00e8me d'information, d\u00e9sinformer le destinataire, r\u00e9aliser une fraude\u2026", "i": true, "label": "Usurpation de droits", "language": "FR", "theme": "Compromission des fonctions", "uuid": "b402d530-4576-11e9-9173-0800277f0571" }, { "a": false, "c": false, "code": "MD24", "description": "Une personne ou une entit\u00e9 renie sa participation \u00e0 un \u00e9change avec un tiers ou \u00e0 la r\u00e9alisation d'une op\u00e9ration.", "i": true, "label": "Reniement d'actions", "language": "FR", "theme": "Compromission des fonctions", "uuid": "b402d58f-4576-11e9-9173-0800277f0571" }, { "a": false, "c": true, "code": "MD15", "description": "Personne \u00e9tant connect\u00e9e aux \u00e9quipements ou aux supports de communication ou plac\u00e9e dans le p\u00e9rim\u00e8tre de couverture d'\u00e9mission d'une communication.", "i": false, "label": "\u00c9coute passive", "language": "FR", "theme": "Compromission des fonctions", "uuid": "b402d557-4576-11e9-9173-0800277f0571" } ], "vuls": [ { "code": "1177", "description": "L'ergonomie du logiciel pose-t-elle des probl\u00e8mes ?Est-il complexe \u00e0 comprendre ou \u00e0 utiliser ?Le temps de formation ou d'adaptation est-il long ? Existe-t-il des cas d'erreurs connus ?", "label": "Outils ou programmes non adapt\u00e9s \u00e0 l'utilisation ou non ergonomiques", "language": "FR", "mode": 0, "uuid": "69fc0515-4591-11e9-9173-0800277f0571" }, { "code": "1168", "description": "Est-ce que toutes les autorisations sont donn\u00e9es en respectant ce principe ?", "label": "Le principe de besoin d'en conna\u00eetre n'est pas respect\u00e9", "language": "FR", "mode": 0, "uuid": "69fc04e2-4591-11e9-9173-0800277f0571" }, { "code": "1166", "description": "Y a-t-il une proc\u00e9dure formelle ?Qui autorise les acc\u00e8s ?Le principe de 4 yeux est-il respect\u00e9 ?", "label": "La gestion des autorisations comporte des failles", "language": "FR", "mode": 0, "uuid": "69fc04c4-4591-11e9-9173-0800277f0571" }, { "code": "1167", "description": "Y a-t-il une politique de mots de passe ?Bonnes pratiques (longueur, complexit\u00e9, changement ...) ?Y a-t-il un compte par personne ?Y a-t-il des comptes partag\u00e9s ?", "label": "L'authentification des utilisateurs n'est pas assur\u00e9e", "language": "FR", "mode": 0, "uuid": "69fc04d1-4591-11e9-9173-0800277f0571" }, { "code": "1221", "description": "Y a-t-il possibilit\u00e9 d'exporter les donn\u00e9es ?\u00c9galement en format structur\u00e9 (XLS, CSV, XML, etc.) ?", "label": "Les droits de l'utilisateur permettent l\u2019export de l'information", "language": "FR", "mode": 0, "uuid": "69fc061d-4591-11e9-9173-0800277f0571" }, { "code": "50", "description": "Y a-t-il des logs ?Sont-ils suffisants au regard des contr\u00f4les \u00e0 effectuer ?", "label": "Absence de conservation des traces des activit\u00e9s", "language": "FR", "mode": 0, "uuid": "69fc1924-4591-11e9-9173-0800277f0571" }, { "code": "1184", "description": "Le moyen de communication est-il chiffr\u00e9 ?Le moyen de communication est-il accessible par des tiers ?", "label": "Utilisation d'un moyen de communication non s\u00e9curis\u00e9", "language": "FR", "mode": 0, "uuid": "69fc0560-4591-11e9-9173-0800277f0571" } ] }, "children": [], "object": { "label": "Application", "language": "FR", "name": "Application", "scope": "local", "uuid": "cbfb813a-3e9c-415c-9ece-9c2bd7c781b7", "version": 1 }, "rolfRisks": [], "rolfTags": [] }, { "asset": { "amvs": [ { "asset": "fa281f62-931c-47dd-82b6-976e543a2168", "threat": "b402d5f5-4576-11e9-9173-0800277f0571", "uuid": "15715227-f575-462b-b467-236532cddbb6", "vulnerability": "69fc01e7-4591-11e9-9173-0800277f0571" } ], "asset": { "code": "OV_IOT_SENSORS", "description": "", "label": "IoT - Capteur", "language": "FR", "type": "Secondary", "uuid": "fa281f62-931c-47dd-82b6-976e543a2168", "version": 1 }, "measures": [], "threats": [ { "a": false, "c": false, "code": "MDA18", "description": "R\u00e9ception et exploitation dans le syst\u00e8me d'information de l'organisme de donn\u00e9es erron\u00e9es ou de mat\u00e9riels non adapt\u00e9s provenant de sources ext\u00e9rieures.", "i": true, "label": "Information sans garantie de l'origine", "language": "FR", "theme": "Compromission des informations", "uuid": "b402d5f5-4576-11e9-9173-0800277f0571" } ], "vuls": [ { "code": "1094", "description": "", "label": "Le syst\u00e8me permet l'\u00e9mission et la r\u00e9ception d'information sans authentification des \u00e9metteurs ni des destinataires", "language": "FR", "mode": 0, "uuid": "69fc01e7-4591-11e9-9173-0800277f0571" } ] }, "children": [], "object": { "label": "Capteur", "language": "FR", "name": "Capteur", "scope": "local", "uuid": "e1473c38-42fc-4124-8b66-595ed18c1db2", "version": 1 }, "rolfRisks": [], "rolfTags": [] } ], "object": { "label": "Objet connect\u00e9", "language": "FR", "name": "Objet connect\u00e9", "scope": "local", "uuid": "0ceec4ea-73c0-4055-bcf1-819346ffdd0b", "version": 1 }, "rolfRisks": [], "rolfTags": [] } } 2022-08-03T11:33:57.667923+00:00 https://objects.monarc.lu/object/get/5139 2024-05-02T13:22:55.412964+00:00 MONARC { "object": { "asset": { "amvs": [], "asset": { "code": "CONT", "description": "Asset container", "label": "Container", "language": "EN", "type": "Primary", "uuid": "d2023c8f-44d1-11e9-a78c-0800277f0571", "version": 0 }, "measures": [], "threats": [], "vuls": [] }, "children": [ { "asset": { "amvs": [ { "asset": "4447ebac-6831-4617-a653-4aedfe235faf", "threat": "b402d5f5-4576-11e9-9173-0800277f0571", "uuid": "26c8f378-14a7-4dda-885e-4e371ce0ed99", "vulnerability": "69fc01e7-4591-11e9-9173-0800277f0571" } ], "asset": { "code": "OV_IOT_ACTUATORS", "description": "", "label": "IoT - Actuators", "language": "EN", "type": "Secondary", "uuid": "4447ebac-6831-4617-a653-4aedfe235faf", "version": 0 }, "measures": [], "threats": [ { "a": false, "c": false, "code": "MDA18", "description": "Receiving false data or unsuitable equipment from outside sources and using them in the organisation.", "i": true, "label": "Data from untrustworthy sources", "language": "EN", "theme": "Compromise of information", "uuid": "b402d5f5-4576-11e9-9173-0800277f0571" } ], "vuls": [ { "code": "1094", "description": "", "label": "The system allows information to be sent and received without authentication of the senders or recipients", "language": "EN", "mode": 0, "uuid": "69fc01e7-4591-11e9-9173-0800277f0571" } ] }, "children": [], "object": { "label": "Actuator", "language": "EN", "name": "Actuator", "scope": "local", "uuid": "5581f4e4-75ea-4fe0-ac43-a4d8311ab6bf", "version": 0 }, "rolfRisks": [], "rolfTags": [] }, { "asset": { "amvs": [ { "asset": "fcea8308-cdd4-4207-a324-ed3f2c6800ff", "threat": "b402d5af-4576-11e9-9173-0800277f0571", "uuid": "d1140297-6b68-4ccf-9716-665c0b3d4306", "vulnerability": "69fc0555-4591-11e9-9173-0800277f0571" } ], "asset": { "code": "OV_IOT_DEVICE", "description": "", "label": "IoT - Physical part of the IoT", "language": "EN", "type": "Secondary", "uuid": "fcea8308-cdd4-4207-a324-ed3f2c6800ff", "version": 0 }, "measures": [], "threats": [ { "a": true, "c": true, "code": "MD36", "description": "Media, documents or equipment can be accessed by foreigners either internally or externally. It can be damaged or stolen.", "i": false, "label": "Theft or destruction of media, documents or equipment", "language": "EN", "theme": "Compromise of information", "uuid": "b402d5af-4576-11e9-9173-0800277f0571" } ], "vuls": [ { "code": "1183", "description": "Can unauthorised persons access information without physical barriers?Is it easy to access? Are the premises public? Is there a passage or corridor nearby?", "label": "Persons without a service reason can gain access", "language": "EN", "mode": 0, "uuid": "69fc0555-4591-11e9-9173-0800277f0571" } ] }, "children": [], "object": { "label": "Device", "language": "EN", "name": "Device", "scope": "local", "uuid": "59617857-43b1-4660-b571-3f75fa22a1ae", "version": 0 }, "rolfRisks": [], "rolfTags": [] }, { "asset": { "amvs": [ { "asset": "d2023de2-44d1-11e9-a78c-0800277f0571", "threat": "b402d513-4576-11e9-9173-0800277f0571", "uuid": "7f9fb547-4f02-11e9-b3ea-0800277f0571", "vulnerability": "69fc04ed-4591-11e9-9173-0800277f0571" }, { "asset": "d2023de2-44d1-11e9-a78c-0800277f0571", "threat": "b402d5ea-4576-11e9-9173-0800277f0571", "uuid": "7f9fb55e-4f02-11e9-b3ea-0800277f0571", "vulnerability": "69fc0627-4591-11e9-9173-0800277f0571" }, { "asset": "d2023de2-44d1-11e9-a78c-0800277f0571", "threat": "b402d513-4576-11e9-9173-0800277f0571", "uuid": "7f9fb58d-4f02-11e9-b3ea-0800277f0571", "vulnerability": "69fc05b4-4591-11e9-9173-0800277f0571" }, { "asset": "d2023de2-44d1-11e9-a78c-0800277f0571", "threat": "b402d5d5-4576-11e9-9173-0800277f0571", "uuid": "d2522441-1a7b-456f-8b4b-8f2d6b586632", "vulnerability": "69fc051f-4591-11e9-9173-0800277f0571" } ], "asset": { "code": "OV_MAINTENANCE", "description": "Software maintenance", "label": "Software maintenance", "language": "EN", "type": "Secondary", "uuid": "d2023de2-44d1-11e9-a78c-0800277f0571", "version": 0 }, "measures": [], "threats": [ { "a": true, "c": false, "code": "MA15", "description": "Design error, installation error or operating error committed during modification causing incorrect execution.", "i": true, "label": "Software malfunction", "language": "EN", "theme": "Technical failures", "uuid": "b402d513-4576-11e9-9173-0800277f0571" }, { "a": true, "c": true, "code": "MDA17", "description": "Someone with special rights (network administration, computer specialists, etc.) modifies the operating characteristics of the resources.", "i": true, "label": "Abuse of rights", "language": "EN", "theme": "Compromise of functions", "uuid": "b402d5ea-4576-11e9-9173-0800277f0571" }, { "a": true, "c": true, "code": "MDA13", "description": "Unwanted software that is doing operations seeking to harm the company.", "i": true, "label": "Malware infection", "language": "EN", "theme": "Compromise of information", "uuid": "b402d5d5-4576-11e9-9173-0800277f0571" } ], "vuls": [ { "code": "1172", "description": "Are there formal contractual agreements with the main third parties?Are there intervention rules? People's names? Timeframes?", "label": "No SLAs with third parties (internal or external)", "language": "EN", "mode": 0, "uuid": "69fc04ed-4591-11e9-9173-0800277f0571" }, { "code": "1224", "description": "Link permanently maintainedUnencrypted exchangesNo record", "label": "The supplier does not manage remote maintenance properly", "language": "EN", "mode": 0, "uuid": "69fc0627-4591-11e9-9173-0800277f0571" }, { "code": "1213", "description": "Is change management for software or the IT system correct?Is there planning for changes? Cost estimates? Tests before production begins?", "label": "Problems in change management or software maintenance", "language": "EN", "mode": 0, "uuid": "69fc05b4-4591-11e9-9173-0800277f0571" }, { "code": "1178", "description": "Is there a procedure? Is it formal?How frequently is it implemented? Who is in charge?Are tests performed? Before? After?", "label": "Update management (patches) is flawed", "language": "EN", "mode": 0, "uuid": "69fc051f-4591-11e9-9173-0800277f0571" } ] }, "children": [], "object": { "label": "Operating system", "language": "EN", "name": "Operating system", "scope": "local", "uuid": "4b31e8dd-24d8-4780-aa62-d5f4fff53760", "version": 0 }, "rolfRisks": [], "rolfTags": [] }, { "asset": { "amvs": [ { "asset": "7b8a1bca-0172-43e5-89e6-590c6a7d76af", "threat": "b402d5df-4576-11e9-9173-0800277f0571", "uuid": "02c8ec95-756a-447b-916b-312b29c2e43c", "vulnerability": "69fc0101-4591-11e9-9173-0800277f0571" }, { "asset": "7b8a1bca-0172-43e5-89e6-590c6a7d76af", "threat": "b402d557-4576-11e9-9173-0800277f0571", "uuid": "4896c568-6eb2-4454-9d80-bad8f8106a0f", "vulnerability": "69fc0952-4591-11e9-9173-0800277f0571" } ], "asset": { "code": "OV_IOT_NETWORK_INTERFACE", "description": "IoT - Network interface", "label": "IoT - Interface r\u00e9seau", "language": "EN", "type": "Secondary", "uuid": "7b8a1bca-0172-43e5-89e6-590c6a7d76af", "version": 0 }, "measures": [], "threats": [ { "a": true, "c": false, "code": "MDA16", "description": "A person or resource of a hardware, software or network type simulating an intense demand on resources by setting up continuous bombardment.", "i": false, "label": "Saturation of the information system", "language": "EN", "theme": "Technical failures", "uuid": "b402d5df-4576-11e9-9173-0800277f0571" }, { "a": false, "c": true, "code": "MD15", "description": "Someone connected to communication equipment or media or located inside the transmission coverage boundaries of a communication.", "i": false, "label": "Eavesdropping", "language": "EN", "theme": "Compromise of functions", "uuid": "b402d557-4576-11e9-9173-0800277f0571" } ], "vuls": [ { "code": "1070", "description": "", "label": "Incorrect sizing of resources (e.g. too many users for the number of connections possible and the passband)", "language": "EN", "mode": 0, "uuid": "69fc0101-4591-11e9-9173-0800277f0571" }, { "code": "210", "description": "", "label": "Equipment with a communication interface that can be eavesdropped (infrared, 802.11, Bluetooth, etc.)", "language": "EN", "mode": 0, "uuid": "69fc0952-4591-11e9-9173-0800277f0571" } ] }, "children": [], "object": { "label": "Communication interface", "language": "EN", "name": "Communication interface", "scope": "local", "uuid": "926e6d32-9bca-4675-b817-b572f5947072", "version": 0 }, "rolfRisks": [], "rolfTags": [] }, { "asset": { "amvs": [ { "asset": "bc411cb6-d2fc-4e0c-8ed1-e5259e213e9b", "threat": "b402d5c9-4576-11e9-9173-0800277f0571", "uuid": "5cf11c67-0843-4dec-bb0e-c649d97a2bc4", "vulnerability": "69fc057e-4591-11e9-9173-0800277f0571" }, { "asset": "bc411cb6-d2fc-4e0c-8ed1-e5259e213e9b", "threat": "b402d620-4576-11e9-9173-0800277f0571", "uuid": "a162b328-c313-4464-80ba-f1db359d7655", "vulnerability": "69fc0f0d-4591-11e9-9173-0800277f0571" } ], "asset": { "code": "OV_IOT_STORAGE_LOCAL", "description": "", "label": "IoT - Local Storage", "language": "EN", "type": "Secondary", "uuid": "bc411cb6-d2fc-4e0c-8ed1-e5259e213e9b", "version": 0 }, "measures": [], "threats": [ { "a": false, "c": true, "code": "MDA12", "description": "Retrieval of electronic media (hard discs, floppy discs, back-up cartridges, USB keys, ZIP discs, removable hard discs, etc.) or paper copies (lists, incomplete print-outs, messages, etc.) intended for recycling and containing retrievable information.", "i": false, "label": "Retrieval of recycled or discarded media", "language": "EN", "theme": "Compromise of information", "uuid": "b402d5c9-4576-11e9-9173-0800277f0571" }, { "a": true, "c": false, "code": "MDA29", "description": "Event causing destruction of equipment or media.", "i": false, "label": "Destruction of equipment or supports", "language": "EN", "theme": "Physical damage", "uuid": "b402d620-4576-11e9-9173-0800277f0571" } ], "vuls": [ { "code": "1191", "description": "Is there a formal procedure?Is it followed?Is the disposal line correct?", "label": "Disposal is not carried out properly", "language": "EN", "mode": 0, "uuid": "69fc057e-4591-11e9-9173-0800277f0571" }, { "code": "283", "description": "", "label": "No back-up of data contained on the media", "language": "EN", "mode": 0, "uuid": "69fc0f0d-4591-11e9-9173-0800277f0571" } ] }, "children": [], "object": { "label": "Local storage", "language": "EN", "name": "Local storage", "scope": "local", "uuid": "7da319ff-851c-414f-bb76-50cfc48254b5", "version": 0 }, "rolfRisks": [], "rolfTags": [] }, { "asset": { "amvs": [ { "asset": "d2023dd3-44d1-11e9-a78c-0800277f0571", "threat": "b402d4e0-4576-11e9-9173-0800277f0571", "uuid": "1631becd-9756-46f3-b23d-a3d93bac3fab", "vulnerability": "69fc0515-4591-11e9-9173-0800277f0571" }, { "asset": "d2023dd3-44d1-11e9-a78c-0800277f0571", "threat": "b402d600-4576-11e9-9173-0800277f0571", "uuid": "7f9fb735-4f02-11e9-b3ea-0800277f0571", "vulnerability": "69fc04e2-4591-11e9-9173-0800277f0571" }, { "asset": "d2023dd3-44d1-11e9-a78c-0800277f0571", "threat": "b402d530-4576-11e9-9173-0800277f0571", "uuid": "7f9fb74c-4f02-11e9-b3ea-0800277f0571", "vulnerability": "69fc04c4-4591-11e9-9173-0800277f0571" }, { "asset": "d2023dd3-44d1-11e9-a78c-0800277f0571", "threat": "b402d530-4576-11e9-9173-0800277f0571", "uuid": "7f9fb763-4f02-11e9-b3ea-0800277f0571", "vulnerability": "69fc04d1-4591-11e9-9173-0800277f0571" }, { "asset": "d2023dd3-44d1-11e9-a78c-0800277f0571", "threat": "b402d600-4576-11e9-9173-0800277f0571", "uuid": "7f9fb77a-4f02-11e9-b3ea-0800277f0571", "vulnerability": "69fc061d-4591-11e9-9173-0800277f0571" }, { "asset": "d2023dd3-44d1-11e9-a78c-0800277f0571", "threat": "b402d58f-4576-11e9-9173-0800277f0571", "uuid": "7f9fb7a9-4f02-11e9-b3ea-0800277f0571", "vulnerability": "69fc1924-4591-11e9-9173-0800277f0571" }, { "asset": "d2023dd3-44d1-11e9-a78c-0800277f0571", "threat": "b402d557-4576-11e9-9173-0800277f0571", "uuid": "7f9fb7ca-4f02-11e9-b3ea-0800277f0571", "vulnerability": "69fc0560-4591-11e9-9173-0800277f0571" } ], "asset": { "code": "OV_LOGICIEL", "description": "Business application", "label": "Software", "language": "EN", "type": "Secondary", "uuid": "d2023dd3-44d1-11e9-a78c-0800277f0571", "version": 0 }, "measures": [], "threats": [ { "a": true, "c": true, "code": "MA11", "description": "A person commits an operating error, input error or utilisation error on hardware or software.", "i": true, "label": "Error in use", "language": "EN", "theme": "Compromise of functions", "uuid": "b402d4e0-4576-11e9-9173-0800277f0571" }, { "a": false, "c": true, "code": "MDA20", "description": "Person who voluntarily or negligently disclosure information.", "i": false, "label": "Disclosure", "language": "EN", "theme": "Compromise of information", "uuid": "b402d600-4576-11e9-9173-0800277f0571" }, { "a": true, "c": true, "code": "MD14", "description": "A person assumes the identity of a different person in order to use his/her access rights to the information system, misinform the recipient, commit a fraud, etc.", "i": true, "label": "Forging of rights", "language": "EN", "theme": "Compromise of functions", "uuid": "b402d530-4576-11e9-9173-0800277f0571" }, { "a": false, "c": false, "code": "MD24", "description": "A person or entity denies being involved in an exchange with a third party or carrying out an operation.", "i": true, "label": "Denial of actions", "language": "EN", "theme": "Compromise of functions", "uuid": "b402d58f-4576-11e9-9173-0800277f0571" }, { "a": false, "c": true, "code": "MD15", "description": "Someone connected to communication equipment or media or located inside the transmission coverage boundaries of a communication.", "i": false, "label": "Eavesdropping", "language": "EN", "theme": "Compromise of functions", "uuid": "b402d557-4576-11e9-9173-0800277f0571" } ], "vuls": [ { "code": "1177", "description": "Does the software's design cause users problems?Is it complicated to understand or use?Does training or adaptation take a long time? Are there any known errors?", "label": "Tools or programs are not adapted for use or are not ergonomic", "language": "EN", "mode": 0, "uuid": "69fc0515-4591-11e9-9173-0800277f0571" }, { "code": "1168", "description": "Are all authorisations granted in compliance with this principle?", "label": "The need-to-know principle is not respected", "language": "EN", "mode": 0, "uuid": "69fc04e2-4591-11e9-9173-0800277f0571" }, { "code": "1166", "description": "Is there a formal procedure?Who authorises access?Is the four-eyes principle followed?", "label": "Authorisation management is flawed", "language": "EN", "mode": 0, "uuid": "69fc04c4-4591-11e9-9173-0800277f0571" }, { "code": "1167", "description": "Is there a password policy?Are there good practices (length, complexity, change, etc.)?Is there one account per person?Are there shared accounts?", "label": "User authentication is not ensured", "language": "EN", "mode": 0, "uuid": "69fc04d1-4591-11e9-9173-0800277f0571" }, { "code": "1221", "description": "Can data be exported?Also in a structured format (XLS, CSV, XML, etc.)?", "label": "User rights allow information to be exported", "language": "EN", "mode": 0, "uuid": "69fc061d-4591-11e9-9173-0800277f0571" }, { "code": "50", "description": "Are there logs?Are they sufficient in terms of the checks to be carried out?", "label": "No storage of activity tracks", "language": "EN", "mode": 0, "uuid": "69fc1924-4591-11e9-9173-0800277f0571" }, { "code": "1184", "description": "Is the method of communication encrypted?Could third parties access the method of communication?", "label": "Use of an unsecured method of communication", "language": "EN", "mode": 0, "uuid": "69fc0560-4591-11e9-9173-0800277f0571" } ] }, "children": [], "object": { "label": "Application", "language": "EN", "name": "Application", "scope": "local", "uuid": "cbfb813a-3e9c-415c-9ece-9c2bd7c781b7", "version": 0 }, "rolfRisks": [], "rolfTags": [] }, { "asset": { "amvs": [ { "asset": "fa281f62-931c-47dd-82b6-976e543a2168", "threat": "b402d5f5-4576-11e9-9173-0800277f0571", "uuid": "15715227-f575-462b-b467-236532cddbb6", "vulnerability": "69fc01e7-4591-11e9-9173-0800277f0571" } ], "asset": { "code": "OV_IOT_SENSORS", "description": "", "label": "IoT - Sensor", "language": "EN", "type": "Secondary", "uuid": "fa281f62-931c-47dd-82b6-976e543a2168", "version": 0 }, "measures": [], "threats": [ { "a": false, "c": false, "code": "MDA18", "description": "Receiving false data or unsuitable equipment from outside sources and using them in the organisation.", "i": true, "label": "Data from untrustworthy sources", "language": "EN", "theme": "Compromise of information", "uuid": "b402d5f5-4576-11e9-9173-0800277f0571" } ], "vuls": [ { "code": "1094", "description": "", "label": "The system allows information to be sent and received without authentication of the senders or recipients", "language": "EN", "mode": 0, "uuid": "69fc01e7-4591-11e9-9173-0800277f0571" } ] }, "children": [], "object": { "label": "Sensor", "language": "EN", "name": "Sensor", "scope": "local", "uuid": "e1473c38-42fc-4124-8b66-595ed18c1db2", "version": 0 }, "rolfRisks": [], "rolfTags": [] } ], "object": { "label": "IoT", "language": "EN", "name": "IoT", "scope": "local", "uuid": "0ceec4ea-73c0-4055-bcf1-819346ffdd0b", "version": 0 }, "rolfRisks": [], "rolfTags": [] } } 2022-08-03T11:34:34.109411+00:00 https://objects.monarc.lu/object/get/132 2024-05-02T13:22:55.412825+00:00 MONARC { "code": "1102", "description": "", "label": "The system allows asynchronous operation of certain parts or commands of the operating system to be exploited (e.g. automatic opening of attachments)", "language": "EN", "uuid": "69fc024f-4591-11e9-9173-0800277f0571" } 2022-08-03T11:56:47.382993+00:00 https://objects.monarc.lu/object/get/5234 2024-05-02T13:22:55.412111+00:00 Various contributors { "label": "ISO 27017 - ISO/IEC 27002 [2022]", "security referentials UUID": [ "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "831acc76-2bcc-4376-836a-f6b0ee6df568" ], "uuid": "292a1fb7-e86c-4e29-9b10-34efc98f553e", "values": [ { "control": "256e6e9e-cd8b-440a-843b-264e85d582f7", "match": "00383120-11a9-4b95-bfb9-47b3d4975bcb" }, { "control": "64c2a025-e7bf-4ac3-9ab2-431910fff804", "match": "00383120-11a9-4b95-bfb9-47b3d4975bcb" }, { "control": "2f9175dc-3c0e-48d6-b1cb-687009bbf392", "match": "006fc402-2bba-4bcb-85b6-7bb9de4c54cd" }, { "control": "d41b6bc1-82a4-4791-b276-dbbb8d833a33", "match": "00e9c4c9-c718-4834-a312-c08abb03838c" }, { "control": "f34f88d5-7e52-4516-a734-096a09ef1d9b", "match": "069bd61a-62a9-4158-b5f9-59e4ee0c8614" }, { "control": "34ac073d-80ad-4503-b748-bcbad097ea26", "match": "07285d43-9ee2-406b-a9fa-3ad36650054b" }, { "control": "4ab927a0-835d-4122-8377-ed08c418b1c5", "match": "07e0fb5e-7b82-4f85-b7c7-d22b205436b1" }, { "control": "3b7c3fa7-d143-483c-9c26-4908a55979d5", "match": "096b291e-bded-40aa-a3f7-492bcc5dcf4c" }, { "control": "ff7435b8-55f6-46bb-ae61-ddb09c731348", "match": "0a23f517-b172-47b2-bc0a-0f693d2900b0" }, { "control": "66d299d8-e55f-42d7-997b-e5f69392ed82", "match": "0aa214a8-51a6-45df-a279-03f04ea5c19e" }, { "control": "2327176c-b127-4ad3-a1a9-710467ea246f", "match": "1167decd-0e55-4359-8fb2-599c490d89fa" }, { "control": "55f40782-51f0-4e9a-9cae-3898190144c4", "match": "1167decd-0e55-4359-8fb2-599c490d89fa" }, { "control": "bae65eff-a2eb-4da1-899c-539f30f94963", "match": "1167decd-0e55-4359-8fb2-599c490d89fa" }, { "control": "f36660f5-1485-4aca-9757-1dd5399e9cee", "match": "1167decd-0e55-4359-8fb2-599c490d89fa" }, { "control": "b5005f3e-bdc7-4367-8f96-46dd795399c3", "match": "14667423-4f22-49dd-a0fc-bbf3c25597d3" }, { "control": "b98389fe-8024-4d51-90bb-869962c97898", "match": "14667423-4f22-49dd-a0fc-bbf3c25597d3" }, { "control": "62b6663e-768e-4eb3-8c2e-d170f84588d7", "match": "1a0fe2b2-4401-4d3d-b4a2-53d7d95a76c9" }, { "control": "99d6328e-f0f6-41ee-b8e3-e9ba7e8e4598", "match": "1a0fe2b2-4401-4d3d-b4a2-53d7d95a76c9" }, { "control": "854a7ad0-7db7-4d8c-8374-3be5c36aa026", "match": "1c03c68f-29a0-4606-b99d-072491f53e96" }, { "control": "678b1392-7cab-49c2-a5f5-9f7884e0d9ac", "match": "1d9e4229-e86e-4cb1-8e63-fd30711040dd" }, { "control": "bb0c3df6-e3f4-4684-b0c7-2beadada7aeb", "match": "1fbd96df-158c-47a2-8dc5-a22c6f915a79" }, { "control": "bd05d07c-d272-4c55-a4ff-72c6218148d0", "match": "1fbd96df-158c-47a2-8dc5-a22c6f915a79" }, { "control": "e186f19e-8174-4a21-bbb6-1018f32dc714", "match": "1fbd96df-158c-47a2-8dc5-a22c6f915a79" }, { "control": "2ed059b3-7ea4-465e-b20e-f6180b218505", "match": "239e3bca-0b4b-4692-9ba1-9e2a73d6cc40" }, { "control": "21c24fcd-374d-408a-9682-eac7e8c3ebf2", "match": "26f82aa2-2a5b-49d9-92dd-53a2d98d743f" }, { "control": "fe98e1f0-175f-4fd8-8530-ac183707c54c", "match": "26f82aa2-2a5b-49d9-92dd-53a2d98d743f" }, { "control": "0fe351eb-d64b-4c74-b05b-bdfda6b9c4d3", "match": "26fbd0ef-28da-4930-850f-8519da290fd4" }, { "control": "c55c6391-56a2-44de-be4f-a23770cec2fb", "match": "276430e7-47c5-461b-a5c4-7b46dae11759" }, { "control": "03c9db14-f91d-4c4e-a4a1-18e7709d9fd7", "match": "307d39d8-d31f-4b55-8a0e-9632cd0e380a" }, { "control": "58566e59-9ce2-4ded-b2bb-20a7e1c4a5c6", "match": "307d39d8-d31f-4b55-8a0e-9632cd0e380a" }, { "control": "317394d2-538d-42e6-ac3d-f7a54b867ec4", "match": "33aa534c-482a-4503-919c-635ac65d084e" }, { "control": "3ad14be8-e76e-4c06-bb5c-6722361ee1ee", "match": "3cfb677a-cc3c-437d-aabf-c0ad88d740a5" }, { "control": "975cc456-ba0c-4a33-8b65-cbf798f5d979", "match": "3d347675-c00a-4fa2-a0af-a5b66cbd8edd" }, { "control": "07c05b75-2e57-4fd0-9ab7-d7d87742477b", "match": "3ddf1641-0529-44d2-8a23-b5811555cdd2" }, { "control": "9d2bc87a-ceae-463a-a44d-7c60bed5324d", "match": "3ff683de-9ca5-482d-8423-06d4d8e315a3" }, { "control": "d439ae3a-6cee-4f59-91f7-8562266e4d65", "match": "3ff683de-9ca5-482d-8423-06d4d8e315a3" }, { "control": "d5908953-79d7-4ad8-ac0e-b4e11ba74c8a", "match": "41d38a42-6f44-4561-b0a2-801095d4eec9" }, { "control": "1703d350-59d5-4510-bf45-d538e4c076a0", "match": "432a79d3-45e9-477e-b63a-ab7566bb8590" }, { "control": "81b8f773-4488-495e-a48e-337be46602cb", "match": "43e73ea3-8fcd-455c-b05e-c5d8a747ec33" }, { "control": "1de9d538-a7c3-4817-8c44-3ffbdfc9f12b", "match": "45d81142-d8b8-45c5-811b-8a636c404af8" }, { "control": "4c660684-7259-461d-9eb8-f9c82ca42c98", "match": "45d81142-d8b8-45c5-811b-8a636c404af8" }, { "control": "f44dad64-71cd-447f-a9da-56a1d9f297e4", "match": "474fedbd-0b89-436c-ac04-41c21d6e7420" }, { "control": "d5367603-b1f9-4df6-a188-7ea3b6c28533", "match": "47ad87a1-dd3e-443e-8d82-2ec782979637" }, { "control": "44dddcc0-257a-4f2b-94d5-1b63a25a6e46", "match": "48ecb62f-f73d-4c65-a8e4-2fa831346a70" }, { "control": "d278ad4c-0e81-4008-b7c2-dc52895c5eff", "match": "48ecb62f-f73d-4c65-a8e4-2fa831346a70" }, { "control": "d181a7ba-55fd-40ef-a1c5-a32348e2d4c0", "match": "497618e9-e495-42b6-b04e-21801f9c01f7" }, { "control": "f0048224-5868-4d00-a32f-20725cd9752d", "match": "4c41ffb8-fbf4-48b7-9e16-52293fbcc3c3" }, { "control": "77e30376-3b61-4675-95dc-329c7c2186b8", "match": "4ca57d37-8fc9-4d15-b6a7-64416a520ac1" }, { "control": "4d2882a6-5a63-404c-bbe7-2f2ea08ff933", "match": "5773b0a9-8687-4802-9f19-2d1fba45e6a5" }, { "control": "f34f797f-5c32-4b52-9836-7d103d1a129a", "match": "5773b0a9-8687-4802-9f19-2d1fba45e6a5" }, { "control": "b811e64d-cda4-4416-baec-9f6beda1dd87", "match": "68c2f82b-83a3-4aaf-9bce-c57b3f537fa6" }, { "control": "ddcabe58-0ffb-4021-a5f5-1b71fbbe8d45", "match": "6a6b0a5f-4e3a-4845-94cc-890aee7f19d9" }, { "control": "98255bf6-65b8-45b1-b5bf-d1da91d0d36f", "match": "6a76bfdb-843e-4aa2-8cd7-f738f68845e4" }, { "control": "2e10ce2d-1c5c-41f6-a8a9-f1f7f3b07315", "match": "6c305573-67ac-488e-882a-8e94e6373355" }, { "control": "8e969c8d-e7a3-41e1-b425-3e678c3ae2af", "match": "6e2ed592-c992-4076-b9ec-b7e9a78a7029" }, { "control": "cdccb912-7aa9-4542-96fc-2507e9e89b29", "match": "6e2ed592-c992-4076-b9ec-b7e9a78a7029" }, { "control": "de5bec22-ea67-4e67-8d37-52303895c67f", "match": "6e2ed592-c992-4076-b9ec-b7e9a78a7029" }, { "control": "682075b0-f0b6-4d2f-b4ad-8e93569bafa0", "match": "6ea4f43d-0d12-4edf-8191-bf469f25e252" }, { "control": "8b53cd63-6c1a-4a7e-9437-fd908941bcca", "match": "744146f1-5a14-43c0-b675-8c2649486f64" }, { "control": "61bf6872-052b-468c-83b5-ea70d4530629", "match": "7a5c4510-1d09-481b-822d-2d58745d390b" }, { "control": "d8bda302-9c55-4ec0-964b-db63640c12ee", "match": "7df0a5ac-79b3-416c-8a38-c22f5c4d94d5" }, { "control": "e9bdd53f-e094-4084-9e40-adeced6d445b", "match": "7f58e55e-17f5-4dca-a7e5-4566192fa8f1" }, { "control": "fc109da0-3bf5-4f8e-8df8-1dd4d45b8dab", "match": "7f58e55e-17f5-4dca-a7e5-4566192fa8f1" }, { "control": "3c138556-2201-4b36-8907-f6c0f57d420b", "match": "7fe8f85a-6c22-4680-b076-88d74ba5c4e3" }, { "control": "46678a0c-cd66-4610-8687-0d25afe68c1d", "match": "7fe8f85a-6c22-4680-b076-88d74ba5c4e3" }, { "control": "fe3e4943-3440-4818-903d-664972cfb466", "match": "7fe8f85a-6c22-4680-b076-88d74ba5c4e3" }, { "control": "6a1b60fb-5c46-40d1-b0b8-5494b1d00b8d", "match": "8298dbd1-c18e-4f03-bb63-4867bfeaf716" }, { "control": "b2548a30-85d7-4c8f-8dd6-16272ff3b5a1", "match": "8298dbd1-c18e-4f03-bb63-4867bfeaf716" }, { "control": "d96e8662-872e-44ac-a9d5-9229507a5a80", "match": "83389b64-b080-4625-8e81-05174311e2d8" }, { "control": "ab2d3a44-e28b-4f3d-8efa-8038faccd318", "match": "865ca2d0-30e8-47f2-9f25-4256943a0d72" }, { "control": "027c0996-57fa-44d3-85cd-6ea667923174", "match": "866a0676-f2bd-4499-ba25-cd6f9466969a" }, { "control": "54885438-8b8a-4fae-8f23-e8901ec621b4", "match": "866a0676-f2bd-4499-ba25-cd6f9466969a" }, { "control": "a6f3e7d1-9f4c-43a1-8406-7c96bfcc409d", "match": "866a0676-f2bd-4499-ba25-cd6f9466969a" }, { "control": "cc06514a-bc04-4528-b7bf-3ac296b16dd1", "match": "866a0676-f2bd-4499-ba25-cd6f9466969a" }, { "control": "2c59fe2c-5312-4f3e-b960-4fd843031af7", "match": "86fdcdd5-2d94-43ad-aab1-ccc64b3e42f7" }, { "control": "cb1f54b6-05b5-4e68-88c3-b943e4952141", "match": "8890016c-2883-4771-b346-2e8ec19ff2dd" }, { "control": "553e228a-15dd-430c-a35b-604b9fccd629", "match": "8eda18e5-8a5e-404a-9f2b-1880fa0e400d" }, { "control": "b5bb6249-a936-4828-9251-c8d4e3ea1f12", "match": "9389f178-57cb-4b52-b464-5b983d10ae90" }, { "control": "100d29a6-1441-4de6-a05a-594c8b1c7243", "match": "957e0fb3-f06e-4ef5-b152-f1045b3a576f" }, { "control": "4dabfd52-4369-4999-9091-6a346703e981", "match": "95882551-578c-4c0d-afe8-1dff2b251da4" }, { "control": "5ddefc67-2c51-4a11-b1e2-3ca2eaaf02b9", "match": "95882551-578c-4c0d-afe8-1dff2b251da4" }, { "control": "82890d01-c97f-4388-b182-e3838afa9ee2", "match": "991f8c55-2da0-4dbf-b604-cbadc8df8389" }, { "control": "ce1b8c19-d3cf-4070-b239-9471272c1faf", "match": "991f8c55-2da0-4dbf-b604-cbadc8df8389" }, { "control": "9ab263ad-4a10-4817-a993-93fff2444c61", "match": "9acaadb0-2f58-4d9b-963b-7671ed0471a6" }, { "control": "d063c875-6442-495b-9118-97906030ceef", "match": "9e7bdc0e-1603-4545-a2cc-0650fe035e37" }, { "control": "38527fcd-9eef-4f31-9ff1-551c9cb1ea88", "match": "9f8e81c8-8a90-4b5e-bcf1-ff2e8b4384e8" }, { "control": "66adb661-6e13-41f6-8a50-b894b3ed9e5b", "match": "a197825e-e8f5-47f5-851d-66105a6fc3b2" }, { "control": "68f40f2c-d0c9-405e-b56e-fca2a63cb7e7", "match": "a197825e-e8f5-47f5-851d-66105a6fc3b2" }, { "control": "81dc65f7-92e2-4516-9a0c-d1b474d547ba", "match": "a197825e-e8f5-47f5-851d-66105a6fc3b2" }, { "control": "12844c4c-d0c9-4441-9467-9da5b15dd18b", "match": "a3897661-541e-4c4c-9844-2981d8288ec6" }, { "control": "498b0cc7-fbe3-40fb-9b61-1b6db629027f", "match": "ac5590c1-5e43-4a29-87fb-5ba7416a0831" }, { "control": "f9614eeb-7fb2-4901-8834-f9ecf5a1c977", "match": "ac5590c1-5e43-4a29-87fb-5ba7416a0831" }, { "control": "71839786-0214-4608-80be-2555ee0334aa", "match": "b2fc0199-a3a8-4386-88d1-0f3b776c3e5d" }, { "control": "9c912ab0-7023-46d5-9376-798a8b81ba6e", "match": "b56726a8-3883-4893-ae75-2ba555411148" }, { "control": "8c3b6fe5-ce53-4b61-9ca4-5f7850c169b2", "match": "bb6eac6b-129a-4ea8-8c26-3df5e05d9680" }, { "control": "55677739-524b-4167-a2e1-1dc5356e4764", "match": "c26bedb1-42f5-4154-8cea-b923b1103cfe" }, { "control": "680335b4-1efb-4257-ae7c-17de32670edd", "match": "c26bedb1-42f5-4154-8cea-b923b1103cfe" }, { "control": "be07fc69-14fc-4c94-8626-083983f204f7", "match": "c26bedb1-42f5-4154-8cea-b923b1103cfe" }, { "control": "cb40e300-60d1-4ae8-88e8-338e536ddbdb", "match": "c26bedb1-42f5-4154-8cea-b923b1103cfe" }, { "control": "4ed3205f-9921-432b-9a8b-3e400598e0ff", "match": "cb371cfa-e8d4-4a83-af29-2f8982929268" }, { "control": "21a6dbb4-8365-4b48-8421-ea10458695ee", "match": "d5f93f4a-eac7-4200-b90b-c02db54c76f4" }, { "control": "1100bd1a-cfd4-4450-9192-5bd85ef107e2", "match": "dab5cccf-c67d-45b0-a3d4-89ef9f51a2f2" }, { "control": "515aacb3-f1c1-4bb2-95fa-1cb29713b03e", "match": "dcdebb24-3cf2-4c27-bb01-4cd04118e6f5" }, { "control": "12c2d158-c0d2-448f-b36e-9f17e1cc230f", "match": "de075220-6acf-4ca7-837b-713b1f87f5f3" }, { "control": "680335b4-1efb-4257-ae7c-17de32670edd", "match": "de075220-6acf-4ca7-837b-713b1f87f5f3" }, { "control": "d8a9d846-b938-4f74-8f4c-f35f120209be", "match": "de075220-6acf-4ca7-837b-713b1f87f5f3" }, { "control": "5b239f2c-162d-4fa1-9e98-9fdf54426a8a", "match": "e283f5ed-3a64-4bed-b479-35e4cd8173e6" }, { "control": "6769d72a-c19a-4af1-814b-e58ecce6bb34", "match": "e2e52a80-4222-4f57-b471-92ce90a83ed7" }, { "control": "0afb0635-1b85-4e2a-b0cf-5cdad6a23fd8", "match": "e4ef6822-7f1f-46f8-9700-37cde17e81b8" }, { "control": "7fadb5eb-5597-44f2-b323-88fa75a0e08e", "match": "e8d6402b-f022-494b-b289-3d5d98368e8e" }, { "control": "9d8e4c20-d33c-4a15-9dd9-8f1f215450ea", "match": "ed627a92-cb52-472a-aa2e-b981f8b12de5" }, { "control": "c7ad8338-7659-4783-af2b-55f35e3ccfdf", "match": "ed627a92-cb52-472a-aa2e-b981f8b12de5" }, { "control": "f4cc92f8-58e8-4129-b48e-d118a94496ab", "match": "f331b956-c83b-47b6-a563-09222b1ae7a0" }, { "control": "6c082aee-3c87-423e-9a46-4467cc6dc823", "match": "fb24425c-10df-4bc3-9b48-d72b952b92b5" }, { "control": "6ade5e75-9f3a-4b23-b3aa-301908f5bc25", "match": "fc66f113-3f02-4354-8610-879b5467971a" } ], "version": 1 } 2022-08-03T12:25:48.118511+00:00 https://objects.monarc.lu/object/get/5233 2024-05-02T13:22:55.410846+00:00 Various contributors { "authors": [ "Jeremy Dannenmuller" ], "label": "ISO 27017", "language": "EN", "refs": "https://www.iso.org/fr/standard/43757.html", "uuid": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "values": [ { "category": "Security in development and support processes", "code": "14.2.2", "label": "System change control procedures", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "027c0996-57fa-44d3-85cd-6ea667923174" }, { "category": "Supplier service delivery management", "code": "15.2.2", "label": "Managing chages to supplier services", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "03c9db14-f91d-4c4e-a4a1-18e7709d9fd7" }, { "category": "Security in development and support processes", "code": "14.2.1", "label": "Secure development policy", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "07c05b75-2e57-4fd0-9ab7-d7d87742477b" }, { "category": "Termination and change of employment", "code": "7.3.1", "label": "Termination or change of employment responsabilities", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "0afb0635-1b85-4e2a-b0cf-5cdad6a23fd8" }, { "category": "Secure areas", "code": "11.1.1", "label": "Physical security perimeter", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "0fe351eb-d64b-4c74-b05b-bdfda6b9c4d3" }, { "category": "During employment", "code": "7.2.1", "label": "Management responsabilities", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "100d29a6-1441-4de6-a05a-594c8b1c7243" }, { "category": "Logging and monitoring", "code": "12.4.4", "label": "Clock synchronization", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "1100bd1a-cfd4-4450-9192-5bd85ef107e2" }, { "category": "Equipment", "code": "11.2.1", "label": "Equipment siting and protection", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "12844c4c-d0c9-4441-9467-9da5b15dd18b" }, { "category": "Business requirements of access control", "code": "9.1.1", "label": "Access control policy", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "12c2d158-c0d2-448f-b36e-9f17e1cc230f" }, { "category": "Management of information security incidents and improvements", "code": "16.1.7", "label": "Collection of evidence", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "1703d350-59d5-4510-bf45-d538e4c076a0" }, { "category": "Security requirements of information systems", "code": "14.1.1", "label": "Information security requirements analysis and specification", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "1de9d538-a7c3-4817-8c44-3ffbdfc9f12b" }, { "category": "Security in development and support processes", "code": "14.2.7", "label": "Outsourced development", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "21a6dbb4-8365-4b48-8421-ea10458695ee" }, { "category": "Equipment", "code": "11.2.8", "label": "Unattended user equipment", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "21c24fcd-374d-408a-9682-eac7e8c3ebf2" }, { "category": "Media handling", "code": "8.3.1", "label": "Management or removable media", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "2327176c-b127-4ad3-a1a9-710467ea246f" }, { "category": "Security in development and support processes", "code": "14.2.6", "label": "Secure development environment", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "256e6e9e-cd8b-440a-843b-264e85d582f7" }, { "category": "Information security in supplier relationships", "code": "15.1.3", "label": "Information and communication technology supply chain", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "2c59fe2c-5312-4f3e-b960-4fd843031af7" }, { "category": "Operational procedures and responsibilities", "code": "CLD.12.1.5", "label": "Administrator's operational security", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "2df8b9c3-b6f4-4484-a9b3-5e6f33ad1038" }, { "category": "Network security management", "code": "13.1.3", "label": "Segregation in networks", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "2e10ce2d-1c5c-41f6-a8a9-f1f7f3b07315" }, { "category": "Relationship between cloud service customer and cloud service provider", "code": "CLD.6.3.1", "label": "Shared roles and responsibilities within a cloud computing environment", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "2e43ca82-0b18-4dbd-916c-b2fc102bf662" }, { "category": "Information security in supplier relationships", "code": "15.1.1", "label": "Information security policy for supplier relationships", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "2ed059b3-7ea4-465e-b20e-f6180b218505" }, { "category": "Information classification", "code": "8.2.2", "label": "Labelling of information", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "2f9175dc-3c0e-48d6-b1cb-687009bbf392" }, { "category": "Internal organization", "code": "6.1.4", "label": "Contact with special interest groups", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "317394d2-538d-42e6-ac3d-f7a54b867ec4" }, { "category": "Secure areas", "code": "11.1.4", "label": "Protecting against external and environmental threats", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "34ac073d-80ad-4503-b748-bcbad097ea26" }, { "category": "Access control of cloud service customer data in shared virtual environment", "code": "CLD.9.5.2", "label": "Virtual machine hardening", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "34fa0af1-02c7-46c0-b38f-30db3f27bf46" }, { "category": "Compliance with legal and contractual requirements", "code": "18.1.3", "label": "Protection of records", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "38527fcd-9eef-4f31-9ff1-551c9cb1ea88" }, { "category": "Network security management", "code": "13.1.1", "label": "Network controls", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "3ad14be8-e76e-4c06-bb5c-6722361ee1ee" }, { "category": "Responsibility for assets", "code": "CLD.8.1.5", "label": "Removal of cloud service customer assets", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "3ae82816-ae78-4a6c-889e-07bdb84da4e4" }, { "category": "Equipment", "code": "11.2.4", "label": "Equipment maintenance", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "3b7c3fa7-d143-483c-9c26-4908a55979d5" }, { "category": "User access management", "code": "9.2.4", "label": "Management of secret authentication information of users", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "3c138556-2201-4b36-8907-f6c0f57d420b" }, { "category": "Logging and monitoring", "code": "CLD.12.4.5", "label": "Monitoring of Cloud Services", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "439a4491-65aa-4990-b6e4-6e10af836373" }, { "category": "Responsibility for assets", "code": "8.1.1", "label": "Inventory of assets", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "44dddcc0-257a-4f2b-94d5-1b63a25a6e46" }, { "category": "System and application access control", "code": "9.4.3", "label": "Password management system", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "46678a0c-cd66-4610-8687-0d25afe68c1d" }, { "category": "Information security policies", "code": "5.1.1", "label": "Policies for information security", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "498b0cc7-fbe3-40fb-9b61-1b6db629027f" }, { "category": "Management of information security incidents and improvements", "code": "16.1.1", "label": "Responsabilities and procedures", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "4ab927a0-835d-4122-8377-ed08c418b1c5" }, { "category": "Internal organization", "code": "6.1.5", "label": "Information security in project management", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "4c660684-7259-461d-9eb8-f9c82ca42c98" }, { "category": "Control of operational software", "code": "12.5.1", "label": "Installation of software on operational systems", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "4d2882a6-5a63-404c-bbe7-2f2ea08ff933" }, { "category": "Information classification", "code": "8.2.3", "label": "Handling of assets", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "4dabfd52-4369-4999-9091-6a346703e981" }, { "category": "Secure areas", "code": "11.1.5", "label": "Working in secure areas", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "4ed3205f-9921-432b-9a8b-3e400598e0ff" }, { "category": "Internal organization", "code": "6.1.1", "label": "Information security roles and responsabilities", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "515aacb3-f1c1-4bb2-95fa-1cb29713b03e" }, { "category": "Security in development and support processes", "code": "14.2.3", "label": "Technical review of applications after operating platform changes", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "54885438-8b8a-4fae-8f23-e8901ec621b4" }, { "category": "System and application access control", "code": "9.4.1", "label": "Information access restriction", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "553e228a-15dd-430c-a35b-604b9fccd629" }, { "category": "User access management", "code": "9.2.2", "label": "User access provisioning", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "55677739-524b-4167-a2e1-1dc5356e4764" }, { "category": "Equipment", "code": "11.2.5", "label": "Removal of assets", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "55f40782-51f0-4e9a-9cae-3898190144c4" }, { "category": "Supplier service delivery management", "code": "15.2.1", "label": "Monitoring and review of supplier services", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "58566e59-9ce2-4ded-b2bb-20a7e1c4a5c6" }, { "category": "Information transfer", "code": "13.2.4", "label": "Confidentiality or non-disclosure agreements", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "5b239f2c-162d-4fa1-9e98-9fdf54426a8a" }, { "category": "Responsibility for assets", "code": "8.1.3", "label": "The acceptable use of assets", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "5ddefc67-2c51-4a11-b1e2-3ca2eaaf02b9" }, { "category": "Internal organization", "code": "6.1.3", "label": "Contact with authorities", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "61bf6872-052b-468c-83b5-ea70d4530629" }, { "category": "Cryptographic controls", "code": "10.1.2", "label": "Key management", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "62b6663e-768e-4eb3-8c2e-d170f84588d7" }, { "category": "Operational procedures and responsibilities", "code": "12.1.4", "label": "Separation of development, testing and operational environments", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "64c2a025-e7bf-4ac3-9ab2-431910fff804" }, { "category": "Information security continuity", "code": "17.1.1", "label": "Planning information security continuity", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "66adb661-6e13-41f6-8a50-b894b3ed9e5b" }, { "category": "Management of information security incidents and improvements", "code": "16.1.4", "label": "Assessment of and decision on information security events", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "66d299d8-e55f-42d7-997b-e5f69392ed82" }, { "category": "Backup", "code": "12.3.1", "label": "Information backup", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "6769d72a-c19a-4af1-814b-e58ecce6bb34" }, { "category": "System and application access control", "code": "9.4.2", "label": "Secure log-on procedures", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "678b1392-7cab-49c2-a5f5-9f7884e0d9ac" }, { "category": "User access management", "code": "9.2.1", "label": "User registration and deregistration", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "680335b4-1efb-4257-ae7c-17de32670edd" }, { "category": "Internal organization", "code": "6.1.2", "label": "Segregtion of duties", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "682075b0-f0b6-4d2f-b4ad-8e93569bafa0" }, { "category": "Information security continuity", "code": "17.1.3", "label": "Verify, review and evaluate information security continuity", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "68f40f2c-d0c9-405e-b56e-fca2a63cb7e7" }, { "category": "Security requirements of information systems", "code": "14.1.3", "label": "Protecting application services transactions", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "6a1b60fb-5c46-40d1-b0b8-5494b1d00b8d" }, { "category": "Network security management", "code": "CLD.13.1.4", "label": "Alignment of security management for virtual and physical networks", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "6a972973-2dec-4c54-ac8f-d4e1e06dcc63" }, { "category": "Equipment", "code": "11.2.2", "label": "Supporting utilities", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "6ade5e75-9f3a-4b23-b3aa-301908f5bc25" }, { "category": "Responsibility for assets", "code": "8.1.4", "label": "Return of assets", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "6c082aee-3c87-423e-9a46-4467cc6dc823" }, { "category": "Technical vulnerability management", "code": "12.6.1", "label": "Management of technical vulnerabilities", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "71839786-0214-4608-80be-2555ee0334aa" }, { "category": "Information classification", "code": "8.2.1", "label": "Classification of information", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "77e30376-3b61-4675-95dc-329c7c2186b8" }, { "category": "Operational procedures and responsibilities", "code": "12.1.3", "label": "Capacity management", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "7fadb5eb-5597-44f2-b323-88fa75a0e08e" }, { "category": "Equipment", "code": "11.2.7", "label": "Secure disposal or reuse of equipment", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "81b8f773-4488-495e-a48e-337be46602cb" }, { "category": "Information security continuity", "code": "17.1.2", "label": "Implementing information security continuity", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "81dc65f7-92e2-4516-9a0c-d1b474d547ba" }, { "category": "Security in development and support processes", "code": "14.2.8", "label": "System security testing", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "82890d01-c97f-4388-b182-e3838afa9ee2" }, { "category": "Management of information security incidents and improvements", "code": "16.1.6", "label": "Learning from information security incidents", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "854a7ad0-7db7-4d8c-8374-3be5c36aa026" }, { "category": "Information systems audit considerations", "code": "12.7.1", "label": "Information systems audit controls", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "8b53cd63-6c1a-4a7e-9437-fd908941bcca" }, { "category": "During employment", "code": "7.2.2", "label": "Information security awareness, education and training", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "8c3b6fe5-ce53-4b61-9ca4-5f7850c169b2" }, { "category": "Logging and monitoring", "code": "12.4.3", "label": "Administrator and operator logs", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "8e969c8d-e7a3-41e1-b425-3e678c3ae2af" }, { "category": "Compliance with legal and contractual requirements", "code": "18.1.2", "label": "Intellectual property rights", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "975cc456-ba0c-4a33-8b65-cbf798f5d979" }, { "category": "Redundancies", "code": "17.2.1", "label": "Availability of information processing facilities", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "98255bf6-65b8-45b1-b5bf-d1da91d0d36f" }, { "category": "Cryptographic controls", "code": "10.1.1", "label": "Policy on the use of cryptographic controls", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "99d6328e-f0f6-41ee-b8e3-e9ba7e8e4598" }, { "category": "During employment", "code": "7.2.3", "label": "Disciplinary process", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "9ab263ad-4a10-4817-a993-93fff2444c61" }, { "category": "System and application access control", "code": "9.4.5", "label": "Access control to program source code", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "9c912ab0-7023-46d5-9376-798a8b81ba6e" }, { "category": "Information security reviews", "code": "18.2.2", "label": "Compliance with security policies and standards", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "9d2bc87a-ceae-463a-a44d-7c60bed5324d" }, { "category": "Management of information security incidents and improvements", "code": "16.1.2", "label": "Reporting information security events", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "9d8e4c20-d33c-4a15-9dd9-8f1f215450ea" }, { "category": "Operational procedures and responsibilities", "code": "12.1.2", "label": "Change management", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "a6f3e7d1-9f4c-43a1-8406-7c96bfcc409d" }, { "category": "Management of information security incidents and improvements", "code": "16.1.5", "label": "Response to information security incidents", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "ab2d3a44-e28b-4f3d-8efa-8038faccd318" }, { "category": "Security requirements of information systems", "code": "14.1.2", "label": "Securing applications services on public networks", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "b2548a30-85d7-4c8f-8dd6-16272ff3b5a1" }, { "category": "Secure areas", "code": "11.1.2", "label": "Physical entry controls", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "b5005f3e-bdc7-4367-8f96-46dd795399c3" }, { "category": "System and application access control", "code": "9.4.4", "label": "Use of privileged utility programs", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "b5bb6249-a936-4828-9251-c8d4e3ea1f12" }, { "category": "Equipment", "code": "11.2.6", "label": "Security of equipment and assets off-premises", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "b811e64d-cda4-4416-baec-9f6beda1dd87" }, { "category": "Secure areas", "code": "11.1.6", "label": "Delivery and loading areas", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "b98389fe-8024-4d51-90bb-869962c97898" }, { "category": "Media handling", "code": "8.3.2", "label": "Disposal of media", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "bae65eff-a2eb-4da1-899c-539f30f94963" }, { "category": "Information transfer", "code": "13.2.1", "label": "Information transfer policies and procedures", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "bb0c3df6-e3f4-4684-b0c7-2beadada7aeb" }, { "category": "Information transfer", "code": "13.2.2", "label": "Agreements on information transfer", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "bd05d07c-d272-4c55-a4ff-72c6218148d0" }, { "category": "User access management", "code": "9.2.5", "label": "Review of user access rights", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "be07fc69-14fc-4c94-8626-083983f204f7" }, { "category": "Access control of cloud service customer data in shared virtual environment", "code": "CLD.9.5.1", "label": "Segregation in virtual computing environments", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "be604ecc-3dee-4e29-b1b7-d63d58f54748" }, { "category": "Mobile devices and teleworking", "code": "6.2.2", "label": "Teleworking", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "c55c6391-56a2-44de-be4f-a23770cec2fb" }, { "category": "Management of information security incidents and improvements", "code": "16.1.3", "label": "Reporting information security weakness", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "c7ad8338-7659-4783-af2b-55f35e3ccfdf" }, { "category": "User access management", "code": "9.2.3", "label": "Management of privileged access rights", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "cb1f54b6-05b5-4e68-88c3-b943e4952141" }, { "category": "User access management", "code": "9.2.6", "label": "Removal or adjustment of access rights", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "cb40e300-60d1-4ae8-88e8-338e536ddbdb" }, { "category": "Security in development and support processes", "code": "14.2.4", "label": "Restrictions on changes to software packages", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "cc06514a-bc04-4528-b7bf-3ac296b16dd1" }, { "category": "Logging and monitoring", "code": "12.4.2", "label": "Protection of log information", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "cdccb912-7aa9-4542-96fc-2507e9e89b29" }, { "category": "Security in development and support processes", "code": "14.2.9", "label": "System acceptance testing", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "ce1b8c19-d3cf-4070-b239-9471272c1faf" }, { "category": "Prior to empoyment", "code": "7.1.1", "label": "Screening", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "d063c875-6442-495b-9118-97906030ceef" }, { "category": "Security in development and support processes", "code": "14.2.5", "label": "Secure system engineering principles", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "d181a7ba-55fd-40ef-a1c5-a32348e2d4c0" }, { "category": "Responsibility for assets", "code": "8.1.2", "label": "Owernship of assets", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "d278ad4c-0e81-4008-b7c2-dc52895c5eff" }, { "category": "Equipment", "code": "11.2.3", "label": "Cabling security", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "d41b6bc1-82a4-4791-b276-dbbb8d833a33" }, { "category": "Information security reviews", "code": "18.2.3", "label": "Technical compliance review", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "d439ae3a-6cee-4f59-91f7-8562266e4d65" }, { "category": "Network security management", "code": "13.1.2", "label": "Security of network services", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "d5367603-b1f9-4df6-a188-7ea3b6c28533" }, { "category": "Information security reviews", "code": "18.2.1", "label": "Independant review of information security", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "d5908953-79d7-4ad8-ac0e-b4e11ba74c8a" }, { "category": "Business requirements of access control", "code": "9.1.2", "label": "Access to networks and network services", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "d8a9d846-b938-4f74-8f4c-f35f120209be" }, { "category": "Test data", "code": "14.3.1", "label": "Protection of test data", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "d8bda302-9c55-4ec0-964b-db63640c12ee" }, { "category": "Prior to empoyment", "code": "7.1.2", "label": "Terms and conditions of employment", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "d96e8662-872e-44ac-a9d5-9229507a5a80" }, { "category": "Compliance with legal and contractual requirements", "code": "18.1.4", "label": "Privacy and protection of personally identifiable information", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "ddcabe58-0ffb-4021-a5f5-1b71fbbe8d45" }, { "category": "Logging and monitoring", "code": "12.4.1", "label": "Event logging", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "de5bec22-ea67-4e67-8d37-52303895c67f" }, { "category": "Information transfer", "code": "13.2.3", "label": "Electronic messaging", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "e186f19e-8174-4a21-bbb6-1018f32dc714" }, { "category": "Compliance with legal and contractual requirements", "code": "18.1.5", "label": "Regulation of cryptographic controls", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "e9bdd53f-e094-4084-9e40-adeced6d445b" }, { "category": "Operational procedures and responsibilities", "code": "12.1.1", "label": "Documented operating procedures", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "f0048224-5868-4d00-a32f-20725cd9752d" }, { "category": "Technical vulnerability management", "code": "12.6.2", "label": "Restrictions on software installation", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "f34f797f-5c32-4b52-9836-7d103d1a129a" }, { "category": "Equipment", "code": "11.2.9", "label": "Clear desk and clear screen policy", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "f34f88d5-7e52-4516-a734-096a09ef1d9b" }, { "category": "Media handling", "code": "8.3.3", "label": "Physical media transfer", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "f36660f5-1485-4aca-9757-1dd5399e9cee" }, { "category": "Secure areas", "code": "11.1.3", "label": "Securing offices, rooms and facilities", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "f44dad64-71cd-447f-a9da-56a1d9f297e4" }, { "category": "Protection from malware", "code": "12.2.1", "label": "Controls against malware", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "f4cc92f8-58e8-4129-b48e-d118a94496ab" }, { "category": "Information security policies", "code": "5.1.2", "label": "Review of the policies for information security", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "f9614eeb-7fb2-4901-8834-f9ecf5a1c977" }, { "category": "Compliance with legal and contractual requirements", "code": "18.1.1", "label": "Identification of applicable legislation and contractual requirements", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "fc109da0-3bf5-4f8e-8df8-1dd4d45b8dab" }, { "category": "User responsabilities", "code": "9.3.1", "label": "Use of secret authentication information", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "fe3e4943-3440-4818-903d-664972cfb466" }, { "category": "Mobile devices and teleworking", "code": "6.2.1", "label": "Mobile device policy", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "fe98e1f0-175f-4fd8-8530-ac183707c54c" }, { "category": "Information security in supplier relationships", "code": "15.1.2", "label": "Addressing security within supplier agreements", "referential": "9a73a15e-bb36-434e-a2fe-c3ac1b7ed9a2", "referential_label": "ISO 27017", "uuid": "ff7435b8-55f6-46bb-ae61-ddb09c731348" } ], "version": 1 } 2022-08-03T13:11:25.452983+00:00 https://objects.monarc.lu/object/get/5238 2024-05-02T13:22:55.410053+00:00 Various contributors { "authors": [ "Jeremy Dannenmuller" ], "label": "PCI DSS 4.0", "language": "EN", "refs": "https://listings.pcisecuritystandards.org/documents/PCI-DSS-v4_0.pdf", "uuid": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "values": [ { "category": "Requirement 5: Protect All Systems and Networks from Malicious Software.", "code": "5.4", "label": "5.4 Anti-phishing mechanisms protect users against phishing attacks.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "033ed95f-0444-4200-a229-d36ba8d320ac" }, { "category": "Requirement 11: Test Security of Systems and Networks Regularly.", "code": "11.1", "label": "11.1 Processes and mechanisms for regularly testing security of systems and networks are defined and understood.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "042cc126-c21a-42c2-a003-fe0184ddbfec" }, { "category": "Requirement 6: Develop and Maintain Secure Systems and Software.", "code": "6.4", "label": "6.4 Public-facing web applications are protected against attacks.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "046b9fca-955e-4d7f-bfca-ae6a0cf92f01" }, { "category": "Requirement 1: Install and maintain Network Security Controls", "code": "1.1", "label": "1.1 Processes and mechanisms for installing and maintaining network security controls are defined and understood.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "09262d8f-9fa8-48bc-90a6-b5dd76f6f5a6" }, { "category": "Requirement 1: Install and maintain Network Security Controls", "code": "1.3", "label": "1.3 Network access to and from the cardholder data environment is restricted.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "0a26e736-1827-4572-9165-617b4d4a5edd" }, { "category": "Requirement 2: Apply Secure Configurations to All System Components.", "code": "2.2", "label": "2.2 System components are configured and managed securely.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "109bd9fe-1bbd-45f0-91da-27758cfacb1f" }, { "category": "A2 - Additional PCI DSS Requirements for Entities Using SSL/Early TLS for Card-Present POS POI Terminal Connections", "code": "A.2.1", "label": "A2.1 POI terminals using SSL and/or early TLS are confirmed as not susceptible to known SSL/TLS exploits.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "11bd5603-6d95-45b2-b166-2977810e693b" }, { "category": "Requirement 3: Protect Stored Account Data.", "code": "3.2", "label": "3.2 Storage of account data is kept to a minimum.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "13643f1d-5127-4338-8747-b9b1a5153553" }, { "category": "Requirement 10: Log and Monitor All Access to System Components and Cardholder Data.", "code": "10.2", "label": "10.2 Audit logs are implemented to support the detection of anomalies and suspicious activity. and the forensic analysis of events.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "1570bd71-c8bd-4839-a833-20a4d9c78c19" }, { "category": "Requirement 6: Develop and Maintain Secure Systems and Software.", "code": "6.2", "label": "6.2 Bespoke and custom software are developed securely.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "166b54f6-039c-47ee-b53c-a4c441054ef3" }, { "category": "Requirement 11: Test Security of Systems and Networks Regularly.", "code": "11.2", "label": "11.2 Wireless access points are identified and monitored. and unauthorized wireless access points are addressed.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "198e86b1-88fd-4ca2-920b-abe3188d2161" }, { "category": "Requirement 9: Restrict Physical Access to Cardholder Data.", "code": "9.2", "label": "9.2 Physical access controls manage entry into facilities and systems containing cardholder data.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "29116643-2936-45ae-b095-c32472c5c5fc" }, { "category": "Requirement 10: Log and Monitor All Access to System Components and Cardholder Data.", "code": "10.1", "label": "10.1 Processes and mechanisms for logging and monitoring all access to system components and cardholder data are defined and documented.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "291753d9-bdb7-4284-82cd-86639dd5051c" }, { "category": "Requirement 8: Identify Users and Authenticate Access to System Components.", "code": "8.4", "label": "8.4 Multi-factor authentication (MFA) is implemented to secure access into the CDE", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "2b3ceaf1-acd1-4a25-9920-9365a0edecc6" }, { "category": "Requirement 5: Protect All Systems and Networks from Malicious Software.", "code": "5.2", "label": "5.2 Malicious software (malware) is prevented. or detected and addressed.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "367f079c-235c-415f-acfa-cfc8fcbf57e3" }, { "category": "Requirement 3: Protect Stored Account Data.", "code": "3.6", "label": "3.6 Cryptographic keys used to protect stored account data are secured.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "36db6005-d2cc-4406-a441-71cf2918935a" }, { "category": "Requirement 12: Support Information Security with Organizational Policies and Programs", "code": "12.7", "label": "12.7 Personnel are screened to reduce risks from insider threats.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "37e791d6-5a76-4bf6-a8dc-ed2951acca43" }, { "category": "Requirement 12: Support Information Security with Organizational Policies and Programs", "code": "12.5", "label": "12.5 PCI DSS scope is documented and validated.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "382b37cb-0b20-4d93-8297-156cbb7a0257" }, { "category": "Requirement 9: Restrict Physical Access to Cardholder Data.", "code": "9.4", "label": "9.4 Media with cardholder data is securely stored. accessed. distributed. and destroyed.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "3b9336b9-d7b6-4ea6-bcba-920f9a6ced43" }, { "category": "Requirement 4: Protect Cardholder Data with Strong Cryptography During Transmission Over Open. Public Networks.", "code": "4.2", "label": "4.2 PAN is protected with strong cryptography during transmission", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "3b988763-bff2-4cee-b1b2-5cea61e9dcf8" }, { "category": "Requirement 11: Test Security of Systems and Networks Regularly.", "code": "11.5", "label": "11.5 Network intrusions and unexpected file changes are detected and responded to.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "3d7419df-8a0b-4ec0-902f-89f90e77bdc1" }, { "category": "Requirement 6: Develop and Maintain Secure Systems and Software.", "code": "6.5", "label": "6.5 Changes to all system components are managed securely.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "435fad54-ccb7-4f4f-b8fe-5b75af1bf4ea" }, { "category": "A3 - Designated Entities Supplemental Validation (DESV)", "code": "A3.3", "label": "A3.3 PCI DSS is incorporated into business-as-usual (BAU) activities.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "438c70bf-7e0c-477d-97ae-31578185da58" }, { "category": "Requirement 7: Restrict Access to System Components and Cardholder Data by Business Need to Know.", "code": "7.1", "label": "7.1 Processes and mechanisms for restricting access to system components and cardholder data by business need to know are defined and understood.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "43ec094e-fe4c-4355-b4f4-5e7281016cec" }, { "category": "Requirement 5: Protect All Systems and Networks from Malicious Software.", "code": "5.1", "label": "5.1 Processes and mechanisms for protecting all systems and networks from malicious software are defined and understood.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "471b054e-61a2-4a72-830b-13843ed09146" }, { "category": "Requirement 12: Support Information Security with Organizational Policies and Programs", "code": "12.1", "label": "12.1 A comprehensive information security policy that governs and provides direction for protection of the entity\u2019s information assets is known and current.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "478a985a-4bad-42a5-b34e-45d5db543d63" }, { "category": "A1 - Additional PCI DSS Requirements for Multi-Tenant Service Providerss", "code": "A1.1", "label": "A1.1 Multi-tenant service providers protect and separate all customer environments and data.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "49c69882-50a8-4bb7-b56a-e9471d7943d1" }, { "category": "Requirement 8: Identify Users and Authenticate Access to System Components.", "code": "8.1", "label": "8.1 Processes and mechanisms for identifying users and authenticating access to system components are defined and understood.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "4c8a94b0-1f2c-4a10-a279-6ee20397543e" }, { "category": "Requirement 10: Log and Monitor All Access to System Components and Cardholder Data.", "code": "10.4", "label": "10.4 Audit logs are reviewed to identify anomalies or suspicious activity.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "536ee90b-6041-4e7f-b445-0fde74e24338" }, { "category": "A3 - Designated Entities Supplemental Validation (DESV)", "code": "A3.1", "label": "A3.1 A PCI DSS compliance program is implemented.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "5b43004f-9e3d-42f3-a321-f482d68ff54d" }, { "category": "Requirement 12: Support Information Security with Organizational Policies and Programs", "code": "12.9", "label": "12.9 Third-party service providers (TPSPs) support their customers\u2019 PCI DSS compliance.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "5bf20465-8283-4b0f-82fa-ff2fa4f5b6e8" }, { "category": "Requirement 1: Install and maintain Network Security Controls", "code": "1.4", "label": "1.4 Network connections between trusted and untrusted networks are controlled.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "5d8988d4-09b2-416d-b58a-970597fc4397" }, { "category": "Requirement 3: Protect Stored Account Data.", "code": "3.1", "label": "3.1 Processes and mechanisms for protecting stored account data are defined and understood.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "6ad4ac2b-74e8-4ff2-9d39-f6becb2e124f" }, { "category": "Requirement 10: Log and Monitor All Access to System Components and Cardholder Data.", "code": "10.6", "label": "10.6 Time-synchronization mechanisms support consistent time settings across all systems.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "6eca23a9-8def-4bd9-8ece-b0666a2f4368" }, { "category": "Requirement 2: Apply Secure Configurations to All System Components.", "code": "2.1", "label": "2.1 Processes and mechanisms for applying secure configurations to all system components are defined and understood.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "6f8d5129-c4df-49d4-9728-05d78632814b" }, { "category": "Requirement 12: Support Information Security with Organizational Policies and Programs", "code": "12.6", "label": "12.6 Security awareness education is an ongoing activity.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "71787501-c169-411d-9778-e2cfc5e5736b" }, { "category": "Requirement 3: Protect Stored Account Data.", "code": "3.7", "label": "3.7 Where cryptography is used to protect stored account data. key management processes and procedures covering all aspects of the key lifecycle are defined and implemented.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "842b0d6d-2577-4ab4-9b8f-c19679c8d473" }, { "category": "Requirement 10: Log and Monitor All Access to System Components and Cardholder Data.", "code": "10.7", "label": "10.7 Failures of critical security control systems are detected. reported. and responded to promptly.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "8500ef96-773c-4616-b5c8-62145ef3def8" }, { "category": "Requirement 12: Support Information Security with Organizational Policies and Programs", "code": "12.3", "label": "12.3 Risks to the cardholder data environment are formally identified. evaluated. and managed.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "8553ef88-3cf6-419d-951b-60d9f0bfa59e" }, { "category": "Requirement 7: Restrict Access to System Components and Cardholder Data by Business Need to Know.", "code": "7.2", "label": "7.2 Access to system components and data is appropriately defined and assigned.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "898f18b0-f44b-4417-be6a-ce77e4291870" }, { "category": "Requirement 9: Restrict Physical Access to Cardholder Data.", "code": "9.1", "label": "9.1 Processes and mechanisms for restricting physical access to cardholder data are defined and understood.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "8ecf814d-8ead-4774-aa4c-9a0f447de93e" }, { "category": "Requirement 10: Log and Monitor All Access to System Components and Cardholder Data.", "code": "10.5", "label": "10.5 Audit log history is retained and available for analysis.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "91456cd4-47b4-49a8-9ac7-e10c94deb909" }, { "category": "Requirement 10: Log and Monitor All Access to System Components and Cardholder Data.", "code": "10.3", "label": "10.3 Audit logs are protected from destruction and unauthorized modifications.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "9545f6f7-1959-4972-828e-c002fb7c5e3f" }, { "category": "Requirement 7: Restrict Access to System Components and Cardholder Data by Business Need to Know.", "code": "7.3", "label": "7.3 Access to system components and data is managed via an access control system(s).", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "9bd5a560-6770-4620-8a87-3df344593a05" }, { "category": "Requirement 11: Test Security of Systems and Networks Regularly.", "code": "11.6", "label": "11.6 Unauthorized changes on payment pages are detected and responded to.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "9e9b1e73-bb3f-4dac-b85e-51b0a28a746a" }, { "category": "Requirement 8: Identify Users and Authenticate Access to System Components.", "code": "8.6", "label": "8.6 Use of application and system accounts and associated authentication factors is strictly managed.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "9f0dec80-eec7-49a8-bbbd-9d1af3c3bd47" }, { "category": "Requirement 8: Identify Users and Authenticate Access to System Components.", "code": "8.2", "label": "8.2 User identification and related accounts for users and administrators are strictly managed throughout an account\u2019s lifecycle.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "a77319f3-1eec-4789-8756-b2df9270901b" }, { "category": "Requirement 2: Apply Secure Configurations to All System Components.", "code": "2.3", "label": "2.3 Wireless environments are configured and managed securely.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "aa8d0ac1-cb2a-4e0f-bcaa-d2763497f676" }, { "category": "Requirement 4: Protect Cardholder Data with Strong Cryptography During Transmission Over Open. Public Networks.", "code": "4.1", "label": "4.1 Processes and mechanisms for protecting cardholder data with strong cryptography during transmission over open. public networks are defined and documented.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "af758496-f659-442b-be1a-cd11dbc05de8" }, { "category": "Requirement 3: Protect Stored Account Data.", "code": "3.4", "label": "3.4 Access to displays of full PAN and ability to copy cardholder data are restricted.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "b0a9f97c-0ecc-4ebf-865e-2a7efdb3b52b" }, { "category": "Requirement 11: Test Security of Systems and Networks Regularly.", "code": "11.3", "label": "11.3 External and internal vulnerabilities are regularly identified. prioritized. and addressed.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "b1d5619d-525a-4bc9-9919-4a16efb68f81" }, { "category": "Requirement 3: Protect Stored Account Data.", "code": "3.3", "label": "3.3 Sensitive authentication data (SAD) is not stored after authorization.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "b8b5e383-cb55-43fc-b3ea-9a89b4e0ab10" }, { "category": "A3 - Designated Entities Supplemental Validation (DESV)", "code": "A3.4", "label": "A3.4 Logical access to the cardholder data environment is controlled and managed.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "be27bba6-21a1-416b-8258-cb9c232dc471" }, { "category": "Requirement 8: Identify Users and Authenticate Access to System Components.", "code": "8.3", "label": "8.3 Strong authentication for users and administrators is established and managed.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "be64acf7-9530-4008-84d0-3a47086c9c27" }, { "category": "Requirement 12: Support Information Security with Organizational Policies and Programs", "code": "12.10", "label": "12.10 Suspected and confirmed security incidents that could impact the CDE are responded to immediately.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "be9c173b-84c8-4b07-a71c-be8b1a44da6d" }, { "category": "Requirement 12: Support Information Security with Organizational Policies and Programs", "code": "12.8", "label": "12.8 Risk to information assets associated with third-party service provider (TPSP) relationships is managed.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "be9d8fae-7af6-4555-812c-c587b43a8c2a" }, { "category": "Requirement 6: Develop and Maintain Secure Systems and Software.", "code": "6.1", "label": "6.1 Processes and mechanisms for developing and maintaining secure systems and software are defined and understood.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "c059d4de-2980-46c8-bb74-b68b9e1053e4" }, { "category": "Requirement 12: Support Information Security with Organizational Policies and Programs", "code": "12.4", "label": "12.4 PCI DSS compliance is managed.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "ca690618-be96-4a4b-ae7e-b55ad2c50241" }, { "category": "Requirement 8: Identify Users and Authenticate Access to System Components.", "code": "8.5", "label": "8.5 Multi-factor authentication (MFA) systems are configured to prevent misuse.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "ca745f8a-b78a-4031-b669-9f80f3aca137" }, { "category": "Requirement 11: Test Security of Systems and Networks Regularly.", "code": "11.4", "label": "11.4 External and internal penetration testing is regularly performed. and exploitable vulnerabilities and security weaknesses are corrected.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "ce87911e-ef45-44ec-8584-b63dbb0d3b10" }, { "category": "Requirement 6: Develop and Maintain Secure Systems and Software.", "code": "6.3", "label": "6.3 Security vulnerabilities are identified and addressed.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "d33fbe7b-ca98-4cd7-805c-c25d2f54196d" }, { "category": "Requirement 5: Protect All Systems and Networks from Malicious Software.", "code": "5.3", "label": "5.3 Anti-malware mechanisms and processes are active. maintained. and monitored.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "de7526f0-bfdf-46a0-b6cd-bea9fb3ad41f" }, { "category": "Requirement 1: Install and maintain Network Security Controls", "code": "1.2", "label": "1.2 Network security controls (NSCs) are configured and maintained.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "df9c7366-838e-4107-951b-b7e1c8cfe80b" }, { "category": "A3 - Designated Entities Supplemental Validation (DESV)", "code": "A3.2", "label": "A3.2 PCI DSS scope is documented and validated.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "e1da88c4-6a4b-4e80-a8e8-1927bfb3f985" }, { "category": "Requirement 12: Support Information Security with Organizational Policies and Programs", "code": "12.2", "label": "12.2 Acceptable use policies for end-user technologies are defined and implemented.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "e3c4b267-059e-4591-8e66-d8241bdeb589" }, { "category": "Requirement 3: Protect Stored Account Data.", "code": "3.5", "label": "3.5 Primary account number (PAN) is secured wherever it is stored.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "e69ac6c5-0858-4bc1-813c-6b58b7f26add" }, { "category": "A1 - Additional PCI DSS Requirements for Multi-Tenant Service Providerss", "code": "A1.2", "label": "A1.2 Multi-tenant service providers facilitate logging and incident response for all customers.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "e8e297ed-23f7-4903-be2d-0726a26031cd" }, { "category": "Requirement 9: Restrict Physical Access to Cardholder Data.", "code": "9.5", "label": "9.5 Point of interaction (POI) devices are protected from tampering and unauthorized substitution.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "ec550cfe-4f7e-4b0c-91ee-7ed3846db76a" }, { "category": "Requirement 1: Install and maintain Network Security Controls", "code": "1.5", "label": "1.5 Risks to the CDE from computing devices that are able to connect to both untrusted networks and the CDE are mitigated.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "efdaa881-863d-470a-b6fb-32b32a671145" }, { "category": "Requirement 9: Restrict Physical Access to Cardholder Data.", "code": "9.3", "label": "9.3 Physical access for personnel and visitors is authorized and managed.", "referential": "17e0d3f8-4808-4413-94ff-2cd2a217590e", "referential_label": "PCI DSS 4.0", "uuid": "fa1e1209-7b93-43e9-bace-461cbcf0f639" } ], "version": 1 } 2022-08-09T06:03:26.116327+00:00 https://objects.monarc.lu/object/get/5230 2024-05-02T13:22:55.408165+00:00 Various contributors { "authors": [ "Jeremy Dannenmuller" ], "label": "ISO/IEC 27701 [2019]", "language": "EN", "refs": "https://www.iso.org/standard/71670.html", "uuid": "f65b378c-ab20-4651-825b-4da34944b519", "values": [ { "category": "Information security aspects of business continuity management", "code": "6.14.2.1", "label": "Availability of information processing facilities", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "00cb20cc-21a0-417a-9782-ed6587f1d6f5" }, { "category": "Information security policies", "code": "6.2.1.1", "label": "Policies for information security", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "0225b44b-be7a-4cce-a4db-1d804e4d47c8" }, { "category": "Improvement", "code": "5.8.2", "label": "Continual improvement", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "029a9fae-c6a4-4b3c-8487-2ed20996a951" }, { "category": "Communication security", "code": "6.10.2.3", "label": "Electronic messaging", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "0320a79e-6c9f-45e3-90a0-c360e8f57b45" }, { "category": "PII sharing transfer and disclosure", "code": "B.8.5.8", "label": "Change of subcontractor to process PII", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "0637458d-cb4d-47aa-9553-d3e86757aaaa" }, { "category": "Physical and environment security", "code": "6.8.1.3", "label": "Securing offices rooms and facilities", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "066dee47-1f12-4243-94bd-a89fbde7fd31" }, { "category": "Conditions for collection and processing", "code": "A.7.2.3", "label": "Determine when and how consent is to be obtained", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "06c65ef3-fc74-4e9f-b923-bc4b8da06454" }, { "category": "Asset Management", "code": "6.5.1.2", "label": "Ownership of Assets", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "06eed3d5-8e62-42ff-a727-aee4d27a21a3" }, { "category": "Access control", "code": "6.6.2.2", "label": "User access provisionning", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "0769cff8-adbc-4d3a-921d-622fbce40473" }, { "category": "Organisation of information security", "code": "6.3.1.2", "label": "Segregation of duties", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "085873ce-e760-40cd-80a4-6f402785696f" }, { "category": "Obligations to PII principals", "code": "A.7.3.2", "label": "Determining information for PII principals", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "087dde64-823a-495c-92ec-8a282577821f" }, { "category": "Context of the organization", "code": "5.2.4", "label": "Information security management system", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "0af7c1ab-dad9-4aa2-aefb-4e5dbf4805c7" }, { "category": "Access control", "code": "6.6.4.2", "label": "Secure log-on procedures", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "0d503be4-a66d-4f49-b960-a987f6aface6" }, { "category": "Organisation of information security", "code": "6.3.1.5", "label": "Information security in project management", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "0e6f5f89-2755-4448-8183-da973df45b83" }, { "category": "PII sharing transfer and disclosure", "code": "B.8.5.1", "label": "Basis for PII transfer between jurisdictions", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "0f6b0b0e-403e-4695-9c32-8bdd4ad17718" }, { "category": "Asset Management", "code": "6.5.1.1", "label": "Inventory of Assets", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "0fd4927b-596a-42f6-b155-052785edbfc5" }, { "category": "Operations security", "code": "6.9.1.3", "label": "Capacity management", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "103a6955-e9f8-4b66-91ba-bf2cc0e0e8fe" }, { "category": "Compliance", "code": "6.15.1.2", "label": "Intellectual property rights", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "1285dd9e-108d-4ecf-bccf-8a3f4807963a" }, { "category": "Privacy by design and privacy by default", "code": "B.8.4.3", "label": "PII transmission controls", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "1416da16-528c-45f4-b1b9-6a305ae1c81f" }, { "category": "Systems acquisition development and maintenance", "code": "6.11.2.6", "label": "Secure Development Environment", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "16b30180-3754-43da-8bdb-9528fc5e6cde" }, { "category": "Asset Management", "code": "6.5.1.4", "label": "Return of Assets", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "18c97f9e-20c9-48a4-b1db-b3ba08a6fd4a" }, { "category": "Systems acquisition development and maintenance", "code": "6.11.2.8", "label": "System security testing", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "190024e1-afae-4346-b094-9f84f6d2e759" }, { "category": "Human resources security", "code": "6.4.1.2", "label": "Terms and conditions of employment", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "19e032bb-b8b3-40a1-b976-4ac29f8ef613" }, { "category": "Privacy by design and privacy by default", "code": "A.7.4.6", "label": "Temporary files", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "1ad68deb-f72a-4f4c-816b-fb755544777e" }, { "category": "Compliance", "code": "6.15.2.2", "label": "Compliance with security policies and standards", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "1bdbc783-3069-42f5-a4f7-745c0290be02" }, { "category": "Systems acquisition development and maintenance", "code": "6.11.2.2", "label": "System change control procedures", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "1d0c7281-35c6-403c-9c9b-40e9826e73e3" }, { "category": "Compliance", "code": "6.15.1.5", "label": "Regulation of cryptographic controls", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "1d6c8b29-418c-4a68-89e8-55ce63bed691" }, { "category": "Access control", "code": "6.6.2.1", "label": "User registration and de-registration", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "1ee8390e-ebeb-4253-ae87-49358ff8730f" }, { "category": "Conditions for collection and processing", "code": "A.7.2.4", "label": "Obtain and record consent", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "1f597457-a336-4e09-b660-2a680154b8b0" }, { "category": "Support", "code": "5.5.1", "label": "Resources", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "1fc549c9-c0dd-407a-9648-c3fe0869bc67" }, { "category": "Access control", "code": "6.6.4.5", "label": "Access control to program source code", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "203fb144-2604-4162-b5c9-f40d22ba2fee" }, { "category": "Information security incident management", "code": "6.13.1.7", "label": "Collection of evidence", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "238e2cbd-9c07-4f08-b2f5-1f43df4a4c11" }, { "category": "Improvement", "code": "5.8.1", "label": "Nonconformity and corrective action", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "256ae75a-a97f-46c8-b022-e4525a52c177" }, { "category": "Access control", "code": "6.6.2.4", "label": "Management of secret authentication information of users", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "27b2e55d-2709-4a74-b75f-89ffa80b0096" }, { "category": "Actions to address risks and opportunities", "code": "5.4.1.2", "label": "Information Security Risk Assessment", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "28849802-7b7e-46dd-b720-b2bc4db6a67b" }, { "category": "Organisation of information security", "code": "6.3.1.4", "label": "Contact with special interest groups", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "2a8bce28-154e-4d0d-b829-fee0cd93f861" }, { "category": "Information security aspects of business continuity management", "code": "6.14.1.3", "label": "Verify review and evaluate information security continuity", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "2a93cf52-ffa5-4da5-85b2-ad39d456cb0d" }, { "category": "Information security policies", "code": "6.2.1.2", "label": "Review of the policies for information security", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "2abce681-3b58-4c4f-ae56-03eba536e201" }, { "category": "Physical and environment security", "code": "6.8.1.4", "label": "Protecting against external and environmental threats", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "2c979e09-e057-4cb5-b6b7-800842783110" }, { "category": "Compliance", "code": "6.15.2.1", "label": "Independent review of information security", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "2f712e97-a7bc-40cb-9552-216fd30ef148" }, { "category": "Privacy by design and privacy by default", "code": "B.8.4.2", "label": "Return transfer or disposal of PII", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "30525d18-fe33-4813-9519-7816bce5723f" }, { "category": "Information security incident management", "code": "6.13.1.1", "label": "Responsibilities and procedures", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "30817081-369d-410d-8db7-25f43a1abd43" }, { "category": "Systems acquisition development and maintenance", "code": "6.11.1.2", "label": "Securing application services on public networks", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "35ef0801-fa39-478f-94a4-cffaf3f2107c" }, { "category": "Context of the organization", "code": "5.2.3", "label": "Determining the scope of the information security management system", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "36ebd0b0-ab2d-4a7e-b98a-aa048fb6c84e" }, { "category": "Communication security", "code": "6.10.1.3", "label": "Segregation in networks", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "37d74fdf-8f6d-4197-a298-a30c646a5f53" }, { "category": "Operations security", "code": "6.9.1.2", "label": "Change management", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "389d1443-d248-4f66-b980-bbdcb50e6c15" }, { "category": "Human resources security", "code": "6.4.2.2", "label": "Information security awareness education and training", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "3a003a78-d047-4ac0-941c-7ad67491d421" }, { "category": "Conditions for collection and processing", "code": "A.7.2.6", "label": "Contracts with PII processors", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "3bbc82c8-7c23-4e11-9c3d-c8a8c19dd08c" }, { "category": "Privacy by design and privacy by default", "code": "A.7.4.2", "label": "Limit processing", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "3dafed59-ef7c-43fc-814c-a17c832b319f" }, { "category": "Physical and environment security", "code": "6.8.1.2", "label": "Physical entry controls", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "3f68a76b-6c1d-4fcb-952e-c2e9de3d9363" }, { "category": "Support", "code": "5.5.2", "label": "Competence", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "3fa8deba-8222-473b-b966-dff98dd64a3e" }, { "category": "Human resources security", "code": "6.4.1.1", "label": "Screening", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "40d912e5-c0d5-44c6-90eb-bdd3a9f7d5c4" }, { "category": "Obligations to PII principals", "code": "A.7.3.8", "label": "Providing copy of PII processed", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "442e6409-082e-4613-b000-49d141240fc5" }, { "category": "Systems acquisition development and maintenance", "code": "6.11.2.3", "label": "Technical review of applications after operating platform changes", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "4607f451-23b6-40ed-89f2-71cb91a4d282" }, { "category": "Support", "code": "5.5.5.2", "label": "Creating and updating", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "4630e54e-2bfb-462e-b88d-4392efe7f276" }, { "category": "Support", "code": "5.5.3", "label": "Awareness", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "466033e1-6c60-4db2-bf61-ebcae6645a0b" }, { "category": "Operation", "code": "5.6.2", "label": "Information security risk assessment", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "4c9f0ab8-778b-4c94-aea9-68921b5ad148" }, { "category": "Communication security", "code": "6.10.2.2", "label": "Agreements on information transfer", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "4cfd17b6-5841-4fa7-8d3b-227af4d3b652" }, { "category": "Context of the organization", "code": "5.2.1", "label": "Understanding the organization and its context", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "514811fc-ca1a-49be-89cc-57f0042a77aa" }, { "category": "Cryptography", "code": "6.7.1.1", "label": "Policy on the use of cryptographic controls", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "53e91bf7-76ed-4cb8-b308-21f1dbd52aa3" }, { "category": "Information security incident management", "code": "6.13.1.2", "label": "Reporting information security events", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "54d38b77-2e5c-4c4e-b47b-b936518e8094" }, { "category": "Access control", "code": "6.6.3.1", "label": "Use of secret authentication information", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "55f0123d-1c82-4352-8700-03a66e9d72fc" }, { "category": "Privacy by design and privacy by default", "code": "A.7.4.5", "label": "PII de-identification and deletion at the end of processing", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "56844655-7f50-46ec-bfc1-6d40fa74b31b" }, { "category": "PII sharing transfer and disclosure", "code": "B.8.5.5", "label": "Legally binding PII disclosures", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "56dc629e-506a-4502-b42d-a49e72ed7ec9" }, { "category": "Physical and environment security", "code": "6.8.1.5", "label": "Working in secure areas", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "58c52280-09b2-4c91-ab59-eb995f5688fd" }, { "category": "Access control", "code": "6.6.1.1", "label": "Access control policy", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "5cdeff98-2016-4d39-858e-3fc915185b52" }, { "category": "Organisation of information security", "code": "6.3.1.1", "label": "Information security roles and responsibilities", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "64cdbec6-e81c-4baf-92bf-1ce53cf3d8b2" }, { "category": "Support", "code": "5.5.5.1", "label": "General", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "65f112a9-3b20-4f18-950b-085d0be3f114" }, { "category": "Operations security", "code": "6.9.6.2", "label": "Restrictions on software installation", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "66d4273e-98cd-4d08-9acb-08ba787db13a" }, { "category": "Support", "code": "5.5.5.3", "label": "Control of documented information", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "6780dda7-2c33-496b-81e3-9d868f47b61d" }, { "category": "Physical and environment security", "code": "6.8.2.9", "label": "Clear desk and clear screen policy", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "67d95c58-fdf0-439d-8ce6-277238136141" }, { "category": "Operations security", "code": "6.9.5.1", "label": "Installation of software on operational systems", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "6a78d184-cc44-461e-af3d-3ebc8380b78f" }, { "category": "Systems acquisition development and maintenance", "code": "6.11.2.7", "label": "Outsourced development", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "6ac5a193-c021-4df4-abd1-bb0aed4af36a" }, { "category": "Information security incident management", "code": "6.13.1.4", "label": "Assessment of and decision on information security events", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "6c50d8a4-6793-479b-84af-f3cf94fe4102" }, { "category": "Information security incident management", "code": "6.13.1.3", "label": "Reporting information security weaknesses", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "6dd7fb16-a5f8-4722-9197-bf198327ed8b" }, { "category": "Human resources security", "code": "6.4.2.1", "label": "Management responsibilities", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "6ddcd365-eeca-473d-b9ad-03726ae858d8" }, { "category": "Privacy by design and privacy by default", "code": "A.7.4.3", "label": "Accuracy and quality", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "6ee51d2e-83fe-4198-8118-dc7db98515b1" }, { "category": "Operations security", "code": "6.9.1.1", "label": "Documented operating procedures", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "70a53056-137e-429a-9483-0a2e92a24fac" }, { "category": "Asset Management", "code": "6.5.3.3", "label": "Physical media transfer", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "71761dbc-aea1-4d01-b09d-abe2e67c4f1a" }, { "category": "Access control", "code": "6.6.4.4", "label": "Use of privileged utility programs", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "719158a7-c965-46e2-bed9-d273925a3fdd" }, { "category": "Operations security", "code": "6.9.4.3", "label": "Administrator and operator logs", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "7405dca3-2282-47e2-ac19-1992ff0a0228" }, { "category": "Operations security", "code": "6.9.1.4", "label": "Separation of development testing and operational environments", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "777d9c77-1093-4a4f-9c1f-ff9db9aa96c1" }, { "category": "Physical and environment security", "code": "6.8.2.4", "label": "Equipment maintenance", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "77d78b64-a53d-4a62-9b00-7bc4c6df5d99" }, { "category": "Performance Evaluation", "code": "5.7.1", "label": "Monitoring measurement analysis and evaluation", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "78bae82d-72d6-4b22-abc1-d49747a6dbad" }, { "category": "Systems acquisition development and maintenance", "code": "6.11.1.1", "label": "Information security requirements analysis and specification", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "7b804877-23cc-4f04-9979-8b6f985d04b9" }, { "category": "Performance Evaluation", "code": "5.7.2", "label": "Internal audit", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "7b8aa5d2-9afa-4e76-a038-1bb4f169fc23" }, { "category": "Privacy by design and privacy by default", "code": "A.7.4.1", "label": "Limit collection", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "7bc37de2-8b17-4965-980c-94260e7c84c9" }, { "category": "Communication security", "code": "6.10.2.4", "label": "Confidentiality or non-disclosure agreements", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "7fab270e-33dc-4df8-853b-770b47ed8b67" }, { "category": "Information security incident management", "code": "6.13.1.6", "label": "Learning from information security incidents", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "805044a1-7f8c-40b4-9a29-5a9724624a69" }, { "category": "Asset Management", "code": "6.5.3.2", "label": "Disposal of media", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "8247018f-5966-4fa1-86ed-74f89a17752d" }, { "category": "Access control", "code": "6.6.4.1", "label": "Information access restriction", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "84f2f3dc-54c0-4b96-8d27-8f2ae47a2964" }, { "category": "Compliance", "code": "6.15.2.3", "label": "Technical compliance review", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "853373dc-8dc4-451e-b100-55d42aee4ffe" }, { "category": "Asset Management", "code": "6.5.1.3", "label": "Acceptable Use of Assets", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "85b65a44-6cca-498f-ab76-1079d0bdfadc" }, { "category": "Conditions for collection and processing", "code": "B.8.2.3", "label": "Marketing and advertising use", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "8862ca92-f431-48c6-b565-fd5fb9aa46d8" }, { "category": "Organisation of information security", "code": "6.3.2.2", "label": "Teleworking", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "8bb579d1-e9c6-4883-92a9-185cb3987b66" }, { "category": "Leadership", "code": "5.3.1", "label": "Leadership and commitment", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "8d3a8ce7-3c35-4aed-8143-32f5d2279054" }, { "category": "Leadership", "code": "5.3.2", "label": "Policy", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "8d6462fd-5a10-4847-92d1-da2585439e5e" }, { "category": "Privacy by design and privacy by default", "code": "A.7.4.4", "label": "PII minimization objectives", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "8e26c999-8f20-4cfc-8682-3d14c4d8315d" }, { "category": "Conditions for collection and processing", "code": "A.7.2.8", "label": "Records related to processing PII", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "8e697e5d-c974-44eb-b973-d6c8ba916725" }, { "category": "Asset Management", "code": "6.5.2.3", "label": "Handling of Assets", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "8f246d95-7e65-4fdf-a9bd-a567e537843e" }, { "category": "Context of the organization", "code": "5.2.2", "label": "Understanding the needs and expectations of interested parties", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "8f6ef571-4efe-4df1-bca5-92af7e966240" }, { "category": "Systems acquisition development and maintenance", "code": "6.11.2.1", "label": "Secure development policy", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "8fa447dd-b5e2-4be0-9784-4386ba03abf5" }, { "category": "Asset Management", "code": "6.5.2.1", "label": "Classification of information", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "91bd3542-b178-4c2e-a62e-ba5d37360ca4" }, { "category": "Systems acquisition development and maintenance", "code": "6.11.1.3", "label": "Protecting application services transactions", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "92cc1326-12da-4199-b805-9dfb5a6f5870" }, { "category": "Supplier relationships", "code": "6.12.2.2", "label": "Managing changes to supplier services", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "94aa96fa-a2fa-4507-bec5-05fe0db41b9f" }, { "category": "Information security objectives and planning to achieve them", "code": "5.4.2", "label": "Information security objectives and planning to achieve them", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "9a30e1ba-93d3-4e96-b8d9-663f2720e90a" }, { "category": "PII sharing transfer and disclosure", "code": "B.8.5.3", "label": "Records of PII disclosure to third parties", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "9b1c4774-db02-4e14-9b1b-c4fc81438413" }, { "category": "Access control", "code": "6.6.2.3", "label": "Management of privileged access rights", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "9bb3a441-d077-49a3-a20f-c91f431104e3" }, { "category": "PII sharing transfer and disclosure", "code": "A.7.5.2", "label": "Countries and international organizations to which PII can be transferred", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "9cc453f9-ec65-4091-b72f-c4411023de64" }, { "category": "Supplier relationships", "code": "6.12.1.3", "label": "Information and communication technology supply chain", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "9d3cc972-695b-4700-b0ad-a53891329322" }, { "category": "Cryptography", "code": "6.7.1.2", "label": "Key management", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "9eac1198-8099-4b6c-931c-f59fbc2ec30e" }, { "category": "Human resources security", "code": "6.4.2.3", "label": "Disciplinary procedures", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "9f509e16-fd65-4121-8144-c2403c924dfb" }, { "category": "PII sharing transfer and disclosure", "code": "B.8.5.6", "label": "Disclosure of subcontractors used to process PII", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "a0091b82-4864-49dc-a885-a27cd933d4aa" }, { "category": "Operations security", "code": "6.9.2.1", "label": "Controls against malware", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "a0494662-1835-44f8-b600-df2d2bcdaf7f" }, { "category": "Obligations to PII principals", "code": "A.7.3.6", "label": "Access correction and/or erasure", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "a1141b2f-868c-4c8c-bb32-911732b9adf9" }, { "category": "Leadership", "code": "5.3.3", "label": "Organizational roles responsibilities and authorities", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "a3a2049e-f29c-4bae-9c23-d791feba7e0e" }, { "category": "Support", "code": "5.5.4", "label": "Communication", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "a3d0ca70-89d8-4e54-9ced-20159cf4e3bd" }, { "category": "Compliance", "code": "6.15.1.3", "label": "Protection of records", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "a66fa2a1-6237-4552-abd5-be6df3856d09" }, { "category": "Access control", "code": "6.6.4.3", "label": "Password management system", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "a681fb35-04d6-4adc-bde8-b044a26c970d" }, { "category": "Compliance", "code": "6.15.1.4", "label": "Privacy and protection of personally identifiable information", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "a77afead-e763-41a6-a803-af6b3d0a2cb2" }, { "category": "Supplier relationships", "code": "6.12.1.2", "label": "Addressing security within supplier agreements", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "a793e4bc-6bd9-49a4-8c4b-4933dc7d2238" }, { "category": "Information security aspects of business continuity management", "code": "6.14.1.2", "label": "Implementing information security continuity", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "a86710e7-c5bf-4fa7-a311-8757ab2b801b" }, { "category": "Operations security", "code": "6.9.4.1", "label": "Event logging", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "a87901f1-5d34-46af-afc7-0375e59721f6" }, { "category": "Supplier relationships", "code": "6.12.1.1", "label": "Information security policy for supplier relationships", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "a943f47f-6996-4490-b45d-9c427942c0a7" }, { "category": "Conditions for collection and processing", "code": "B.8.2.2", "label": "Organization's purposes", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "a9d08b54-382a-4116-93a0-39d34495c711" }, { "category": "Systems acquisition development and maintenance", "code": "6.11.2.5", "label": "Secure systems engineering principles", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "af4c64b8-fc6e-4bd7-8679-3cc0d3c31480" }, { "category": "Obligations to PII principals", "code": "A.7.3.9", "label": "Handling requests", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "b00f4fa5-5643-4b69-8d58-377007ed3696" }, { "category": "Conditions for collection and processing", "code": "B.8.2.4", "label": "Infringing instruction", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "b1bfc4bc-db05-4d94-9273-382562faefcd" }, { "category": "Obligations to PII principals", "code": "A.7.3.7", "label": "PII controllers' obligations to inform third parties", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "b40b6f97-5f9b-4f0e-ae6f-317172cd942b" }, { "category": "Operations security", "code": "6.9.3.1", "label": "Information backup", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "b44c628f-e837-44d0-8392-8f936f8e86e4" }, { "category": "Obligations to PII principals", "code": "A.7.3.3", "label": "Providing information to PII principals", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "b455a728-91ac-4a9e-bb29-ecd4505fa37b" }, { "category": "Conditions for collection and processing", "code": "A.7.2.5", "label": "Privacy impactassessment", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "b476a2b4-7eee-4e79-8910-d9e309d8c759" }, { "category": "Physical and environment security", "code": "6.8.1.6", "label": "Delivery and loading areas", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "b570b846-c1fb-4a9d-8f79-5dac6e4e5d87" }, { "category": "Operations security", "code": "6.9.6.1", "label": "Management of technical vulnerabilities", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "b5c16404-bcfc-4756-8e42-8ba590803215" }, { "category": "Obligations to PII principals", "code": "A.7.3.1", "label": "Determining and fulfilling obligations to PII principals", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "bca25a95-8ac6-4b8f-857a-e7ceb72101dd" }, { "category": "Performance Evaluation", "code": "5.7.3", "label": "Management review", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "bd47b036-1585-4f1f-a648-66f681971779" }, { "category": "Access control", "code": "6.6.2.5", "label": "Review of user access rights", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "bef5cb25-c14c-473a-b987-1faad4c6be6e" }, { "category": "Obligations to PII principals", "code": "A.7.3.4", "label": "Providing mechanism to modify or withdraw consent", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "c0b08efb-ff1b-4c47-8cb6-c78860818c90" }, { "category": "Obligations to PII principals", "code": "A.7.3.10", "label": "Automated decision making", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "c1301d3d-096c-412b-9fc4-80bf6bd2ce4c" }, { "category": "PII sharing transfer and disclosure", "code": "A.7.5.1", "label": "Identify basis for PII transfer between jurisdictions", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "c1975c78-d5c7-4294-b794-7bf70c443cdf" }, { "category": "Supplier relationships", "code": "6.12.2.1", "label": "Monitoring and review of supplier services", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "c293ea96-ba7c-4c2c-b8f2-34b2fd13c6b7" }, { "category": "Conditions for collection and processing", "code": "A.7.2.2", "label": "Identify lawful basis", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "c4709dc0-24a8-4e1d-962c-2fafb958de37" }, { "category": "Actions to address risks and opportunities", "code": "5.4.1.1", "label": "Actions to address risks and opportunities - General", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "c4d6e81f-91e4-4c90-afa2-433afaad05f4" }, { "category": "Organisation of information security", "code": "6.3.2.1", "label": "Mobile device policy", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "c690cf3c-e020-450d-865e-32fdc36a609f" }, { "category": "Physical and environment security", "code": "6.8.2.7", "label": "Secure disposal or re-use of equipment", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "c6923895-042d-4e83-bd6e-9195e74e3188" }, { "category": "Physical and environment security", "code": "6.8.1.1", "label": "Physical security perimeter", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "c7790c91-5a58-4d1f-9df1-942d4a3ef273" }, { "category": "Operations security", "code": "6.9.7.1", "label": "Information systems audit controls", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "c8ec4174-841c-4de4-9685-342e1933351c" }, { "category": "PII sharing transfer and disclosure", "code": "A.7.5.3", "label": "Records of transfer of PII", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "c8feff26-b7e6-4fc0-8067-978ab64f096e" }, { "category": "Privacy by design and privacy by default", "code": "A.7.4.9", "label": "PII transmission controls", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "cc79433d-bd1b-40eb-9960-5fae6ee09216" }, { "category": "PII sharing transfer and disclosure", "code": "B.8.5.2", "label": "Countries and international organizations to which PII can be transferred", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "cca8434a-1f0f-48ec-9358-2f3ee5a712da" }, { "category": "Conditions for collection and processing", "code": "A.7.2.1", "label": "Identify and document purpose", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "cd1267a3-0a09-402c-ada9-85c9291aac26" }, { "category": "Systems acquisition development and maintenance", "code": "6.11.3.1", "label": "Protection of test data", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "cdb15fe9-9808-4749-8747-c284018cccf0" }, { "category": "Information security aspects of business continuity management", "code": "6.14.1.1", "label": "Planning information security continuity", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "cfec872a-4fb3-4364-91dc-475236cc2f93" }, { "category": "Privacy by design and privacy by default", "code": "B.8.4.1", "label": "Temporary files", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "d16fc0f9-ab36-49b6-a4ad-4d8d0120f0a1" }, { "category": "Operations security", "code": "6.9.4.2", "label": "Protection of log information", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "d21603d6-f97e-4b20-bdf6-7bf5248277cb" }, { "category": "Conditions for collection and processing", "code": "B.8.2.5", "label": "Customer obligations", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "d2b79e78-5e9b-4a6d-94f7-855274b7831f" }, { "category": "Asset Management", "code": "6.5.2.2", "label": "Labelling of information", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "d313624f-8213-4f20-b536-b859e8b8c429" }, { "category": "Systems acquisition development and maintenance", "code": "6.11.2.9", "label": "System acceptance testing", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "d3f5b543-cd6b-4645-8395-e9d00cfdbeb6" }, { "category": "Obligations to PII principals", "code": "A.7.3.5", "label": "Providing mechanism to object to PIIprocessing", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "d462468f-b212-4c90-aed2-18dc60db95ce" }, { "category": "Conditions for collection and processing", "code": "B.8.2.1", "label": "Customer agreement", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "d5cde1bc-d630-4a7e-b7c0-04dbae6bff30" }, { "category": "Communication security", "code": "6.10.2.1", "label": "Information transfer policies and procedures", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "d649f805-1142-4fcf-a119-ae76f392708a" }, { "category": "PII sharing transfer and disclosure", "code": "B.8.5.4", "label": "Notification of PII disclosure requests", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "d9273c35-a712-46b9-9754-b96cb49d2332" }, { "category": "Conditions for collection and processing", "code": "B.8.2.6", "label": "Records related to processing PII", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "d9a470ad-a071-4ace-9662-8dc18a96b361" }, { "category": "Operations security", "code": "6.9.4.4", "label": "Clock synchronisation", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "d9e0e545-7b42-4899-8e56-7f9fc6fce85f" }, { "category": "Physical and environment security", "code": "6.8.2.8", "label": "Unattended user equipment", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "d9e2a570-4155-4970-88d7-809179ac7f31" }, { "category": "Privacy by design and privacy by default", "code": "A.7.4.8", "label": "Disposal", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "db2c9e1b-aac1-418c-911e-00eb01cdef6c" }, { "category": "PII sharing transfer and disclosure", "code": "B.8.5.7", "label": "Engagement of a subcontractor to process PII", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "dccd6bfd-aff7-4b01-8004-4d7eb3348484" }, { "category": "Physical and environment security", "code": "6.8.2.1", "label": "Equipment siting and protection", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "dcf6c663-23fc-450b-8d46-be3c48bc049a" }, { "category": "Information security incident management", "code": "6.13.1.5", "label": "Response to information security incidents", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "dd2c4b83-0077-4f70-99b1-74127969c19b" }, { "category": "Human resources security", "code": "6.4.3.1", "label": "Termination or change of employment responsibilities", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "dd48169a-e980-4e58-804b-fb283786415c" }, { "category": "Communication security", "code": "6.10.1.1", "label": "Network controls", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "de3adccd-edfe-4379-9b4a-f8243baa6afc" }, { "category": "PII sharing transfer and disclosure", "code": "A.7.5.4", "label": "Records of PII disclosure to third parties", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "df68917b-f26e-4511-92c1-3b77be11df0f" }, { "category": "Privacy by design and privacy by default", "code": "A.7.4.7", "label": "Retention", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "e1ea896d-cf46-4a7a-a1ad-a4c3ea188866" }, { "category": "Obligations to PII principals", "code": "B.8.3.1", "label": "Obligations to PII principals", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "e7247cf7-a80b-4f1d-a32b-9ddd79a84371" }, { "category": "Physical and environment security", "code": "6.8.2.3", "label": "Cabling security", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "e7f6a752-9122-47cd-a52b-6c6ee7e182f5" }, { "category": "Actions to address risks and opportunities", "code": "5.4.1.3", "label": "Information Security Risk Treatment", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "e9ba3458-e01f-43e0-9883-7b53a2c8b1a3" }, { "category": "Access control", "code": "6.6.2.6", "label": "Removal or adjustment of access rights", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "ea2ec9a6-269a-4e38-a90c-381528893d06" }, { "category": "Organisation of information security", "code": "6.3.1.3", "label": "Contact with authorities", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "ea53cbc7-bec8-472b-9468-6389ea53e786" }, { "category": "Operation", "code": "5.6.3", "label": "Information security risk treatment", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "ec5da672-3770-4120-a041-b61b09b84757" }, { "category": "Physical and environment security", "code": "6.8.2.6", "label": "Security of equipment and assets off-premises", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "edebd5a7-ebb3-4942-8b72-60293b1ec524" }, { "category": "Operation", "code": "5.6.1", "label": "Operational planning and control", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "ee177f90-a062-4d24-aea7-a7e1098ad3e4" }, { "category": "Physical and environment security", "code": "6.8.2.2", "label": "Supporting utilities", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "f08bfc02-4466-4378-ac24-73247e695667" }, { "category": "Systems acquisition development and maintenance", "code": "6.11.2.4", "label": "Restrictions on changes to software packages", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "f1645c93-2336-4729-9c68-dc77341e7112" }, { "category": "Compliance", "code": "6.15.1.1", "label": "Identification of applicable legislation and contractual requirements", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "f3db84e6-5546-48db-bd12-86b56490ace5" }, { "category": "Access control", "code": "6.6.1.2", "label": "Access to networks and network services", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "f943a311-075b-4282-bf24-cf36b7aff54d" }, { "category": "Physical and environment security", "code": "6.8.2.5", "label": "Removal of assets", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "f98a71be-5dd2-4124-82d5-1a533516c8a3" }, { "category": "Communication security", "code": "6.10.1.2", "label": "Security of network services", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "fae6cccf-0765-4894-9914-5983325e39e1" }, { "category": "Conditions for collection and processing", "code": "A.7.2.7", "label": "Joint PII controller", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "fcd65733-75b3-4c48-b066-783a2766fa71" }, { "category": "Asset Management", "code": "6.5.3.1", "label": "Management of removable media", "referential": "f65b378c-ab20-4651-825b-4da34944b519", "referential_label": "ISO 27701", "uuid": "fe333449-ff0e-46ff-845a-deace938868b" } ], "version": 1, "version_ext": "2019" } 2022-08-09T06:08:41.149569+00:00 https://objects.monarc.lu/object/get/5232 2024-05-02T13:22:55.407437+00:00 Various contributors { "label": "ISO/IEC 27701 [2019] - ISO/IEC 27002 [2022]", "refs": [ "" ], "security referentials UUID": [ "f65b378c-ab20-4651-825b-4da34944b519", "831acc76-2bcc-4376-836a-f6b0ee6df568" ], "uuid": "8eea2cb4-7879-48be-8eac-ff0bb939e151", "values": [ { "control": "16b30180-3754-43da-8bdb-9528fc5e6cde", "match": "00383120-11a9-4b95-bfb9-47b3d4975bcb" }, { "control": "777d9c77-1093-4a4f-9c1f-ff9db9aa96c1", "match": "00383120-11a9-4b95-bfb9-47b3d4975bcb" }, { "control": "d313624f-8213-4f20-b536-b859e8b8c429", "match": "006fc402-2bba-4bcb-85b6-7bb9de4c54cd" }, { "control": "e7f6a752-9122-47cd-a52b-6c6ee7e182f5", "match": "00e9c4c9-c718-4834-a312-c08abb03838c" }, { "control": "67d95c58-fdf0-439d-8ce6-277238136141", "match": "069bd61a-62a9-4158-b5f9-59e4ee0c8614" }, { "control": "2c979e09-e057-4cb5-b6b7-800842783110", "match": "07285d43-9ee2-406b-a9fa-3ad36650054b" }, { "control": "30817081-369d-410d-8db7-25f43a1abd43", "match": "07e0fb5e-7b82-4f85-b7c7-d22b205436b1" }, { "control": "77d78b64-a53d-4a62-9b00-7bc4c6df5d99", "match": "096b291e-bded-40aa-a3f7-492bcc5dcf4c" }, { "control": "a793e4bc-6bd9-49a4-8c4b-4933dc7d2238", "match": "0a23f517-b172-47b2-bc0a-0f693d2900b0" }, { "control": "6c50d8a4-6793-479b-84af-f3cf94fe4102", "match": "0aa214a8-51a6-45df-a279-03f04ea5c19e" }, { "control": "71761dbc-aea1-4d01-b09d-abe2e67c4f1a", "match": "1167decd-0e55-4359-8fb2-599c490d89fa" }, { "control": "8247018f-5966-4fa1-86ed-74f89a17752d", "match": "1167decd-0e55-4359-8fb2-599c490d89fa" }, { "control": "f98a71be-5dd2-4124-82d5-1a533516c8a3", "match": "1167decd-0e55-4359-8fb2-599c490d89fa" }, { "control": "fe333449-ff0e-46ff-845a-deace938868b", "match": "1167decd-0e55-4359-8fb2-599c490d89fa" }, { "control": "3f68a76b-6c1d-4fcb-952e-c2e9de3d9363", "match": "14667423-4f22-49dd-a0fc-bbf3c25597d3" }, { "control": "b570b846-c1fb-4a9d-8f79-5dac6e4e5d87", "match": "14667423-4f22-49dd-a0fc-bbf3c25597d3" }, { "control": "53e91bf7-76ed-4cb8-b308-21f1dbd52aa3", "match": "1a0fe2b2-4401-4d3d-b4a2-53d7d95a76c9" }, { "control": "9eac1198-8099-4b6c-931c-f59fbc2ec30e", "match": "1a0fe2b2-4401-4d3d-b4a2-53d7d95a76c9" }, { "control": "805044a1-7f8c-40b4-9a29-5a9724624a69", "match": "1c03c68f-29a0-4606-b99d-072491f53e96" }, { "control": "0d503be4-a66d-4f49-b960-a987f6aface6", "match": "1d9e4229-e86e-4cb1-8e63-fd30711040dd" }, { "control": "0320a79e-6c9f-45e3-90a0-c360e8f57b45", "match": "1fbd96df-158c-47a2-8dc5-a22c6f915a79" }, { "control": "4cfd17b6-5841-4fa7-8d3b-227af4d3b652", "match": "1fbd96df-158c-47a2-8dc5-a22c6f915a79" }, { "control": "d649f805-1142-4fcf-a119-ae76f392708a", "match": "1fbd96df-158c-47a2-8dc5-a22c6f915a79" }, { "control": "a943f47f-6996-4490-b45d-9c427942c0a7", "match": "239e3bca-0b4b-4692-9ba1-9e2a73d6cc40" }, { "control": "c690cf3c-e020-450d-865e-32fdc36a609f", "match": "26f82aa2-2a5b-49d9-92dd-53a2d98d743f" }, { "control": "d9e2a570-4155-4970-88d7-809179ac7f31", "match": "26f82aa2-2a5b-49d9-92dd-53a2d98d743f" }, { "control": "c7790c91-5a58-4d1f-9df1-942d4a3ef273", "match": "26fbd0ef-28da-4930-850f-8519da290fd4" }, { "control": "8bb579d1-e9c6-4883-92a9-185cb3987b66", "match": "276430e7-47c5-461b-a5c4-7b46dae11759" }, { "control": "94aa96fa-a2fa-4507-bec5-05fe0db41b9f", "match": "307d39d8-d31f-4b55-8a0e-9632cd0e380a" }, { "control": "c293ea96-ba7c-4c2c-b8f2-34b2fd13c6b7", "match": "307d39d8-d31f-4b55-8a0e-9632cd0e380a" }, { "control": "2a8bce28-154e-4d0d-b829-fee0cd93f861", "match": "33aa534c-482a-4503-919c-635ac65d084e" }, { "control": "de3adccd-edfe-4379-9b4a-f8243baa6afc", "match": "3cfb677a-cc3c-437d-aabf-c0ad88d740a5" }, { "control": "1285dd9e-108d-4ecf-bccf-8a3f4807963a", "match": "3d347675-c00a-4fa2-a0af-a5b66cbd8edd" }, { "control": "8fa447dd-b5e2-4be0-9784-4386ba03abf5", "match": "3ddf1641-0529-44d2-8a23-b5811555cdd2" }, { "control": "1bdbc783-3069-42f5-a4f7-745c0290be02", "match": "3ff683de-9ca5-482d-8423-06d4d8e315a3" }, { "control": "853373dc-8dc4-451e-b100-55d42aee4ffe", "match": "3ff683de-9ca5-482d-8423-06d4d8e315a3" }, { "control": "2f712e97-a7bc-40cb-9552-216fd30ef148", "match": "41d38a42-6f44-4561-b0a2-801095d4eec9" }, { "control": "238e2cbd-9c07-4f08-b2f5-1f43df4a4c11", "match": "432a79d3-45e9-477e-b63a-ab7566bb8590" }, { "control": "c6923895-042d-4e83-bd6e-9195e74e3188", "match": "43e73ea3-8fcd-455c-b05e-c5d8a747ec33" }, { "control": "0e6f5f89-2755-4448-8183-da973df45b83", "match": "45d81142-d8b8-45c5-811b-8a636c404af8" }, { "control": "7b804877-23cc-4f04-9979-8b6f985d04b9", "match": "45d81142-d8b8-45c5-811b-8a636c404af8" }, { "control": "066dee47-1f12-4243-94bd-a89fbde7fd31", "match": "474fedbd-0b89-436c-ac04-41c21d6e7420" }, { "control": "fae6cccf-0765-4894-9914-5983325e39e1", "match": "47ad87a1-dd3e-443e-8d82-2ec782979637" }, { "control": "06eed3d5-8e62-42ff-a727-aee4d27a21a3", "match": "48ecb62f-f73d-4c65-a8e4-2fa831346a70" }, { "control": "0fd4927b-596a-42f6-b155-052785edbfc5", "match": "48ecb62f-f73d-4c65-a8e4-2fa831346a70" }, { "control": "af4c64b8-fc6e-4bd7-8679-3cc0d3c31480", "match": "497618e9-e495-42b6-b04e-21801f9c01f7" }, { "control": "70a53056-137e-429a-9483-0a2e92a24fac", "match": "4c41ffb8-fbf4-48b7-9e16-52293fbcc3c3" }, { "control": "91bd3542-b178-4c2e-a62e-ba5d37360ca4", "match": "4ca57d37-8fc9-4d15-b6a7-64416a520ac1" }, { "control": "66d4273e-98cd-4d08-9acb-08ba787db13a", "match": "5773b0a9-8687-4802-9f19-2d1fba45e6a5" }, { "control": "6a78d184-cc44-461e-af3d-3ebc8380b78f", "match": "5773b0a9-8687-4802-9f19-2d1fba45e6a5" }, { "control": "edebd5a7-ebb3-4942-8b72-60293b1ec524", "match": "68c2f82b-83a3-4aaf-9bce-c57b3f537fa6" }, { "control": "a77afead-e763-41a6-a803-af6b3d0a2cb2", "match": "6a6b0a5f-4e3a-4845-94cc-890aee7f19d9" }, { "control": "00cb20cc-21a0-417a-9782-ed6587f1d6f5", "match": "6a76bfdb-843e-4aa2-8cd7-f738f68845e4" }, { "control": "37d74fdf-8f6d-4197-a298-a30c646a5f53", "match": "6c305573-67ac-488e-882a-8e94e6373355" }, { "control": "7405dca3-2282-47e2-ac19-1992ff0a0228", "match": "6e2ed592-c992-4076-b9ec-b7e9a78a7029" }, { "control": "a87901f1-5d34-46af-afc7-0375e59721f6", "match": "6e2ed592-c992-4076-b9ec-b7e9a78a7029" }, { "control": "d21603d6-f97e-4b20-bdf6-7bf5248277cb", "match": "6e2ed592-c992-4076-b9ec-b7e9a78a7029" }, { "control": "085873ce-e760-40cd-80a4-6f402785696f", "match": "6ea4f43d-0d12-4edf-8191-bf469f25e252" }, { "control": "c8ec4174-841c-4de4-9685-342e1933351c", "match": "744146f1-5a14-43c0-b675-8c2649486f64" }, { "control": "ea53cbc7-bec8-472b-9468-6389ea53e786", "match": "7a5c4510-1d09-481b-822d-2d58745d390b" }, { "control": "cdb15fe9-9808-4749-8747-c284018cccf0", "match": "7df0a5ac-79b3-416c-8a38-c22f5c4d94d5" }, { "control": "1d6c8b29-418c-4a68-89e8-55ce63bed691", "match": "7f58e55e-17f5-4dca-a7e5-4566192fa8f1" }, { "control": "f3db84e6-5546-48db-bd12-86b56490ace5", "match": "7f58e55e-17f5-4dca-a7e5-4566192fa8f1" }, { "control": "27b2e55d-2709-4a74-b75f-89ffa80b0096", "match": "7fe8f85a-6c22-4680-b076-88d74ba5c4e3" }, { "control": "55f0123d-1c82-4352-8700-03a66e9d72fc", "match": "7fe8f85a-6c22-4680-b076-88d74ba5c4e3" }, { "control": "a681fb35-04d6-4adc-bde8-b044a26c970d", "match": "7fe8f85a-6c22-4680-b076-88d74ba5c4e3" }, { "control": "35ef0801-fa39-478f-94a4-cffaf3f2107c", "match": "8298dbd1-c18e-4f03-bb63-4867bfeaf716" }, { "control": "92cc1326-12da-4199-b805-9dfb5a6f5870", "match": "8298dbd1-c18e-4f03-bb63-4867bfeaf716" }, { "control": "19e032bb-b8b3-40a1-b976-4ac29f8ef613", "match": "83389b64-b080-4625-8e81-05174311e2d8" }, { "control": "dd2c4b83-0077-4f70-99b1-74127969c19b", "match": "865ca2d0-30e8-47f2-9f25-4256943a0d72" }, { "control": "1d0c7281-35c6-403c-9c9b-40e9826e73e3", "match": "866a0676-f2bd-4499-ba25-cd6f9466969a" }, { "control": "389d1443-d248-4f66-b980-bbdcb50e6c15", "match": "866a0676-f2bd-4499-ba25-cd6f9466969a" }, { "control": "4607f451-23b6-40ed-89f2-71cb91a4d282", "match": "866a0676-f2bd-4499-ba25-cd6f9466969a" }, { "control": "f1645c93-2336-4729-9c68-dc77341e7112", "match": "866a0676-f2bd-4499-ba25-cd6f9466969a" }, { "control": "9d3cc972-695b-4700-b0ad-a53891329322", "match": "86fdcdd5-2d94-43ad-aab1-ccc64b3e42f7" }, { "control": "9bb3a441-d077-49a3-a20f-c91f431104e3", "match": "8890016c-2883-4771-b346-2e8ec19ff2dd" }, { "control": "84f2f3dc-54c0-4b96-8d27-8f2ae47a2964", "match": "8eda18e5-8a5e-404a-9f2b-1880fa0e400d" }, { "control": "719158a7-c965-46e2-bed9-d273925a3fdd", "match": "9389f178-57cb-4b52-b464-5b983d10ae90" }, { "control": "6ddcd365-eeca-473d-b9ad-03726ae858d8", "match": "957e0fb3-f06e-4ef5-b152-f1045b3a576f" }, { "control": "8f246d95-7e65-4fdf-a9bd-a567e537843e", "match": "95882551-578c-4c0d-afe8-1dff2b251da4" }, { "control": "190024e1-afae-4346-b094-9f84f6d2e759", "match": "991f8c55-2da0-4dbf-b604-cbadc8df8389" }, { "control": "d3f5b543-cd6b-4645-8395-e9d00cfdbeb6", "match": "991f8c55-2da0-4dbf-b604-cbadc8df8389" }, { "control": "9f509e16-fd65-4121-8144-c2403c924dfb", "match": "9acaadb0-2f58-4d9b-963b-7671ed0471a6" }, { "control": "40d912e5-c0d5-44c6-90eb-bdd3a9f7d5c4", "match": "9e7bdc0e-1603-4545-a2cc-0650fe035e37" }, { "control": "a66fa2a1-6237-4552-abd5-be6df3856d09", "match": "9f8e81c8-8a90-4b5e-bcf1-ff2e8b4384e8" }, { "control": "2a93cf52-ffa5-4da5-85b2-ad39d456cb0d", "match": "a197825e-e8f5-47f5-851d-66105a6fc3b2" }, { "control": "a86710e7-c5bf-4fa7-a311-8757ab2b801b", "match": "a197825e-e8f5-47f5-851d-66105a6fc3b2" }, { "control": "cfec872a-4fb3-4364-91dc-475236cc2f93", "match": "a197825e-e8f5-47f5-851d-66105a6fc3b2" }, { "control": "dcf6c663-23fc-450b-8d46-be3c48bc049a", "match": "a3897661-541e-4c4c-9844-2981d8288ec6" }, { "control": "0225b44b-be7a-4cce-a4db-1d804e4d47c8", "match": "ac5590c1-5e43-4a29-87fb-5ba7416a0831" }, { "control": "2abce681-3b58-4c4f-ae56-03eba536e201", "match": "ac5590c1-5e43-4a29-87fb-5ba7416a0831" }, { "control": "85b65a44-6cca-498f-ab76-1079d0bdfadc", "match": "ac5590c1-5e43-4a29-87fb-5ba7416a0831" }, { "control": "203fb144-2604-4162-b5c9-f40d22ba2fee", "match": "b56726a8-3883-4893-ae75-2ba555411148" }, { "control": "3a003a78-d047-4ac0-941c-7ad67491d421", "match": "bb6eac6b-129a-4ea8-8c26-3df5e05d9680" }, { "control": "0769cff8-adbc-4d3a-921d-622fbce40473", "match": "c26bedb1-42f5-4154-8cea-b923b1103cfe" }, { "control": "bef5cb25-c14c-473a-b987-1faad4c6be6e", "match": "c26bedb1-42f5-4154-8cea-b923b1103cfe" }, { "control": "ea2ec9a6-269a-4e38-a90c-381528893d06", "match": "c26bedb1-42f5-4154-8cea-b923b1103cfe" }, { "control": "58c52280-09b2-4c91-ab59-eb995f5688fd", "match": "cb371cfa-e8d4-4a83-af29-2f8982929268" }, { "control": "1ee8390e-ebeb-4253-ae87-49358ff8730f", "match": "d2cb623e-3cc6-46fd-bbe7-3239e5fa2626" }, { "control": "6ac5a193-c021-4df4-abd1-bb0aed4af36a", "match": "d5f93f4a-eac7-4200-b90b-c02db54c76f4" }, { "control": "d9e0e545-7b42-4899-8e56-7f9fc6fce85f", "match": "dab5cccf-c67d-45b0-a3d4-89ef9f51a2f2" }, { "control": "64cdbec6-e81c-4baf-92bf-1ce53cf3d8b2", "match": "dcdebb24-3cf2-4c27-bb01-4cd04118e6f5" }, { "control": "5cdeff98-2016-4d39-858e-3fc915185b52", "match": "de075220-6acf-4ca7-837b-713b1f87f5f3" }, { "control": "f943a311-075b-4282-bf24-cf36b7aff54d", "match": "de075220-6acf-4ca7-837b-713b1f87f5f3" }, { "control": "7fab270e-33dc-4df8-853b-770b47ed8b67", "match": "e283f5ed-3a64-4bed-b479-35e4cd8173e6" }, { "control": "b44c628f-e837-44d0-8392-8f936f8e86e4", "match": "e2e52a80-4222-4f57-b471-92ce90a83ed7" }, { "control": "dd48169a-e980-4e58-804b-fb283786415c", "match": "e4ef6822-7f1f-46f8-9700-37cde17e81b8" }, { "control": "103a6955-e9f8-4b66-91ba-bf2cc0e0e8fe", "match": "e8d6402b-f022-494b-b289-3d5d98368e8e" }, { "control": "54d38b77-2e5c-4c4e-b47b-b936518e8094", "match": "ed627a92-cb52-472a-aa2e-b981f8b12de5" }, { "control": "6dd7fb16-a5f8-4722-9197-bf198327ed8b", "match": "ed627a92-cb52-472a-aa2e-b981f8b12de5" }, { "control": "a0494662-1835-44f8-b600-df2d2bcdaf7f", "match": "f331b956-c83b-47b6-a563-09222b1ae7a0" }, { "control": "b5c16404-bcfc-4756-8e42-8ba590803215", "match": "f331b956-c83b-47b6-a563-09222b1ae7a0" }, { "control": "18c97f9e-20c9-48a4-b1db-b3ba08a6fd4a", "match": "fb24425c-10df-4bc3-9b48-d72b952b92b5" }, { "control": "f08bfc02-4466-4378-ac24-73247e695667", "match": "fc66f113-3f02-4354-8610-879b5467971a" } ], "version": 1 } 2022-08-09T06:08:41.155852+00:00 https://objects.monarc.lu/object/get/5246 2024-05-02T13:22:55.406194+00:00 NC3 { "Modified": "2023-11-29T18:00:00", "Published": "2023-11-20T23:15:00", "access": { "authentication": "", "complexity": "", "vector": "" }, "assigner": "security-advisories@github.com", "cvss": 0, "cvss-time": "", "cvss-vector": "", "cwe": "Unknown", "id": "CVE-2023-48310", "impact": { "availability": "", "confidentiality": "", "integrity": "" }, "last-modified": "2023-11-29T18:00:00", "products": [], "references": [ "https://github.com/NC3-LU/TestingPlatform/security/advisories/GHSA-9fhc-f3mr-w6h6", "https://github.com/NC3-LU/TestingPlatform/commit/7b3e7ca869a4845aa7445f874c22c5929315c3a7", "https://github.com/NC3-LU/TestingPlatform/releases/tag/v2.1.1", "https://github.com/NC3-LU/TestingPlatform/security/advisories/GHSA-mmpf-rw6c-67mm" ], "summary": "TestingPlatform is a testing platform for Internet Security Standards. Prior to version 2.1.1, user input is not filtered correctly. Nmap options are accepted. In this particular case, the option to create log files is accepted in addition to a host name (and even without). A log file is created at the location specified. These files are created as root. If the file exists, the existing file is being rendered useless. This can result in denial of service. Additionally, input for scanning can be any CIDR blocks passed to nmap. An attacker can scan 0.0.0.0/0 or even local networks. Version 2.1.1 contains a patch for this issue.", "vendors": [], "vulnerable_configuration": [ "{\"id\":\"cpe:2.3:a:nc3:testing_platform:0.0.1:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:a:nc3:testing_platform:0.0.1:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:a:nc3:testing_platform:0.1.0:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:a:nc3:testing_platform:0.1.0:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:a:nc3:testing_platform:0.1.1:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:a:nc3:testing_platform:0.1.1:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:a:nc3:testing_platform:0.1.2:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:a:nc3:testing_platform:0.1.2:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:a:nc3:testing_platform:1.0.0:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:a:nc3:testing_platform:1.0.0:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:a:nc3:testing_platform:1.0.1:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:a:nc3:testing_platform:1.0.1:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:a:nc3:testing_platform:1.0.2:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:a:nc3:testing_platform:1.0.2:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:a:nc3:testing_platform:1.0.3:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:a:nc3:testing_platform:1.0.3:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:a:nc3:testing_platform:1.0.4:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:a:nc3:testing_platform:1.0.4:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:a:nc3:testing_platform:1.0.5:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:a:nc3:testing_platform:1.0.5:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:a:nc3:testing_platform:1.0.6:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:a:nc3:testing_platform:1.0.6:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:a:nc3:testing_platform:1.0.7:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:a:nc3:testing_platform:1.0.7:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:a:nc3:testing_platform:1.0.7-1:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:a:nc3:testing_platform:1.0.7-1:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:a:nc3:testing_platform:1.0.8:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:a:nc3:testing_platform:1.0.8:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:a:nc3:testing_platform:2.1.0:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:a:nc3:testing_platform:2.1.0:*:*:*:*:*:*:*\"}" ], "vulnerable_configuration_cpe_2_2": [], "vulnerable_configuration_stems": [], "vulnerable_product": [ "cpe:2.3:a:nc3:testing_platform:0.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:nc3:testing_platform:0.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:nc3:testing_platform:0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:nc3:testing_platform:0.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:nc3:testing_platform:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:nc3:testing_platform:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:nc3:testing_platform:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:nc3:testing_platform:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:nc3:testing_platform:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:nc3:testing_platform:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:nc3:testing_platform:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:nc3:testing_platform:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:nc3:testing_platform:1.0.7-1:*:*:*:*:*:*:*", "cpe:2.3:a:nc3:testing_platform:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:nc3:testing_platform:2.1.0:*:*:*:*:*:*:*" ], "vulnerable_product_stems": [] } 2023-11-30T08:33:32.738725+00:00 https://objects.monarc.lu/object/get/5250 2024-05-02T13:22:55.403580+00:00 Various contributors { "label": "TKG-SiKa2.0", "language": "DE", "uuid": "3547ca1d-abbf-42e3-8a43-b5afbee19595", "values": [ { "category": "2.1 Routing und Protokolle", "code": "SK2.1x", "label": "Es ist immer von verschiedenen Optionen immer die am sichersten einzusch\u00e4tzende L\u00f6sung von Standards und Protokollen zu implementieren", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e100", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12500" }, { "category": "2.1.1 Verschl\u00fcsselungstechnik", "code": "SK2.1.1.1x", "label": "Der TK-Anbieter muss an sicherheitsrelevanten Stellen eine Verschl\u00fcsselung von Daten nach Stand der Technik vornehmen oder des Transportweges (z.B. \u00fcber TLS). -> technische Richtlinie TR-02102", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e101", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12501" }, { "category": "2.1.1 Verschl\u00fcsselungstechnik", "code": "SK2.1.1.2x", "label": "Passw\u00f6rter m\u00fcssen nach aktuellem Stand der Technik zumindest gehasht und mit einem Salt versehen und gespeichert werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e102", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12502" }, { "category": "2.1.2 Schutz vor DoS/DDoS-Angriffen", "code": "SK2.1.2x", "label": "Der TK-Anbieter Ma\u00dfnahmen zur Abwehr (Mitigation) von DoS/DDoS-Angriffen zu treffen. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e103", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12503" }, { "category": "2.1.2.1 Resilienz der Infrastruktur gegen DoS- / DDoS-Angriffe", "code": "SK2.1.2.1x", "label": "Die Kapazit\u00e4ten von Systemen, die im Fokus von DDoS-Angriffen stehen k\u00f6nnten, m\u00fcssen so ausgelegt werden, dass ihre Funktionsf\u00e4higkeit auch bei einer mittelschweren Attacke ohne weitere Ma\u00dfnahmen weiterhin gew\u00e4hrleistet ist.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e104", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12504" }, { "category": "2.1.2.2 Schutz vor IP-Spoofing", "code": "SK2.1.2.2x", "label": "Das F\u00e4lschen von Absenderadressen muss verhindert oder erschwert werden. Die Anforderungen aus den IETF-RFCs RFC2827 und RFC3704 sind umzusetzen (Ingress filter/BCP38) .", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e105", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12505" }, { "category": "2.1.2.3 Deaktivieren nicht genutzter Dienste - eigene Systeme", "code": "SK2.1.2.3.1", "label": "Eigene Server sollten gegen Missbrauch absichert werden, indem z.B. nicht ben\u00f6tigte Dienste deaktiviert werden", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e106", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12506" }, { "category": "2.1.2.3 Deaktivieren nicht genutzter Dienste - Kunden", "code": "SK2.1.2.3.2", "label": "Kunden sollten auf offene Ports und erreichbare Dienste (selbst ermittelt oder auf Basis externer Quellen), von denen Gefahr ausgeht, hingewiesen werden", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e107", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12507" }, { "category": "2.1.2.4 Schutz betrieblich erforderlicher Dienste", "code": "SK2.1.2.4x", "label": "F\u00fcr den Netzbetrieb erforderliche Dienste m\u00fcssen durch geeignete Ma\u00dfnahmen (z.B. ACLs) und Komponenten (z.B. Paketfilter) vor DoS-/DDoS-Angriffen gesch\u00fctzt werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e108", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12508" }, { "category": "2.1.2.5 Detektion von Botnetzen", "code": "SK2.1.2.5x", "label": "Man muss unter Beachtung der Ma\u00dfgaben in \u00a7 100 Abs. 1 TKG (Nutzung von Steuerdaten,Verkehrdaten), eine geeignete Sensorik betreiben, um Botnetze zu detektieren. Datenschutzrechtliche Schutzvorschriften wie die unverz\u00fcgliche L\u00f6schung aufgezeichneter Daten und die Information des betrieblichen Datenschutzbeauftragten sind zu beachten, vgl. \u00a7 100 Abs. 2 TKG.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e109", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12509" }, { "category": "2.1.3 Gleichbehandlungsgrundsatz", "code": "SK2.1.3.1x", "label": "Datenpakete von und an Kunden muss der TK-Anbieter unver\u00e4ndert und gleichberechtigt \u00fcbertragen, unabh\u00e4ngig davon, woher diese stammen oder welche Anwendungen die Pakete generiert haben. Ausgenommen hiervon ist der VOIP-Dienst.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e110", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12510" }, { "category": "2.1.4 Inter-Domain-Routing", "code": "SK2.1.4.1x", "label": " Ma\u00dfnahmen zur Verhinderung der Manipulation von BGP-Routen sind zu treffen, beispielsweise die Verwendung von RPKI ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e111", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12511" }, { "category": "2.2 Beobachtung, Berichterstattung und Kooperation", "code": "SK2.2.1", "label": "Verkehrsdaten sollten im Rahmen der gesetzlichen M\u00f6glichkeiten (DSGVO, TKG100 Abs1 und \u00a7 109a Abs. 4 - 6 TKG) und soweit dies f\u00fcr die Erbringung des jeweiligen Dienstes erforderlich ist, regelm\u00e4\u00dfig auf Auff\u00e4lligkeiten hin beobachtet werden. Bei festgestellten Unregelm\u00e4\u00dfigkeiten sind geeignete Ma\u00dfnahmen zum Schutz zu ergreifen (z.B. Netzverkehr unterbinden, Verkehr zu St\u00f6rern einschr\u00e4nken oder unterbinden).", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e112", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12512" }, { "category": "2.2.1 Implementierung einer Monitoring-Infrastruktur", "code": "SK2.2.1.1x", "label": "Eine geeignete Monitoring Infrastruktur (MI) muss vorgehalten werden. Diese sollte dazu in der Lage sein, fortw\u00e4hrend Bedrohungen zu identifizieren und zu vermeiden. Die MI muss alle f\u00fcr den Betrieb des Netzwerkes wesentlichen Komponenten erfassen sowie auch Komponenten, die personenbezogene Daten (z.B. Nutzerkennungen) an externe Vertragspartner \u00fcbermitteln, etwa im Kontext von netzwerk\u00fcbergreifender Signalisierung. Als f\u00fcr das Sicherheitsmonitoring geeignete Datenquellen kommen u.a. m\u00f6glicherweise BGP-Router, Server f\u00fcr DNS, E-Mail, HTTP(S), SIP(S), SSH, IPsec in Betracht.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e113", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12513" }, { "category": "2.2.1 Implementierung einer Monitoring-Infrastruktur", "code": "SK2.2.1.2x", "label": "Eine geeignete MI muss ferner f\u00fcr eingetretene St\u00f6rungen geeignete Beseitigungsma\u00dfnahmen vorsehen. Die vorgesehenen Ma\u00dfnahmen sollten tats\u00e4chlich und ggf. auch unter Zeitdruck umsetzbar sein.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e114", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12514" }, { "category": "2.2.1.2 Implementierung einer Monitoring-Infrastruktur", "code": "SK2.2.1.2.1x", "label": "Die f\u00fcr ein Monitoring eingesetzten Tools m\u00fcssen geeignete Parameter bzw. Merkmale aus dem laufenden Betrieb kontinuierlich und automatisch erfassen und auswerten.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e115", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12515" }, { "category": "2.2.1.2 Implementierung einer Monitoring-Infrastruktur", "code": "SK2.2.1.2.2", "label": "Die Arbeitsweise, das Zusammenspiel der Monitoring Tools und eine ggf. vorgenommene Verarbeitung der Daten sollte im Sicherheitskonzept dokumentiert werden. Ebenfalls dokumentiert werden sollten Schwellwerte und \u00e4hnliche Parameter, die zur Justierung der MI (z.B. H\u00e4ufigkeit von Einzelereignissen bis ein Alarm ausgel\u00f6st wird, Justierung des Verh\u00e4ltnisses von True Positives zu False Negatives) genutzt werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e116", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12516" }, { "category": "2.2.1.2 Implementierung einer Monitoring-Infrastruktur", "code": "SK2.2.1.2.3x", "label": "Es ist ferner zu dokumentieren, wie mit erkannten Auff\u00e4lligkeiten umgegangen wird. Es ist zu kennzeichnen, welche Ma\u00dfnahmen von der MI automatisch eingeleitet werden, und welche einen Alarm ausl\u00f6sen, der eine manuelle Intervention nach sich zieht.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e117", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12517" }, { "category": "2.2.1.2 Implementierung einer Monitoring-Infrastruktur", "code": "SK2.2.1.2.4", "label": "Die MI sollte daneben eine einzelfallunabh\u00e4ngige Statistik generieren, welche eine Identifizierung eines bestimmten Gefahrenbildes oder Modus Operandi erm\u00f6glicht. Kommen bin\u00e4re Klassifikatoren zum Einsatz, so sollten diese mittels einer gemeinsamen Betrachtung der Eckdaten (TPR, FPR, TNR, FNR) und einer geeigneten Darstellung (z.B. ROC-Kurve) bewertet werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e118", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12518" }, { "category": "2.2.1 Implementierung einer Monitoring-Infrastruktur", "code": "SK2.2.1.3x", "label": "Signifikante Abweichungen vom normalen Netzbetrieb (z.B. ungew\u00f6hnliche Datenfl\u00fcsse, untypische Datenpakete auf bestimmten Ports, auff\u00e4lliges Verhalten kritischer Netzkomponenten usw.) m\u00fcssen permanent registriert, analysiert und dokumentiert werden. Dabei ist darauf zu achten, dass die Daten nur f\u00fcr den erforderlichen Zeitraum gespeichert werden. Sofern keine konkreten Anhaltspunkte f\u00fcr Angriffe oder Fehler vorliegen, sind die Daten nach sp\u00e4testens 7 Tagen zu anonymisieren (z.B. durch Erstellen von statistischen Auswertungen) oder zu l\u00f6schen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e119", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12519" }, { "category": "2.2.1.3 Weiterentwicklung MI", "code": "SK2.2.1.3.1", "label": "Die von der MI generierten Daten sollten zur Optimierung des Verh\u00e4ltnisses von True Positives und False Negatives regelm\u00e4\u00dfig einem Review unterworfen werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e120", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12520" }, { "category": "2.2.1.3 Weiterentwicklung MI", "code": "SK2.2.1.3.2", "label": "Zur Identifizierung von False Negatives sollten erg\u00e4nzend externe Datenquellen verwandt werden. Auch in diesen F\u00e4llen sollten die zur Optimierung ergriffenen Ma\u00dfnahmen (z.B. Justierung von Schwellwerten; die Erfassung weiterer Parameter; der Einsatz weiterer oder die Abschaltung von nicht mehr zielf\u00fchrenden Monitoring Tools) und etwaige \u00c4nderungen der MI dokumentiert werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e121", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12521" }, { "category": "2.2.1.3 Weiterentwicklung MI", "code": "SK2.2.1.3.3x", "label": "Eine MI muss rechtlich zul\u00e4ssig und datenschutzkonform sein. Aus telekommunikationsrechtlicher Sicht orientiert sich die rechtliche Zul\u00e4ssigkeit einer MI an \u00a7 100 Abs. 1 und 2 TKG", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e122", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12522" }, { "category": "2.2 Beobachtung, Berichterstattung und Kooperation", "code": "SK2.2.2", "label": "Es sollten Ma\u00dfnahmen umgesetzt werden, um ungew\u00fcnschte Ver\u00e4nderungen durch Hersteller, Management-Dienstleister oder staatliche Akteure (z.B. aus den Herstellerl\u00e4ndern) detektieren bzw. ausschlie\u00dfen", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e123", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12523" }, { "category": "2.2.2 Aufzeichnung / Protokollierung von Management-Aktivit\u00e4ten", "code": "SK2.2.2.1x", "label": "S\u00e4mtliche Management-Aktivit\u00e4ten an Netzkomponenten m\u00fcssen protokolliert und entsprechend ihrer Bedeutung f\u00fcr die Sicherheit der Gesamtinfrastruktur \u00fcber einen hinreichend langen Zeitraum archiviert werden, um m\u00f6gliche Sicherheitsvorf\u00e4lle auch im Nachhinein rekonstruieren zu k\u00f6nnen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e124", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12524" }, { "category": "2.2.3 Protokollierung der Konfigurationsdateien", "code": "SK2.2.3.1", "label": "Die Soll-Konfiguration einer jeden Netzkomponente sollten dokumentiert und gegen unbefugten Zugriff gesch\u00fctzt abgespeichert werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e125", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12525" }, { "category": "2.2.4 Soll- / Ist-Abgleich der Komponenten", "code": "SK2.2.4.1", "label": "Hinreichend h\u00e4ufig sollten Revisionen der Netzinfrastruktur durchgef\u00fchrt werden, die u.a. einen Soll-Ist-Abgleich der aktuellen Konfigurationsdateien s\u00e4mtlicher Netzkomponenten mit den gem\u00e4\u00df 2.2.3 archivierten Referenzdateien umfassen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e126", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12526" }, { "category": "2.2.5 Verhaltenspr\u00fcfung der Komponenten", "code": "SK2.2.5.1", "label": "\u00dcber den Soll-Ist-Vergleich der Konfigurationsdateien hinaus sollte regelm\u00e4\u00dfig ein Vergleich des tats\u00e4chlichen mit dem vorgesehen Verhalten einzelner Komponenten durchgef\u00fchrt werden. Dazu sollen Test Cases definiert werden, in denen das konforme Verhalten beschrieben ist.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e127", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12527" }, { "category": "2.2.6 Identifizierung infizierter Systeme und Aufkl\u00e4rung des Kunden \u00fcber Bedrohungen bei erkannter Infektion", "code": "SK2.2.6.1", "label": "Zus\u00e4tzlich zu den genannten Vorkehrungen zum eigenen Schutz sollten TK-Anbieter das Netz auch im Hinblick auf infizierte Systeme von Kunden beobachten.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e128", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12528" }, { "category": "2.2.6 Identifizierung infizierter Systeme und Aufkl\u00e4rung des Kunden \u00fcber Bedrohungen bei erkannter Infektion", "code": "SK2.2.6.2x", "label": "Werden dem TK-Anbieter St\u00f6rungen bekannt, die von Datenverarbeitungssystemen der Nutzer ausgehen, ist er nach TKG \u00a7109a Abs. 4 zur unverz\u00fcglichen Benachrichtigung der Nutzer verpflichtet, soweit dies technisch m\u00f6glich und zumutbar ist. Auch hat er in diesem Fall die Nutzer auf angemessene, wirksame und zug\u00e4ngliche technische Mittel hinzuweisen, mit denen sie diese St\u00f6rungen erkennen und beseitigen k\u00f6nnen. Die gesetzlichen Meldepflichten (siehe Katalog Kap. 3.5.3) sind zu beachten.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e129", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12529" }, { "category": "2.2.7 Kooperationen bei TK-anbieter\u00fcbergreifenden St\u00f6rungen", "code": "SK2.2.7.1", "label": "Treten St\u00f6rungen auf, von denen mehrere TK-Anbieter betroffen sein k\u00f6nnten, beispielsweise aufgrund von DDoS-Angriffen (siehe hierzu auch 2.1.2.), ist eine TK-Anbieter \u00fcbergreifende Zusammenarbeit notwendig. Diese sollte auch einen provider\u00fcbergreifenden Austausch zu infizierten Ger\u00e4ten umfassen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e130", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12530" }, { "category": "2.2.7 Kooperationen bei TK-anbieter\u00fcbergreifenden St\u00f6rungen", "code": "SK2.2.7.2x", "label": "Hierzu m\u00fcssen Ansprechpartner und Vorgehensweisen im Vorfeld untereinander abgestimmt werden. Dazu z\u00e4hlt auch die Benennung eines mindestens zu den B\u00fcro-Arbeitszeiten reaktionsf\u00e4higen Abuse-Kontaktes, \u00fcber den eingehende Meldungen (ggf. automatisiert) bearbeitet werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e131", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12531" }, { "category": "2.2.7 Kooperationen bei TK-anbieter\u00fcbergreifenden St\u00f6rungen", "code": "SK2.2.7.3x", "label": "Es liegt in der Verantwortung des TK-Anbieters, vernetzte Anbieter zu kontaktieren, um die entsprechenden Kontaktpersonen zu ermitteln. Letztere haben den ersten TK-Anbieter im Gegenzug unverz\u00fcglich \u00fcber \u00c4nderungen zu informieren. Es muss stets sichergestellt sein, dass im Notfall ein direkter und unverz\u00fcglicher Kontakt unter den TK-Anbietern m\u00f6glich ist.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e132", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12532" }, { "category": "2.2.8 Kooperation mit Anti-Malware-Herstellern", "code": "SK2.2.8.1", "label": "Mithilfe der umgehenden Weiterleitung von Malware-Samples an AV-Hersteller sollten diese bei der zeitnahen Verbesserung von Detektionsma\u00dfnahmen unterst\u00fctzt werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e133", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12533" }, { "category": "3.1 Allgemeine Sicherheitsvorkehrungen", "code": "SK3.1", "label": "Neben der Authentisierung mit Hilfe von Benutzername und Passwort sollten, wenn technisch m\u00f6glich, den Kunden st\u00e4rkere Authentifizierungsverfahren wie beispielsweise kryptographische Authentifizierungsverfahren oder Verfahren der Zwei-FaktorAuthentifizierung (Besitz und Wissen) angeboten werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e134", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12534" }, { "category": "3.1.1 Organisations- und Risikomanagement ", "code": "SK3.1.1.1x", "label": "verbindliches Verfahren, um Risiken f\u00fcr Netzwerke, Dienste und die Verarbeitung personenbezogener Daten zu erkennen", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e135", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12535" }, { "category": "3.1.1 Organisations- und Risikomanagement ", "code": "SK3.1.1.2x", "label": "Dokumentation der Risiken und Kontrolle der Restrisiken", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e136", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12536" }, { "category": "3.1.2 Sicherheitsrollen und Verantwortlichkeiten", "code": "SK3.1.2.1x", "label": "Benennung des Sicherheitsbeauftragten nach \u00a7 109 Abs. 4 TKG.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e137", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12537" }, { "category": "3.1.2 Sicherheitsrollen und Verantwortlichkeiten", "code": "SK3.1.2.2x", "label": "F\u00fcr die Sicherheit von Informationen, Gesch\u00e4ftsprozessen, Anwendungen, Aufgaben und Regelungen ist eine personelle Verantwortlichkeit festzulegen. Bei der Vergabe der jeweiligen Sicherheitsrollen kann ein Ernennungsakt Klarheit, Transparenz und \u00d6ffentlichkeit verschaffen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e138", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12538" }, { "category": "3.1.2 Sicherheitsrollen und Verantwortlichkeiten", "code": "SK3.1.2.3x", "label": "Es sind alle Mitarbeiter \u00fcber diese Verantwortlichkeiten in geeigneter Weise zu informieren", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e139", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12539" }, { "category": "3.1.2 Sicherheitsrollen und Verantwortlichkeiten", "code": "SK3.1.2.4x", "label": " Die f\u00fcr Sicherheitsvorf\u00e4lle zust\u00e4ndigen Personen m\u00fcssen in der Wahrnehmung ihrer Rollen erreichbar sein.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e140", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12540" }, { "category": "3.1.2 Sicherheitsrollen und Verantwortlichkeiten", "code": "SK3.1.2.5", "label": "regelm\u00e4\u00dfige Schulung des benannten Personals", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e141", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12541" }, { "category": "3.1.3 Lieferantenmanagement", "code": "SK3.1.3.1x", "label": "initiale und regelm\u00e4ssige Pr\u00fcfung und Bewertung der Zuverl\u00e4ssigkeit, Vertrauensw\u00fcrdigkeit und Qualit\u00e4t des Erf\u00fcllungsgehilfen oder Lieferanten", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e142", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12542" }, { "category": "3.1.3 Lieferantenmanagement", "code": "SK3.1.3.2x", "label": "Abh\u00e4ngigkeiten von Dritten darf die Sicherheit von Netzwerken oder Dienstleistungen sowie personenbezogener Daten nicht beeintr\u00e4chtigen", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e143", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12543" }, { "category": "3.1.3 Lieferantenmanagement", "code": "SK3.1.3.3x", "label": "Sicherheitsanforderungen m\u00fcssen in die vertragliche Grundlage mit Anbietern aufgenommen werden", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e144", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12544" }, { "category": "3.1.3 Lieferantenmanagement", "code": "SK3.1.3.4x", "label": "Das datenschutzrechtlich konforme Handeln der Dritten ist sicherzustellen", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e145", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12545" }, { "category": "3.1.3 Lieferantenmanagement", "code": "SK3.1.3.5x", "label": "Bei Auftragsverarbeitung sind au\u00dferdem die Regelungen des Art. 28 DSGVO zu beachten", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e146", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12546" }, { "category": "3.1.3 Lieferantenmanagement", "code": "SK3.1.3.6x", "label": "Sicherheitsanforderungen m\u00fcssen nicht nur festgelegt und aktualisiert, sondern auch deren Einhaltung regelm\u00e4\u00dfig (ADV) \u00fcberpr\u00fcft werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e147", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12547" }, { "category": "3.2.1 Neukundeninformation", "code": "SK3.2.1.1", "label": "Neukunden sollten schriftlich mit Informationen zu Risiken im Internet, bestehenden Schutzm\u00f6glichkeiten sowie Hinweisen zu Entfernungsm\u00f6glichkeiten von Schadsoftware versorgt werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e148", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12548" }, { "category": "3.2.1 Sicherheits\u00fcberpr\u00fcfung (Personal intern und extern)", "code": "SK3.2.1.2", "label": "angemessene Sicherheits\u00fcberpr\u00fcfung und Dokumentation der eingesetzten Pr\u00fcfungsmodalit\u00e4t (vor Personaleinsatz)", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e149", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12549" }, { "category": "3.2.1 Sicherheits\u00fcberpr\u00fcfung (Personal intern und extern)", "code": "SK3.2.1.3x", "label": "Vorlage des Personalausweis, beglaubigte Zeugniskopien, Personenzertifikate, amtlichen F\u00fchrungszeugnis", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e150", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12550" }, { "category": "3.2.2 Information des Kunden bei Verdacht einer Schadsoftware-Infektion", "code": "SK3.2.2.1", "label": "Bei vorliegendem Verdacht auf eine Schadsoftware-Infektion eines Kunden-Endger\u00e4ts sollte der Kunde benachrichtigt werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e151", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12551" }, { "category": "3.2.2 Sicherheitswissen und Sensibilisierung (Personal intern und extern)", "code": "SK3.2.2.2x", "label": "Personal muss relevante Schulungen (Sicherheit und Umgang mit sensiblen Daten) besucht haben", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e152", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12552" }, { "category": "3.2.2 Sicherheitswissen und Sensibilisierung (Personal intern und extern)", "code": "SK3.2.2.3x", "label": "Personal muss Material zu Sicherheitsfragen zur Verf\u00fcgung gestellt werden", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e153", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12553" }, { "category": "3.2.2 Sicherheitswissen und Sensibilisierung (Personal intern und extern)", "code": "SK3.2.2.4", "label": "regelm\u00e4\u00dfige Schulungsma\u00dfnahmen und Sensibilisierungssitzungen (z.B. Datenschutz, Fernmeldegeheimnis)", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e154", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12554" }, { "category": "3.2.2 Sicherheitswissen und Sensibilisierung (Personal intern und extern)", "code": "SK3.2.2.5x", "label": "Der Besuch der Schulungen ist zu dokumentieren.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e155", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12555" }, { "category": "3.2.3 Personelle Ver\u00e4nderungen (Personal intern und extern)", "code": "SK3.2.3.1x", "label": "Es sind Regelungen f\u00fcr die Verwaltung von Personalver\u00e4nderungen oder \u00c4nderungen von Zust\u00e4ndigkeiten und Verantwortlichkeiten zu wahren.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e156", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12556" }, { "category": "3.2.3 Personelle Ver\u00e4nderungen (Personal intern und extern)", "code": "SK3.2.3.2x", "label": "Nach einem Personal- oder Beauftragtenwechsel sind Zugriffs, Zutritts- und Zugangsrechte zu entsprechenden Systemen, Geb\u00e4uden oder Anlagen unverz\u00fcglich anzupassen bzw. zu sperren. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e157", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12557" }, { "category": "3.2.3 Personelle Ver\u00e4nderungen (Personal intern und extern)", "code": "SK3.2.3.3x", "label": "Ausgegebene Passw\u00f6rter sind nach dem Stand der Technik zu verwalten. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e158", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12558" }, { "category": "3.2.3 Personelle Ver\u00e4nderungen (Personal intern und extern)", "code": "SK3.2.3.4x", "label": "Neues Personal muss \u00fcber geltende Richtlinien und Verfahren informiert und sensibilisiert werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e159", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12559" }, { "category": "3.2.4 Umgang mit Verst\u00f6\u00dfen (Personal intern)", "code": "SK3.2.4.1", "label": "verbindliche Regelungen f\u00fcr Sicherheitsverletzungen aufgrund von Verst\u00f6\u00dfen", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e160", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12560" }, { "category": "3.3.1 Bandbreite, Erreichbarkeit von Notrufnummern", "code": "SK3.3.1.1", "label": "Der TK-Anbieter sollte einen Teil der zur Verf\u00fcgung stehenden Bandbreite f\u00fcr die VOIPKommunikation reservieren. Vor allem die Erreichbarkeit von Notrufnummern muss sichergestellt sein.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e161", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12561" }, { "category": "3.3.1 Sicherer Umgang mit sensiblen Daten und Informationen", "code": "SK3.3.1.2x", "label": "Sensible Akten oder Dokumente m\u00fcssen unter Verschluss verwahrt werden. Abschlie\u00dfbare Aktenschr\u00e4nke, verschlossene B\u00fcror\u00e4ume sollten als m\u00f6gliche Ma\u00dfnahmen ber\u00fccksichtigt werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e162", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12562" }, { "category": "3.3.1 Sicherer Umgang mit sensiblen Daten und Informationen", "code": "SK3.3.1.3", "label": "Mobile Endger\u00e4te oder Wechseldatentr\u00e4ger sollten mit geeigneten Verschl\u00fcsselungstechnologien gesch\u00fctzt werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e163", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12563" }, { "category": "3.3.1 Sicherer Umgang mit sensiblen Daten und Informationen", "code": "SK3.3.1.4", "label": "Es sollte ein (MDM) Mobile Device Management genutzt werden. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e164", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12564" }, { "category": "3.3.1 Sicherer Umgang mit sensiblen Daten und Informationen", "code": "SK3.3.1.5", "label": "Es sollten Regelungen zur sicheren Entsorgung von Wechseldatentr\u00e4gern, die nicht mehr ben\u00f6tigt werden oder defekt sind, getroffen werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e165", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12565" }, { "category": "3.3.1 Sicherer Umgang mit sensiblen Daten und Informationen", "code": "SK3.3.1.6x", "label": "Festplatten mit sensiblen Daten m\u00fcssen so entsorgt werden, dass eine Wiederherstellung der Daten nicht mehr m\u00f6glich ist.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e166", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12566" }, { "category": "3.3.2 Physische und elementare Schutzanforderungen", "code": "SK3.3.2.1x", "label": "Es sind physische Sicherheitselemente festzulegen, die den unbefugten Zutritt, die Besch\u00e4digung und die Beeintr\u00e4chtigung von Informationen und informationsverarbeitenden Einrichtungen verhindern (z.B. Sicherheitsschl\u00f6sser, Bewegungsmelder, Einbruchmeldeanlagen oder Video\u00fcberwachung). ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e167", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12567" }, { "category": "3.3.2 Vertraulichkeit der Kommunikation", "code": "SK3.3.2.2", "label": "Erg\u00e4nzend zu Abschnitt 2.1.1 sollten im Rahmen des technisch m\u00f6glichen und wirtschaftlich vertretbaren VoIP-Daten sowohl bei der \u00dcbertragung zwischen Provider-Netzen als auch \u2013 sofern das CPE des Kunden die technischen Voraussetzungen daf\u00fcr bietet \u2013 zwischen Kunden-CPE und SBC des Providers verschl\u00fcsselt \u00fcbertragen werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e168", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12568" }, { "category": "3.3.2 Physische und elementare Schutzanforderungen", "code": "SK3.3.2.3", "label": "Der Einsatz von Feuer-, Gas- und Rauchmeldern oder L\u00f6schanlagen sollte der Gr\u00f6\u00dfe der R\u00e4umlichkeiten angemessen vorhanden sein und regelm\u00e4\u00dfig gewartet werden. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e169", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12569" }, { "category": "3.3.2 Physische und elementare Schutzanforderungen", "code": "SK3.3.2.4x", "label": "Die Einhaltung der Brandschutzordnung muss regelm\u00e4\u00dfig \u00fcberpr\u00fcft werden. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e170", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12570" }, { "category": "3.3.2 Physische und elementare Schutzanforderungen", "code": "SK3.3.2.5", "label": "Sicherheitsbereiche sollten durch eine angemessene Zutrittssteuerung gesch\u00fctzt werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e171", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12571" }, { "category": "3.3.2 Physische und elementare Schutzanforderungen", "code": "SK3.3.2.6x", "label": "Ger\u00e4te und Betriebsmittel sind in regelm\u00e4\u00dfigen oder durch den Hersteller empfohlenen Intervallen zu warten.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e172", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12572" }, { "category": "3.3.2 Physische und elementare Schutzanforderungen", "code": "SK3.3.2.7x", "label": "Telekommunikationsverkabelung und Stromverkabelung sind vor Unterbrechung, St\u00f6rung und Besch\u00e4digung angemessen zu sch\u00fctzen und in empfohlenen Intervallen zu warten.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e173", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12573" }, { "category": "3.3.2 Physische und elementare Schutzanforderungen", "code": "SK3.3.2.8x", "label": "Redundante Leitungen sind voneinander getrennt zu verlegen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e174", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12574" }, { "category": "3.3.2 Physische und elementare Schutzanforderungen", "code": "SK3.3.2.9", "label": "Kabel sollten unterirdisch verlegt werden und durch Rohre und verschlossene R\u00e4ume und Schr\u00e4nke gesch\u00fctzt werden. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e175", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12575" }, { "category": "3.3.2 Physische und elementare Schutzanforderungen", "code": "SK3.3.2.10", "label": "Wasserf\u00fchrende Leitungen sollten in Serverr\u00e4umen vermieden werden. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e176", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12576" }, { "category": "3.3.2 Physische und elementare Schutzanforderungen", "code": "SK3.3.2.11x", "label": "Ma\u00dfnahmen zum Schutz vor Naturkatastrophen und Unf\u00e4llen sind zu ergreifen. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e177", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12577" }, { "category": "3.3.2 Physische und elementare Schutzanforderungen", "code": "SK3.3.2.12x", "label": "Es ist eine regelm\u00e4\u00dfige Bewertung der Wirksamkeit von physischen und umgebungsbezogenen Schutzma\u00dfnahmen vorzunehmen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e178", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12578" }, { "category": "3.3.3 \u00dcbermittlung der Rufnummer", "code": "SK3.3.3.1x", "label": "Die Signalisierung f\u00fcr CLIP/CLIR muss bei abgehenden Verbindungen korrekt eingestellt werden und bei ankommenden Verbindungen korrekt ber\u00fccksichtigt werden. Weiterhin sind Katalog der Sicherheitsanforderungen gem\u00e4\u00df 109 Absatz 6 TKG Anlage 1 die netzseitige (network provided number) und die kundenspezifische Rufnummer (user provided number) korrekt zu \u00fcbermitteln.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e179", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12579" }, { "category": "3.3.3 Versorgungssicherheit (Verf\u00fcgbarkeit des Gesamtsystems)", "code": "SK3.3.3.2x", "label": "Ger\u00e4te und Betriebsmittel vor Stromausf\u00e4llen und anderen St\u00f6rungen sch\u00fctzen. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e180", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12580" }, { "category": "3.3.3 Versorgungssicherheit (Verf\u00fcgbarkeit des Gesamtsystems)", "code": "SK3.3.3.3", "label": "redundante Leitungen \u00fcber unterschiedliche Zuleitungswege", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e181", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12581" }, { "category": "3.3.3 Versorgungssicherheit (Verf\u00fcgbarkeit des Gesamtsystems)", "code": "SK3.3.3.4x", "label": "ausreichende Dimensionierung der Klimatisierung und Stromversorgung ist festzulegen und regelm\u00e4\u00dfig zu \u00fcberwachen", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e182", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12582" }, { "category": "3.3.3 Versorgungssicherheit (Verf\u00fcgbarkeit des Gesamtsystems)", "code": "SK3.3.3.5x", "label": "Schaltanlagen, Notstromgeneratoren, Batterien, etc. m\u00fcssen regelm\u00e4\u00dfig kontrolliert und falls m\u00f6glich getestet", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e183", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12583" }, { "category": "3.3.3 Versorgungssicherheit (Verf\u00fcgbarkeit des Gesamtsystems)", "code": "SK3.3.3.6x", "label": "Ein Verfahren zur Umsetzung f\u00fcr die Sicherheit kritischer Versorgungsg\u00fcter, Versorgungseinrichtungen und unterst\u00fctzenden Einrichtungen ist zu erstellen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e184", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12584" }, { "category": "3.3.3 Versorgungssicherheit (Verf\u00fcgbarkeit des Gesamtsystems)", "code": "SK3.3.3.7x", "label": "Ma\u00dfnahmen zum Schutz der Lieferung und Bereitstellung der Versorgungseinrichtungen sind zu implementieren.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e185", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12585" }, { "category": "3.3.4 Schutz vor TDOS", "code": "SK3.3.4.1", "label": "Soweit technisch m\u00f6glich und wirtschaftlich angemessen, sollten TK-Anbieter \u2013 z.B. durch ein entsprechendes Monitoring am SBC \u2013 automatisierte Massenanrufe an einem Anschluss zum Zwecke, diesen lahmzulegen (sog. TDOS-Attacken), erkennen und unterbinden k\u00f6nnen. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e186", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12586" }, { "category": "3.3.4 Zugriffs- und Zugangskontrolle auf Netzwerk- und Informationssystemen", "code": "SK3.3.4.2x", "label": "Nutzer haben eindeutige Kennungen und werden authentifiziert, bevor sie auf Dienste oder Systeme zugreifen d\u00fcrfen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e187", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12587" }, { "category": "3.3.4 Zugriffs- und Zugangskontrolle auf Netzwerk- und Informationssystemen", "code": "SK3.3.4.3x", "label": "Passw\u00f6rter d\u00fcrfen nur verschl\u00fcsselt gespeichert werden. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e188", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12588" }, { "category": "3.3.4 Zugriffs- und Zugangskontrolle auf Netzwerk- und Informationssystemen", "code": "SK3.3.4.4x", "label": "Rollen, Rechte, Verantwortlichkeiten und Verfahren zum Zuweisen und Widerrufen von Zugriffsrechten sind festzulegen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e189", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12589" }, { "category": "3.3.4 Zugriffs- und Zugangskontrolle auf Netzwerk- und Informationssystemen", "code": "SK3.3.4.5x", "label": "Zugriffe auf Netzwerk- und Informationssysteme m\u00fcssen protokolliert werden. Abweichungen von dieser Verfahrensweise m\u00fcssen hinterlegt und protokolliert werden", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e190", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12590" }, { "category": "3.3.4 Zugriffs- und Zugangskontrolle auf Netzwerk- und Informationssystemen", "code": "SK3.3.4.6x", "label": "Fernwartungszug\u00e4nge m\u00fcssen ausreichend gesichert werden (eigene VPN- Zug\u00e4nge).", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e191", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12591" }, { "category": "3.3.4 Zugriffs- und Zugangskontrolle auf Netzwerk- und Informationssystemen", "code": "SK3.3.4.7x", "label": "Fremde Personen d\u00fcrfen sich nur in Begleitung oder nach geeigneter Sicherheits\u00fcberpr\u00fcfung und Einweisung in gesicherten Bereichen aufhalten. Fremde Personen sind hierbei Personen von externen Firmen z.B. bei Wartungsarbeiten, Umbauten oder auch Reinigungsarbeiten.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e192", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12592" }, { "category": "3.3.4 Zugriffs- und Zugangskontrolle auf Netzwerk- und Informationssystemen", "code": "SK3.3.4.8x", "label": "Die Zugangskontrollmechanismen werden regelm\u00e4\u00dfig \u00fcberpr\u00fcft und bei Bedarf angepasst. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e193", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12593" }, { "category": "3.3.4 Zugriffs- und Zugangskontrolle auf Netzwerk- und Informationssystemen", "code": "SK3.3.4.9x", "label": "F\u00fcr gesicherte technische Anlagen muss sichergestellt sein, dass nur Personen mit Befugnis Zugriff haben. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e194", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12594" }, { "category": "3.3.5 Integrit\u00e4t und Verf\u00fcgbarkeit von Netzwerk- und Informationssystemen", "code": "SK3.3.5.1x", "label": "keine unberechtigten Manipulationen oder \u00c4nderungen", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e195", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12595" }, { "category": "3.3.5 Integrit\u00e4t und Verf\u00fcgbarkeit von Netzwerk- und Informationssystemen", "code": "SK3.3.5.10", "label": "Mitarbeiter sollten durch Schulungsma\u00dfnahmen bef\u00e4higt sein, verd\u00e4chtige E-Mails oder Links zu erkennen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e196", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12596" }, { "category": "3.3.5 Integrit\u00e4t und Verf\u00fcgbarkeit von Netzwerk- und Informationssystemen", "code": "SK3.3.5.2", "label": "\u00c4nderungen sollten dokumentiert werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e197", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12597" }, { "category": "3.3.5 Integrit\u00e4t und Verf\u00fcgbarkeit von Netzwerk- und Informationssystemen", "code": "SK3.3.5.3x", "label": "Unberechtigte Zugriffe m\u00fcssen detektiert werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e198", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12598" }, { "category": "3.3.5 Integrit\u00e4t und Verf\u00fcgbarkeit von Netzwerk- und Informationssystemen", "code": "SK3.3.5.4", "label": "Systeme und Anwendungen sollten immer die aktuellen Sicherheitsupdates erhalten.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e199", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12599" }, { "category": "3.3.5 Integrit\u00e4t und Verf\u00fcgbarkeit von Netzwerk- und Informationssystemen", "code": "SK3.3.5.5x", "label": "Es m\u00fcssen geeignete Ma\u00dfnahmen zur Erkennung von Schadsoftware umgesetzt werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e200", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12600" }, { "category": "3.3.5 Integrit\u00e4t und Verf\u00fcgbarkeit von Netzwerk- und Informationssystemen", "code": "SK3.3.5.6", "label": "Ma\u00dfnahmen zur Sensibilisierung der Mitarbeiter sollen bestehen und umgesetzt werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e201", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12601" }, { "category": "3.3.5 Integrit\u00e4t und Verf\u00fcgbarkeit von Netzwerk- und Informationssystemen", "code": "SK3.3.5.7x", "label": "Es ist sicherzustellen, dass sicherheitskritische Daten (wie Passw\u00f6rter, gemeinsame geheime Schl\u00fcssel, private Schl\u00fcssel usw.) nicht offengelegt oder manipuliert werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e202", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12602" }, { "category": "3.3.5 Integrit\u00e4t und Verf\u00fcgbarkeit von Netzwerk- und Informationssystemen", "code": "SK3.3.5.8", "label": "Die Wirksamkeit der Ma\u00dfnahmen zum Schutz der Integrit\u00e4t von Systemen sollte \u00fcberpr\u00fcft und bewertet werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e203", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12603" }, { "category": "3.3.5 Integrit\u00e4t und Verf\u00fcgbarkeit von Netzwerk- und Informationssystemen", "code": "SK3.3.5.9", "label": "Passw\u00f6rter sollten sicher authentifiziert und bei Bedarf ge\u00e4ndert werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e204", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12604" }, { "category": "3.3.6 Vertraulichkeit und Integrit\u00e4t von Kommunikationsinhalten und Metadaten ", "code": "SK3.3.6.1", "label": "geeignete Verschl\u00fcsselungsverfahren sollten eingesetzt werden", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e205", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12605" }, { "category": "3.3.6 Vertraulichkeit und Integrit\u00e4t von Kommunikationsinhalten und Metadaten ", "code": "SK3.3.6.2x", "label": "geeignete Authentifizierungsmechanismen f\u00fcr Kunden- und Dienstleistungsnetzwerke sind zu implementieren", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e206", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12606" }, { "category": "3.3.6 Vertraulichkeit und Integrit\u00e4t von Kommunikationsinhalten und Metadaten ", "code": "SK3.3.6.3", "label": "Die Nutzung von Netzwerken und Diensten sollte fortw\u00e4hrend in geeigneter Form auf Anomalien sondiert werden", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e207", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12607" }, { "category": "3.3.6 Vertraulichkeit und Integrit\u00e4t von Kommunikationsinhalten und Metadaten ", "code": "SK3.3.6.4", "label": "Es sollten standardisierte \u00dcbertragungsverfahren und -ma\u00dfnahmen verwendet werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e208", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12608" }, { "category": "3.3.6 Vertraulichkeit und Integrit\u00e4t von Kommunikationsinhalten und Metadaten ", "code": "SK3.3.6.5x", "label": "Sicherheitskritische Daten von Kunden sind besonders zu sch\u00fctzen (z.B. Daten der SIM-Karten, IMEI-Nummer, Passw\u00f6rter). ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e209", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12609" }, { "category": "3.3.6 Vertraulichkeit und Integrit\u00e4t von Kommunikationsinhalten und Metadaten ", "code": "SK3.3.6.6", "label": "Auch die Wirksamkeit von Methoden zum Schutz der Vertraulichkeit von Kommunikationsinhalten und -metadaten sollte stetig in geeigneter Form bewertet werden. Standortdaten unterliegen zus\u00e4tzlichen Anforderungen (siehe Abschnitt 4.2.4). Eine geeignete Bewertung kann die Ausf\u00fchrung einer Gegenpr\u00fcfung (Cross-Checks) oder die Durchf\u00fchrung eines (Stress)Tests sein. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e210", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12610" }, { "category": "3.4 DNS-Dienste", "code": "SK3.4x", "label": "Erreichbarkeit auf den eigenen Kundenkreis beschr\u00e4nkt", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e211", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12611" }, { "category": "3.4.1 Betriebsverfahren", "code": "SK3.4.1.1x", "label": "Durch geeignete Betriebsverfahren ist sicherzustellen, dass die Informations- und Kommunikationstechnologie ordnungsgem\u00e4\u00df, sicher und kontinuierlich funktioniert. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e212", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12612" }, { "category": "3.4.1 Schutz vor Spoofing und Erschweren von Reflection/Amplification-Angriffen", "code": "SK3.4.1.2x", "label": "Ein permanentes Monitoring der DNS-Server muss gew\u00e4hrleistet sein und sollte es erm\u00f6glichen, Reflection/Amplification-Angriffe fr\u00fchzeitig zu erkennen. Hinweise ergeben sich z.B. bei einer H\u00e4ufung von Anfragen aus bestimmten Quellen, bez\u00fcglich bestimmter Resource-Records, unerlaubter rekursiver Anfragen u.\u00e4.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e213", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12613" }, { "category": "3.4.1 Schutz vor Spoofing und Erschweren von Reflection/Amplification-Angriffen", "code": "SK3.4.1.3x", "label": "In diesen F\u00e4llen m\u00fcssen Gegenma\u00dfnahmen, wie die Einschr\u00e4nkung und Filterung von Anfragen, getroffen werden. Dies gilt ebenso f\u00fcr Dienste wie NTP, SSDP usw. die gleichfalls immer h\u00e4ufiger f\u00fcr Reflection-Angriffe missbraucht werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e214", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12614" }, { "category": "3.4.1 Betriebsverfahren", "code": "SK3.4.1.4x", "label": "Im Mindestma\u00df muss der Betriebsablauf festgelegt und dokumentiert werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e215", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12615" }, { "category": "3.4.1 Betriebsverfahren", "code": "SK3.4.1.5x", "label": "Verantwortlichkeiten f\u00fcr den Betrieb kritischer Systeme m\u00fcssen einer zust\u00e4ndigen Stelle zugewiesen sein.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e216", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12616" }, { "category": "3.4.1 Betriebsverfahren", "code": "SK3.4.1.6x", "label": "Verf\u00fcgbare und notwendige Ressourcen m\u00fcssen bekannt sein. Ressourcen in diesem Sinn umfassen u.a. das notwendige und tats\u00e4chliche Personal, Systeme, Anwendungen und R\u00e4umlichkeiten. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e217", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12617" }, { "category": "3.4.1 Betriebsverfahren", "code": "SK3.4.1.7x", "label": "Verf\u00fcgbare und notwendige Ressourcen m\u00fcssen stetig \u00fcberpr\u00fcft und ggf. in geeigneter Form gesteuert werden. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e218", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12618" }, { "category": "3.4.2 \u00c4nderungsmanagement", "code": "SK3.4.2.1", "label": "Zur Vermeidung von St\u00f6rungen oder Sicherheitsvorf\u00e4llen sollten \u00c4nderungen an Netzwerk- und Informationssystemen, Infrastruktur, Dokumentationen, Prozessen, Verfahren und Betriebsabl\u00e4ufen geplant, kontrolliert, gesteuert und nach Abschluss \u00fcberpr\u00fcft werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e219", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12619" }, { "category": "3.4.2 Schutz vor DNS-Cache Poisoning", "code": "SK3.4.2.2", "label": "Es sollte die Port-Randomisierung aktiviert sein", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e220", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12620" }, { "category": "3.4.2 Schutz vor DNS-Cache Poisoning", "code": "SK3.4.2.3", "label": "Die Verkehrsmenge sollte regelm\u00e4\u00dfig beobachtet werden, um Cache-Poisoning Angriffe fr\u00fchzeitig zu entdecken. Insbesondere bei breitbandig angebundenen DNS-Resolvern ist eine Cache-Poisoning Attacke trotz aktivierter Port-Randomisierung weiterhin m\u00f6glich.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e221", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12621" }, { "category": "3.4.2 \u00c4nderungsmanagement", "code": "SK3.4.2.4", "label": "\u00c4nderungen an kritischen Systemen sollen auf der Grundlage von vordefinierten und in geeigneter Form dokumentierten Verfahren erfolgen. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e222", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12622" }, { "category": "3.4.2 Schutz vor DNS-Cache Poisoning", "code": "SK3.4.2.5", "label": "Zur Risikoreduzierung sollten au\u00dferdem Obergrenzen f\u00fcr die Haltezeit von zwischengepufferten Daten im DNS-Cache festgelegt werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e223", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12623" }, { "category": "3.4.2 \u00c4nderungsmanagement", "code": "SK3.4.2.6", "label": "Es sollte eine Einsch\u00e4tzung aller potenziellen direkten und indirekten Auswirkungen vorgenommen werden. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e224", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12624" }, { "category": "3.4.2 \u00c4nderungsmanagement", "code": "SK3.4.2.7", "label": "Wesentliche tats\u00e4chliche \u00c4nderungen sollten in geeigneter Form protokolliert werden. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e225", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12625" }, { "category": "3.4.2 \u00c4nderungsmanagement", "code": "SK3.4.2.8", "label": "Ma\u00dfnahmen der pr\u00e4ventiven Kontrolle, z. B. das 4-Augenprinzip.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e226", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12626" }, { "category": "3.4.2 \u00c4nderungsmanagement", "code": "SK3.4.2.9", "label": "Die Funktionalit\u00e4t der TK-Systeme sollte nach \u00c4nderungen in geeigneter Form \u00fcberpr\u00fcft werden. Alle betroffenen Personen sollten \u00fcber die erforderlichen \u00c4nderungsdetails informiert werden. Identifizierte Auff\u00e4lligkeiten sollten sofort der vorher festgelegten Stelle angezeigt werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e227", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12627" }, { "category": "3.4.3 Asset Management", "code": "SK3.4.3.1", "label": "Sicherheit erfordert Kenntnis. Zumindest die wesentlichen Anlagen, Systeme und Einrichtungen, welche f\u00fcr den jeweiligen Netzbetrieb oder das Diensteangebot erforderlich sind, sollten eindeutig identifizierbar sein. Eine entsprechende Inventarisierung und Verwaltung von Anlagen und Systemen kann dies im Einzelfall sicherstellen. Die Verwaltung sollte auch die Konfigurationssteuerung der wesentlichen Netzwerk- und Kommunikationssysteme einschlie\u00dfen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e228", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12628" }, { "category": "3.4.3 Einsatz von DNSSEC", "code": "SK3.4.3.2x", "label": "Innerhalb der DNS-Infrastruktur eines Netzbetreibers muss eine Validierung von DNSSEC-Signaturen fl\u00e4chendeckend erfolgen. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e229", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12629" }, { "category": "3.4.3 Einsatz von DNSSEC", "code": "SK3.4.3.3", "label": "Der TK-Anbieter sollte seine Kunden \u00fcber die Vorteile von DNSSEC aufkl\u00e4ren sowie diese zu einer Nutzung anhalten.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e230", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12630" }, { "category": "3.5.1 Erkennen von Sicherheitsvorf\u00e4llen und St\u00f6rungen", "code": "SK3.5.1.1x", "label": "Es muss ein Verfahren zum Erkennen von Sicherheitsvorf\u00e4llen und St\u00f6rungen eingerichtet und regelm\u00e4\u00dfig kontrolliert werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e231", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12631" }, { "category": "3.5.1 Erkennen von Sicherheitsvorf\u00e4llen und St\u00f6rungen", "code": "SK3.5.1.2x", "label": "Es sind z.B. vordefinierte Betriebsparameter wie Klima, Strom, Datenaufkommen im TK-Verkehr zu \u00fcberwachen und im Sicherheitsvorfall oder bei St\u00f6rungen zu alarmieren.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e232", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12632" }, { "category": "3.5.1 Erkennen von Sicherheitsvorf\u00e4llen und St\u00f6rungen", "code": "SK3.5.1.3", "label": "Nach Bekanntwerden von St\u00f6rungen und/oder Vorf\u00e4llen sollten betroffene Systeme so angepasst und/oder verbessert werden, dass zuk\u00fcnftig diese Problematik verhindert wird.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e233", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12633" }, { "category": "3.5.2 Umgang mit Sicherheitsvorf\u00e4llen und St\u00f6rungen", "code": "SK3.5.2.1x", "label": "Unternehmen haben ein Verfahren zur Definition und zum Umgang mit jedweder Art von Sicherheitsvorfall, einschlie\u00dflich dessen Meldung an zust\u00e4ndige Personen und Beh\u00f6rden zu implementieren.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e234", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12634" }, { "category": "3.5.2 Umgang mit Sicherheitsvorf\u00e4llen und St\u00f6rungen", "code": "SK3.5.2.2", "label": "Es sollte regelm\u00e4\u00dfig \u00fcberpr\u00fcft werden, ob das festgelegte Verfahren den aktuellen Umst\u00e4nden entspricht und die tats\u00e4chliche Umsetzung planungskonform erfolgt.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e235", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12635" }, { "category": "3.5.2 Umgang mit Sicherheitsvorf\u00e4llen und St\u00f6rungen", "code": "SK3.5.2.3x", "label": "F\u00fcr Sicherheitsvorf\u00e4lle hat geeignetes Personal verf\u00fcgbar und benannt zu sein. Im Falle einer Sicherheitsverletzung kann es notwendig sein, unter Zeitdruck oder atypischen Umst\u00e4nden Sicherheitshandlungen durchzuf\u00fchren oder sicherheitsrelevante Entscheidungen zu treffen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e236", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12636" }, { "category": "3.5.2 Umgang mit Sicherheitsvorf\u00e4llen und St\u00f6rungen", "code": "SK3.5.2.4x", "label": "Die Kritikalit\u00e4t der jeweiligen St\u00f6rung oder Sicherheitsverletzung muss in geeigneter Form bewertet werden. Der f\u00fcr das Bewertungsergebnis vorgegebene Meldeweg muss sodann umgesetzt werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e237", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12637" }, { "category": "3.5.2 Umgang mit Sicherheitsvorf\u00e4llen und St\u00f6rungen", "code": "SK3.5.2.5x", "label": "Kritische Sicherheitsvorf\u00e4lle m\u00fcssen grunds\u00e4tzlich untersucht werden. Untersuchung und Ergebnis muss in einem Bericht dokumentiert werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e238", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12638" }, { "category": "3.5.2 Umgang mit Sicherheitsvorf\u00e4llen und St\u00f6rungen", "code": "SK3.5.2.6", "label": "Aus dem Bericht sollte hervorgehen, welche Ma\u00dfnahmen getroffen oder geplant sind, um gleichgelagerte Sicherheitsvorf\u00e4lle und deren Auswirkungen zuk\u00fcnftig zu vermeiden oder das Sicherheitsrisiko zu minimieren. Die in dieser Hinsicht getroffenen oder geplanten Ma\u00dfnahmen sollten begr\u00fcndet werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e239", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12639" }, { "category": "3.5.2 Umgang mit Sicherheitsvorf\u00e4llen und St\u00f6rungen", "code": "SK3.5.2.7x", "label": "betr\u00e4chtliche Sicherheitsverletzungen gem\u00e4\u00df \u00a7 109 Abs. 5 TKG, sind diese unverz\u00fcglich der Bundesnetzagentur und dem Bundesamt f\u00fcr Sicherheit in der Informationstechnik mitzuteilen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e240", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12640" }, { "category": "3.5.3 Kommunikation und Meldung von Sicherheitsvorf\u00e4llen", "code": "SK3.5.3.1x", "label": "Ein Sicherheitsvorfall kann eine gesetzliche Meldepflicht (z. B. \u00a7\u00a7109 Abs. 5, 109a Abs. 1 TKG oder Art. 33 DSGVO) ausl\u00f6sen. Falls erforderlich sind daher Meldungen \u00fcber aktuelle oder zur\u00fcckliegende Sicherheitsereignisse an Dritte, Kunden und/ oder Beh\u00f6rden durchzuf\u00fchren.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e241", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12641" }, { "category": "3.5.3 Kommunikation und Meldung von Sicherheitsvorf\u00e4llen", "code": "SK3.5.3.2", "label": "Zur Sicherstellung etwaiger Meldepflichten sowie der Kommunikation und Berichterstattung von Sicherheitsvorf\u00e4llen sollten geeignete Regelungen in die unternehmerischen Betriebsabl\u00e4ufe implementiert werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e242", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12642" }, { "category": "3.5.3 Kommunikation und Meldung von Sicherheitsvorf\u00e4llen", "code": "SK3.5.3.3x", "label": "Bei einem Angriff auf Passw\u00f6rter sind betroffene Kunden schnellstm\u00f6glich zu informieren. Zur Sicherstellung sollte ein geeignetes Meldeverfahren festgelegt werden. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e243", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12643" }, { "category": "3.6.1 Aufrechterhaltung von Telekommunikationsinfrastrukturen und Diensten (Business Continuity Management)", "code": "SK3.6.1.1x", "label": "Eine geeignete Pr\u00e4ventionsstrategie vor St\u00f6rungen Sicherheitsvorf\u00e4llen darf nicht nicht nur die technischen Aspekte f\u00fcr die Aufrechterhaltung der Dienste zu regeln. Auch organisatorische Ma\u00dfnahmen sind im Vorfeld zu planen, festzulegen und fortw\u00e4hrend zu \u00fcberpr\u00fcfen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e244", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12644" }, { "category": "3.6.1 Aufrechterhaltung von Telekommunikationsinfrastrukturen und Diensten (Business Continuity Management)", "code": "SK3.6.1.10", "label": "Es sollte regelm\u00e4\u00dfig eine Evaluierung dieser Pl\u00e4ne erfolgen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e245", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12645" }, { "category": "3.6.1 Aufrechterhaltung von Telekommunikationsinfrastrukturen und Diensten (Business Continuity Management)", "code": "SK3.6.1.11x", "label": "Ein geeigneter Notfallbeauftragter ist zu benennen. Dieser sollte alle Aktivit\u00e4ten des Notfallmanagements kennen und steuern.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e246", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12646" }, { "category": "3.6.1 Aufrechterhaltung von Telekommunikationsinfrastrukturen und Diensten (Business Continuity Management)", "code": "SK3.6.1.2x", "label": "Regelungen zur Aufrechterhaltung der Infrastrukturen und Dienste haben allgemeine Handlungsanweisungen und m\u00f6glichst auch konkrete, auf den Einzelfall angepasste Notallma\u00dfnahmen zu enthalten.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e247", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12647" }, { "category": "3.6.1 Aufrechterhaltung von Telekommunikationsinfrastrukturen und Diensten (Business Continuity Management)", "code": "SK3.6.1.3", "label": "Relevante Kontaktinformationen sollten in einem Notfallhandbuch beschrieben und stets aktuell sein.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e248", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12648" }, { "category": "3.6.1 Aufrechterhaltung von Telekommunikationsinfrastrukturen und Diensten (Business Continuity Management)", "code": "SK3.6.1.4", "label": "Der Zugriff auf diese Regelungen und Informationen sollte sichergestellt sein. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e249", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12649" }, { "category": "3.6.1 Aufrechterhaltung von Telekommunikationsinfrastrukturen und Diensten (Business Continuity Management)", "code": "SK3.6.1.5x", "label": "Im Vorfeld ist die Verf\u00fcgbarkeit angemessener Redundanzen auf System- und Dienstebene sicherzustellen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e250", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12650" }, { "category": "3.6.1 Aufrechterhaltung von Telekommunikationsinfrastrukturen und Diensten (Business Continuity Management)", "code": "SK3.6.1.6x", "label": "Diese Redundanzen sind in regelm\u00e4\u00dfigen Abst\u00e4nden zu testen bzw. umzuschalten, sofern dies unterbrechungsfrei m\u00f6glich ist.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e251", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12651" }, { "category": "3.6.1 Aufrechterhaltung von Telekommunikationsinfrastrukturen und Diensten (Business Continuity Management)", "code": "SK3.6.1.7x", "label": "Es sind regelm\u00e4\u00dfige Backups von kritischen Systemen und Daten zu erstellen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e252", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12652" }, { "category": "3.6.1 Aufrechterhaltung von Telekommunikationsinfrastrukturen und Diensten (Business Continuity Management)", "code": "SK3.6.1.8x", "label": "Auf die gesetzlich vorgegebenen L\u00f6sch- und Speicherfristen ist hierbei zu achten, insbesondere sollte die Speicherdauer der Backups in einem angemessenen Verh\u00e4ltnis zur Speicherdauer der personenbezogenen Daten stehen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e253", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12653" }, { "category": "3.6.1 Aufrechterhaltung von Telekommunikationsinfrastrukturen und Diensten (Business Continuity Management)", "code": "SK3.6.1.9x", "label": "Es sind angepasste Notfallpl\u00e4ne zum Betrieb kritischer Systeme auszuarbeiten, festzulegen und zu implementieren.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e254", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12654" }, { "category": "3.6.2 Wiederanlauf nach Ausf\u00e4llen (Disaster Recovery Management)", "code": "SK3.6.2.1x", "label": "Ausfallzeiten bis zur Wiederherstellung der Funktionsf\u00e4higkeit von Netzwerk und Kommunikationsdiensten m\u00fcssen dennoch mit angemessenen Mitteln so gering wie m\u00f6glich gehalten werden", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e255", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12655" }, { "category": "3.6.2 Wiederanlauf nach Ausf\u00e4llen (Disaster Recovery Management)", "code": "SK3.6.2.2x", "label": "Es sind geeignete Richtlinien und Verfahren zur schnellstm\u00f6glichen Wiederherstellung wichtiger Netzwerk- und Kommunikationsdienste zu entwickeln und festzulegen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e256", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12656" }, { "category": "3.6.2 Wiederanlauf nach Ausf\u00e4llen (Disaster Recovery Management)", "code": "SK3.6.2.3", "label": "Diese Richtlinien und Verfahren sollten in regelm\u00e4\u00dfigen Abst\u00e4nden evaluiert werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e257", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12657" }, { "category": "3.6.2 Wiederanlauf nach Ausf\u00e4llen (Disaster Recovery Management)", "code": "SK3.6.2.4", "label": "Die wichtigsten Gesch\u00e4ftsprozesse f\u00fcr den Wiederanlauf sollten priorisiert werden. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e258", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12658" }, { "category": "3.6.2 Wiederanlauf nach Ausf\u00e4llen (Disaster Recovery Management)", "code": "SK3.6.2.5", "label": "Im Vorfeld sollten Lieferantenvertr\u00e4ge auf eine Ersatzbereitstellung gepr\u00fcft werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e259", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12659" }, { "category": "3.6.2 Wiederanlauf nach Ausf\u00e4llen (Disaster Recovery Management)", "code": "SK3.6.2.6", "label": "Eine geeignete Schutzma\u00dfnahme kann die Vorhaltung geeigneter Ersatzger\u00e4te f\u00fcr Infrastruktur und TK-Systeme sein.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e260", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12660" }, { "category": "3.6.2 Wiederanlauf nach Ausf\u00e4llen (Disaster Recovery Management)", "code": "SK3.6.2.7", "label": "Eine geeignete Schutzma\u00dfnahme kann im Einzelfall auch die Vorhaltung geeigneter, mobiler Netzersatzanlagen sein", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e261", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12661" }, { "category": "3.6.2 Wiederanlauf nach Ausf\u00e4llen (Disaster Recovery Management)", "code": "SK3.6.2.8", "label": "Zur Aufrechterhaltung von Dienstleistungen kann die pr\u00e4ventive Einrichtung von Notfallarbeitspl\u00e4tzen f\u00fcr Mitarbeiter sinnvoll sein.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e262", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12662" }, { "category": "3.7.1 \u00dcberwachungs- und Protokollierungsma\u00dfnahmen", "code": "SK3.7.1.1x", "label": "Alle sicherheitsrelevanten Ereignisse sind zu protokollieren und in einer auswertbaren Form abzuspeichern.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e263", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12663" }, { "category": "3.7.1 \u00dcberwachungs- und Protokollierungsma\u00dfnahmen", "code": "SK3.7.1.2x", "label": "Werden Daten f\u00fcr diese Zwecke nicht mehr ben\u00f6tigt, so sind sie unverz\u00fcglich zu l\u00f6schen. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e264", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12664" }, { "category": "3.7.1 \u00dcberwachungs- und Protokollierungsma\u00dfnahmen", "code": "SK3.7.1.3", "label": "Es sollte ein auf den Einzelfall angepasstes Regelwerk f\u00fcr die \u00dcberwachung und Protokollierung betriebsrelevanter Systeme eingef\u00fchrt und umgesetzt werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e265", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12665" }, { "category": "3.7.1 \u00dcberwachungs- und Protokollierungsma\u00dfnahmen", "code": "SK3.7.1.4", "label": "Das Regelwerk sollte regelm\u00e4\u00dfig evaluiert werden. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e266", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12666" }, { "category": "3.7.1 \u00dcberwachungs- und Protokollierungsma\u00dfnahmen", "code": "SK3.7.1.5", "label": "Durch die automatische \u00dcberwachung und Protokollierung betriebsrelevanter Systeme k\u00f6nnen im Einzelfall m\u00f6glicherweise weitere, zur Auswertung geeignete Informationen gewonnen werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e267", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12667" }, { "category": "3.7.1 \u00dcberwachungs- und Protokollierungsma\u00dfnahmen", "code": "SK3.7.1.6", "label": "Administrative T\u00e4tigkeiten oder Arbeiten an betriebsrelevanten Systemen sollten protokolliert werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e268", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12668" }, { "category": "3.7.2 Notfall\u00fcbungen", "code": "SK3.7.2.1", "label": "Es sollten regelm\u00e4\u00dfig Notfall\u00fcbungen durchgef\u00fchrt werden", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e269", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12669" }, { "category": "3.7.2 Notfall\u00fcbungen", "code": "SK3.7.2.2", "label": "Eine Vorgehensweise zum Testen und \u00fcben von Notfallpl\u00e4nen zur Aufrechterhaltung und Wiederherstellung kritischer Dienste und Infrastrukturen festlegt werden. Falls m\u00f6glich und notwendig, sollte dies auch in Zusammenarbeit mit Dritten erfolgen. Es sollen m\u00f6glichst realistische und unterschiedliche Szenarien ber\u00fccksichtigt werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e270", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12670" }, { "category": "3.7.2 Notfall\u00fcbungen", "code": "SK3.7.2.3", "label": "Dabei soll festgestellt werden ob geplante Ausfallzeiten nicht \u00fcberschritten werden und ob die bestimmte Krisenleitung in der Praxis ihre Aufgaben erf\u00fcllt. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e271", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12671" }, { "category": "3.7.3 Testen von Netzwerk- und IT-Systemen", "code": "SK3.7.3.1", "label": "Es sollten daher schon im Vorfeld Regelungen zur Freigabe und zum Testen von Netzwerk- und IT-Systemen festgelegt werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e272", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12672" }, { "category": "3.7.3 Testen von Netzwerk- und IT-Systemen", "code": "SK3.7.3.2", "label": "Netzwerk- oder IT-Systeme sollten auf gesonderten Testumgebungen getestet werden, bevor sie verwendet oder mit vorhandenen Systemen verbunden werden. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e273", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12673" }, { "category": "3.7.3 Testen von Netzwerk- und IT-Systemen", "code": "SK3.7.3.3", "label": "Gleiches sollte auch bei Anpassungen oder z.B. nach Updates geschehen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e274", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12674" }, { "category": "3.7.3 Testen von Netzwerk- und IT-Systemen", "code": "SK3.7.3.4", "label": "Betriebsrelevante Systeme sollten regelm\u00e4\u00dfigen Sicherheitstests unterzogen werden. Dies gilt insbesondere dann, wenn neue Systeme eingef\u00fchrt und \u00c4nderungen vorgenommen werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e275", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12675" }, { "category": "3.7.3 Testen von Netzwerk- und IT-Systemen", "code": "SK3.7.3.5x", "label": "Es muss sichergestellt sein, dass Tests keine Auswirkungen auf die Sicherheit von Netzwerken und Diensten haben. Die Verwendung von sensiblen Daten muss vermieden werden. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e276", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12676" }, { "category": "3.8 Beurteilung der Sicherheitsma\u00dfnahmen", "code": "SK3.8.1x", "label": "Alle Sicherheitsma\u00dfnahmen m\u00fcssen den Stand der Technik ber\u00fccksichtigen. Vor diesem Hintergrund m\u00fcssen auch die getroffenen Sicherheitsma\u00dfnahmen regelm\u00e4\u00dfig neu vom pflichtigen Unternehmen beurteilt werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e277", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12677" }, { "category": "3.8 Beurteilung der Sicherheitsma\u00dfnahmen", "code": "SK3.8.2", "label": "Daher sollte eine angemessene Strategie zur Beurteilung der im Einzelfall getroffenen Sicherheitsma\u00dfnahmen erstellt werden. ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e278", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12678" }, { "category": "3.8 Beurteilung der Sicherheitsma\u00dfnahmen", "code": "SK3.8.3", "label": "Es sollten im Mindestma\u00df Regelungen zur Beurteilung der getroffenen Schutzma\u00dfnahmen erstellt werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e279", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12679" }, { "category": "3.8 Beurteilung der Sicherheitsma\u00dfnahmen", "code": "SK3.8.4", "label": "Regelm\u00e4\u00dfig durchgef\u00fchrte Risikoanalysen sowie Erhebungen festgelegter Kennzahlen (z.B. St\u00f6rungs- und Ausfallzeiten als Indikator) k\u00f6nnen f\u00fcr die Beurteilung der Sicherheitsma\u00dfnahmen herangezogen werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e280", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12680" }, { "category": "3.8 Beurteilung der Sicherheitsma\u00dfnahmen", "code": "SK3.8.5", "label": "Durch regelm\u00e4\u00dfige und realistische Stresstests k\u00f6nnen m\u00f6glicherweise neue Risikofaktoren identifiziert werden", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e281", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12681" }, { "category": "3.9 Einhaltung gesetzlicher Anforderungen", "code": "SK3.9.1x", "label": "Die Einhaltung gesetzlicher, vertraglicher oder freiwilliger Regeln ist sicherzustellen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e282", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12682" }, { "category": "3.9 Einhaltung gesetzlicher Anforderungen", "code": "SK3.9.2", "label": " Hierzu sollte ein \u00dcberwachungssystem in die Betriebsabl\u00e4ufe implementiert werden", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e283", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12683" }, { "category": "3.9 Einhaltung gesetzlicher Anforderungen", "code": "SK3.9.3", "label": " Hierzu sollte eine zust\u00e4ndige Stelle benannt werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e284", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12684" }, { "category": "3.9 Einhaltung gesetzlicher Anforderungen", "code": "SK3.9.4", "label": "Die Rechtsentwicklung sollte kontinuierlich und in geeigneter Form sondiert und deren Anwendung auf den Einzelfall gepr\u00fcft werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e285", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12685" }, { "category": "4.1 Sicherheitsanforderungen zum Schutz des Fernmeldegeheimnisses (\u00a7 88 TKG)", "code": "SK4.1.1x", "label": "Gesch\u00fctzt durch Art. 10 GG ist die Vertraulichkeit der Nutzung des zur Nachrichten\u00fcbermittlung eingesetzten technischen Mediums. Werden kommunikative Daten ohne Einwilligung zur Kenntnis genommen, aufgezeichnet, verwertet oder weitergegeben, so stellt dies ein Grundrechtseingriff dar. Zur Wahrung des Fernmeldegeheimnisses ist jeder Diensteanbieter verpflichtet. Die Pflicht zur Geheimhaltung besteht auch nach dem Ende der T\u00e4tigkeit fort.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e286", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12686" }, { "category": "4.1 Sicherheitsanforderungen zum Schutz des Fernmeldegeheimnisses (\u00a7 88 TKG)", "code": "SK4.1.2x", "label": "Es ist zu verhindern, dass Diensteanbieter sich oder anderen \u00fcber das f\u00fcr die gesch\u00e4ftsm\u00e4\u00dfige Erbringung der Telekommunikationsdienste einschlie\u00dflich des Schutzes ihrer technischen Systeme erforderliche Ma\u00df hinaus Kenntnis vom Inhalt oder den n\u00e4heren Umst\u00e4nden der Telekommunikation verschaffen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e287", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12687" }, { "category": "4.1 Sicherheitsanforderungen zum Schutz des Fernmeldegeheimnisses (\u00a7 88 TKG)", "code": "SK4.1.3x", "label": "Gleicherma\u00dfen ist zu verhindern, dass sich unbefugte Dritte Kenntnisse \u00fcber den Inhalt oder die n\u00e4heren Umst\u00e4nde der Telekommunikation verschaffen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e288", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12688" }, { "category": "4.1 Sicherheitsanforderungen zum Schutz des Fernmeldegeheimnisses (\u00a7 88 TKG)", "code": "SK4.1.4x", "label": "Zu ber\u00fccksichtigen sind hierbei technische Einrichtungen zur mittelbaren und unmittelbaren \u00dcbertragung von Nachrichteninhalten, ferner auch Einrichtungen zur Erhebung, Verarbeitung und Nutzung von Verkehrsdaten (z.B. Teilnehmeranschluss, Netzabschlusspunkt, Vermittlungs- und Leitwegeinrichtungen, Verbindungsnetz sowie Billing- oder Fraud- Systeme).", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e289", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12689" }, { "category": "4.1 Sicherheitsanforderungen zum Schutz des Fernmeldegeheimnisses (\u00a7 88 TKG)", "code": "SK4.1.5x", "label": "Im Bereich der Verwaltung und Verwahrung von Akten, welche dem Fernmeldegeheimnis unterliegen, sind f\u00fcr den Datenschutz hinreichend gen\u00fcgende Aufbewahrungsbeh\u00e4ltnisse zu verwenden sowie entsprechende R\u00e4ume mit Zutrittskontrolle sinnvoll einzusetzen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e290", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12690" }, { "category": "4.1 Sicherheitsanforderungen zum Schutz des Fernmeldegeheimnisses (\u00a7 88 TKG)", "code": "SK4.1.6x", "label": "Es d\u00fcrfen nur Personen Zugriff und Zugang haben, welche eine ausreichende Belehrung \u00fcber die Sensibilit\u00e4t dieser Daten erhalten haben.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e291", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12691" }, { "category": "4.1 Sicherheitsanforderungen zum Schutz des Fernmeldegeheimnisses (\u00a7 88 TKG)", "code": "SK4.1.7x", "label": "Es muss sichergestellt werden, dass bei Nachrichten\u00fcbermittlungssystemen mit Zwischenspeicherung ausschlie\u00dflich der Teilnehmer durch seine Einwilligung Inhalt, Umfang und Art der Verarbeitung bestimmt. Schutzma\u00dfnahmen, die lediglich dem Teilnehmer selbst gestatten zu entscheiden, wer Nachrichteninhalte eingeben und darauf zugreifen darf, k\u00f6nnen durch entsprechende Zugangscodes und Kennw\u00f6rter erf\u00fcllt werden. Diese werden nur dem Teilnehmer vertraulich \u00fcbermittelt und sollen von diesem selbst\u00e4ndig nach Erhalt ver\u00e4ndert werden. Es liegt in der Einwilligungsfreiheit des Teilnehmers, an welche Person er die Zugangskennungen weitergibt.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e292", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12692" }, { "category": "4.1 Sicherheitsanforderungen zum Schutz des Fernmeldegeheimnisses (\u00a7 88 TKG)", "code": "SK4.1.8", "label": "Schutzma\u00dfnahme gegen eine ungerechtfertigte, entgegen dem Vertragsverh\u00e4ltnis vereinbarte L\u00f6schung von Nachrichteninhalten durch den Diensteanbieter kann beispielsweise das Anlegen von Backupsystemen sein.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e293", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12693" }, { "category": "4.2 Sicherheitsanforderungen zum Schutz der personenbezogenen Daten (\u00a7\u00a7 91 ff. TKG)", "code": "SK4.2x", "label": "Die Erhebung, Verarbeitung und Nutzung von Bestands- und Verkehrsdaten der pflichtigen Telekommunikationsunternehmen kann u. a. in \u201eCustomer Care and Billing- Systemen\u201c, in \u201eFraud- Systemen (\u00a7 100 Abs. 3 TKG)\u201c, in \u201eSystemen zur Mitteilung ankommender Verbindungen (\u00a7 101 TKG)\u201c oder in \u201eSystemen zur Aufnahme in \u00f6ffentliche Telefonverzeichnisse\u201c (\u00a7 45m TKG) erfolgen. Im Hinblick auf die Wahrung datenschutzrechtlicher Informationspflichten sind Art. 13 DSGVO und \u00a7 93 TKG zu beachten. I", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e294", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12694" }, { "category": "4.2.1 Informationspflichten (\u00a7 93 TKG)", "code": "SK4.2.1.1", "label": "Es wird empfohlen, die Mitarbeiter durch geeignete Unterrichtsma\u00dfnahmen f\u00fcr die Belange des Datenschutzes zu sensibilisieren.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e295", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12695" }, { "category": "4.2.1 Informationspflichten (\u00a7 93 TKG)", "code": "SK4.2.1.2", "label": "Es sollte daneben eine vertragliche Verpflichtungserkl\u00e4rung zur Wahrung des Datenschutzes von allen tangierten Mitarbeitern abgegeben werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e296", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12696" }, { "category": "4.2.1 Informationspflichten (\u00a7 93 TKG)", "code": "SK4.2.1.3x", "label": "Den Teilnehmern sind bei Vertragsabschluss Name und Kontaktdaten des f\u00fcr die Verarbeitung Verantwortlichen mitzuteilen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e297", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12697" }, { "category": "4.2.1 Informationspflichten (\u00a7 93 TKG)", "code": "SK4.2.1.4x", "label": "Die Teilnehmer sind allgemein dar\u00fcber zu unterrichten, welche Art von Daten zu welchen Zwecken und auf welcher Rechtsgrundlage verarbeitet werden sollen. Auch sind die Empf\u00e4nger oder Kategorien von Empf\u00e4nger zu nennen, an die die personenbezogenen Daten der Teilnehmer \u00fcbermittelt werden. Ist eine \u00dcbermittlung in ein Drittland, also ein Land au\u00dferhalb der EU und des Europ\u00e4ischen Wirtschaftsraumes, beabsichtigt, so muss dies ebenfalls gegen\u00fcber den Teilnehmern angegeben werden. Damit Betroffene wissen, wer der korrekte Ansprechpartner im Unternehmen f\u00fcr datenschutzbezogene Anliegen ist, m\u00fcssen auch die Kontaktdaten des betrieblichen Datenschutzbeauftragten mitgeteilt werden.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e298", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12698" }, { "category": "4.2.1 Informationspflichten (\u00a7 93 TKG)", "code": "SK4.2.1.5x", "label": "Ferner muss auf bestehende Betroffenenrechte \u2013 etwa das Recht auf Berichtigung oder L\u00f6schung \u2013 hingewiesen werden sowie das Recht auf Beschwerde bei der zust\u00e4ndigen Datenschutzbeh\u00f6rde.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e299", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12699" }, { "category": "4.2.1 Informationspflichten (\u00a7 93 TKG)", "code": "SK4.2.1.6x", "label": "Die Teilnehmer sind \u00fcber die ggf. besonderen Risiken der Verletzung der Netzsicherheit aufzukl\u00e4ren und ggf. auch \u00fcber m\u00f6gliche Abhilfen zu informieren.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e300", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12700" }, { "category": "4.2.2 Verkehrsdaten (\u00a7 96 TKG)", "code": "SK4.2.2.1x", "label": "Das Erheben von Verkehrsdaten kann nur zul\u00e4ssig sein, soweit dies f\u00fcr einen der in Abschnitt 2 von Teil 7 des TKG genannten Zwecke erforderlich ist.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e301", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12701" }, { "category": "4.2.2 Verkehrsdaten (\u00a7 96 TKG)", "code": "SK4.2.2.2x", "label": "Unter bestimmten weiteren Bedingungen kann die Ermittlung von Kommunikationsprofilen einzelner Teilnehmer und die Analyse von Verkehrsstr\u00f6men zul\u00e4ssig sein, \u00a7 96 Abs. 3 S. 1 TKG", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e302", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12702" }, { "category": "4.2.2 Verkehrsdaten (\u00a7 96 TKG)", "code": "SK4.2.2.3x", "label": "Die Verkehrsdaten sind i.d.R. vom Diensteanbieter nach Beendigung der Verbindung unverz\u00fcglich zu l\u00f6schen, \u00a7 96 Abs. 1 S. 3 TKG. Auf den Leitfaden des/der BfDI und der BNetzA f\u00fcr eine datenschutzgerechte Speicherung von Verkehrsdaten (Stand 19.12.2012) wird verwiesen (abrufbar unter www.bundesnetzagentur.de/vds).", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e303", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12703" }, { "category": "4.2.3 Entgeltermittlung und Entgeltabrechnung (\u00a7 97 TKG)", "code": "SK4.2.3.1x", "label": "Sind bei der Erstellung von Telekommunikationsrechnungen oder der Erbringung von Telekommunikationsdienstleistungen Dritte eingebunden (z. B. durch Diensteanbieter ohne eigene Netzinfrastruktur), dann sind technische und organisatorische Schnittstellen-Beziehungen zwischen Auftraggeber (Diensteanbieter) und Auftragnehmer (Erf\u00fcllungsgehilfe) eindeutig zu regeln.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e304", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12704" }, { "category": "4.2.3 Entgeltermittlung und Entgeltabrechnung (\u00a7 97 TKG)", "code": "SK4.2.3.2x", "label": "Nicht ben\u00f6tigte Daten nach \u00a7 97 Abs. 3 TKG sind unverz\u00fcglich zu l\u00f6schen.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e305", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12705" }, { "category": "4.2.4 Standortdaten (\u00a7 98 TKG)", "code": "SK4.2.4.1", "label": "tbd", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e306", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12706" }, { "category": "4.2.5 Einzelverbindungsnachweis (\u00a7 99 TKG)", "code": "SK4.2.5.1", "label": "tbd", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e307", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12707" }, { "category": "4.2.6 Mitteilen ankommender Verbindungen (\u00a7 101 TKG)", "code": "SK4.2.6.1", "label": "tbd", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e308", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12708" }, { "category": "4.2.7 Automatische Anrufweiterschaltung (\u00a7 103 TKG)", "code": "SK4.2.7.1", "label": "tbd", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e309", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12709" }, { "category": "4.2.8 Nachrichten\u00fcbermittlungssysteme mit Zwischenspeicherung (\u00a7 107 TKG)", "code": "SK4.2.8.1", "label": "tbd", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e310", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12710" }, { "category": "4.3.1 St\u00f6rungen von Telekommunikationsanlagen und Missbrauch von Telekommunikationsdiensten (\u00a7 100 TKG)", "code": "SK4.3.1.1x", "label": "Zum Erkennen, Eingrenzen oder Beseitigen von St\u00f6rungen darf der Diensteanbieter im erforderlichen Umfang Bestands-, Verkehrs- und Steuerdaten erheben und verwenden. Dies ist mit mit einer Berichtspflicht verkn\u00fcpft. Allgemeine Hinweise zur Berichtspflicht nach \u00a7 100 Abs. 1 TKG und deren Geltung sind unter www.bundesnetzagentur.de/TKG100 abrufbar.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e311", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12711" }, { "category": "4.3.1 St\u00f6rungen von Telekommunikationsanlagen und Missbrauch von Telekommunikationsdiensten (\u00a7 100 TKG)", "code": "SK4.3.1.2x", "label": "Zum Erkennen und Eingrenzen von St\u00f6rungen ist dem Betreiber einer Telekommunikationsanlage unter engen Voraussetzungen auch das Aufschalten auf bestehende Verbindungen gestattet. Eventuell entstandene Aufzeichnungen sind jedoch unverz\u00fcglich zu l\u00f6schen. Mit diesem datenschutzrechtlichen Eingriff ist eine Informationspflicht gegen\u00fcber dem betrieblichen Datenschutzbeauftragten verbunden (vgl. insgesamt \u00a7 100 Abs. 2 TKG).", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e312", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12712" }, { "category": "4.3.1 St\u00f6rungen von Telekommunikationsanlagen und Missbrauch von Telekommunikationsdiensten (\u00a7 100 TKG)", "code": "SK4.3.1.3x", "label": "Liegen Anhaltspunkte f\u00fcr Leistungserschleichung oder Betrug vor, so kann der Diensteanbieter zur Sicherung seines Anspruches unter bestimmten Voraussetzungen Bestands- und Verkehrsdaten verwenden. In diesem Zusammenhang sind Informationspflichten gegen\u00fcber der Bundesnetzagentur und dem/der Bundesbeauftragten f\u00fcr den Datenschutz zu beachten.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e313", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12713" }, { "category": "4.3.2 Betr\u00e4chtliche Sicherheitsverletzungen (\u00a7 109 Abs. 5 TKG)", "code": "SK4.3.2.1x", "label": "Netzbetreiber und Diensteerbringer haben sowohl tats\u00e4chlich eingetretene als auch m\u00f6gliche betr\u00e4chtliche Sicherheitsverletzungen unverz\u00fcglich der Bundesnetzagentur und dem Bundesamt f\u00fcr Sicherheit in der Informationstechnik mitzuteilen. Auf das aktuell g\u00fcltige Umsetzungskonzept zur Meldung von Vorf\u00e4llen wird verwiesen (Stand: 10.11.2017, Version: 4.0, ABl. BNetzA Nr. 22 v. 22.11.2017).", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e314", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12714" }, { "category": "4.3.3 Daten- und Informationssicherheit (\u00a7 109a TKG)", "code": "SK4.3.3.1", "label": "Informationspflichten im Falle einer Verletzung des Schutzes personenbezogener Daten (\u201eDatenschutzpanne\u201c oder \u201eSecurity Breach\u201c). Dem pflichtigen Unternehmen obliegen in diesem Zusammenhang bestimmte Benachrichtigungspflichten gegen\u00fcber dem Betroffenen, aber auch gegen\u00fcber der Bundesnetzagentur und dem/der Bundesbeauftragten f\u00fcr den Datenschutz und die Informationsfreiheit. Auf die Hinweise der Bundesnetzagentur, abrufbar unter www.bundesnetzagentur.de/109a.", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e315", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12715" }, { "category": "5.1 Umsetzung von Sicherheitsanforderungen (\u00a7 109 Abs. 4 TKG )", "code": "SK5.1.1", "label": "Erstellungs-, Benennungs- und Vorlagenpflichten, sowie Erkl\u00e4rungspflicht", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e316", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12716" }, { "category": "5.1.10 Sicherheitskonzept an Ver\u00e4nderungen anpassen", "code": "SK5.1.10", "label": "Es ist zu gew\u00e4hrleisten, dass in regelm\u00e4\u00dfigen Abst\u00e4nden die Wirksamkeit der umgesetzten Sicherheitsma\u00dfnahmen festgestellt", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e317", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12717" }, { "category": "5.1 Umsetzung von Sicherheitsanforderungen (\u00a7 109 Abs. 4 TKG )", "code": "SK5.1.2", "label": "sicherheitskonzeptionellen Pflichten nach \u00a7 109 Abs. 4 TKG zur Strukturierung geeigneter und angemessener Ma\u00dfnahmen zum Schutz von Fernmeldegeheimnis, Datenschutz und Funktionsf\u00e4higkeit von Netzen und Diensten mit Pr\u00fcfung Konzept und Umsetzung durch BNetzA", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e318", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12718" }, { "category": "5.1 Umsetzung von Sicherheitsanforderungen (\u00a7 109 Abs. 4 TKG )", "code": "SK5.1.3", "label": "\u00dcberpr\u00fcfung der Erf\u00fcllung der Sicherheitsanforderungen aus \u00a7 109 Abs. 1 bis 3 TKG durch eine qualifizierte unabh\u00e4ngige Stelle nach \u00a7 109 Abs. 7 TKG ", "referential": "ca9262c7-08a5-4817-8693-c2ec6bf0e319", "referential_label": "", "uuid": "9fdde5e2-0246-49fe-ace8-f7697da12719" } ], "version": 1 } 2024-01-04T11:57:57.153641+00:00 https://objects.monarc.lu/object/get/5251 2024-05-02T13:22:55.403417+00:00 Various contributors { "a": true, "c": false, "code": "G 0.1", "description": "Feuer k\u00f6nnen schwere Sch\u00e4den an Menschen, Geb\u00e4uden und deren Einrichtung verursachen. Neben direkten durch Feuer verursachten Sch\u00e4den lassen sich Folgesch\u00e4den aufzeigen, die insbesondere f\u00fcr die Informationstechnik in ihrer Schadenswirkung ein katastrophales Ausma\u00df erreichen k\u00f6nnen. L\u00f6schwassersch\u00e4den treten beispielsweise nicht nur an der Brandstelle auf. Sie k\u00f6nnen auch in tiefer liegenden Geb\u00e4udeteilen entstehen. Bei der Verbrennung von PVC entstehen Chlorgase, die zusammen mit der Luftfeuchtigkeit und dem L\u00f6schwasser Salzs\u00e4ure bilden. Werden die Salzs\u00e4ured\u00e4mpfe \u00fcber die Klimaanlage verteilt, k\u00f6nnen auf diese Weise Sch\u00e4den an empfindlichen elektronischen Ger\u00e4ten entstehen, die in einem vom Brandort weit entfernten Teil des Geb\u00e4udes stehen. Aber auch \"normaler\" Brandrauch kann auf diesem Weg besch\u00e4digend auf die IT-Einrichtung einwirken.", "i": false, "label": "G 0.1 Feuer", "language": "DE", "theme": "Elementare Gef\u00e4hrdungen", "uuid": "cb0e877a-f471-4861-b74c-d8200206f67f" } 2024-01-04T13:43:25.095283+00:00 https://objects.monarc.lu/object/get/5252 2024-05-02T13:22:55.403219+00:00 Various contributors { "a": true, "c": false, "code": "G 0.2", "description": "Ung\u00fcnstige klimatische Bedingungen wie Hitze, Frost oder hohe Luftfeuchtigkeit k\u00f6nnen zu Sch\u00e4den verschiedenster Art f\u00fchren, beispielsweise zu Fehlfunktionen in technischen Komponenten oder zur Besch\u00e4digung von Speichermedien. H\u00e4ufige Schwankungen der klimatischen Bedingungen verst\u00e4rken diesen Effekt. Ung\u00fcnstige klimatische Bedingungen k\u00f6nnen auch dazu f\u00fchren, dass Menschen nicht mehr arbeiten k\u00f6nnen oder sogar verletzt oder get\u00f6tet werden.", "i": false, "label": "G 0.2 Ung\u00fcnstige klimatische Bedingungen", "language": "DE", "theme": "Elementare Gef\u00e4hrdungen", "uuid": "b8fbdd0b-2541-4586-9b96-2089ee7e6425" } 2024-01-04T13:49:12.836115+00:00 https://objects.monarc.lu/object/get/5211 2024-05-02T13:22:55.402932+00:00 CVE-Search { "Modified": "2021-07-14T18:15:00", "Published": "2021-07-02T22:15:00", "access": { "authentication": "SINGLE", "complexity": "LOW", "vector": "NETWORK" }, "assigner": "secure@microsoft.com", "cvss": 9, "cvss-time": "2021-07-14T18:15:00", "cvss-vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "cwe": "CWE-269", "id": "CVE-2021-34527", "impact": { "availability": "COMPLETE", "confidentiality": "COMPLETE", "integrity": "COMPLETE" }, "last-modified": "2021-07-14T18:15:00", "products": [], "references": [ "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34527", "https://www.kb.cert.org/vuls/id/383432" ], "summary": "Windows Print Spooler Remote Code Execution Vulnerability", "vendors": [], "vulnerable_configuration": [ "{\"id\":\"cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*\",\"title\":\"cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*\",\"title\":\"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*\",\"title\":\"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*\"}", "{\"id\":\"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*\"}", "{\"id\":\"cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*\",\"title\":\"cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*\"}" ], "vulnerable_configuration_cpe_2_2": [], "vulnerable_configuration_stems": [], "vulnerable_product": [ "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*" ], "vulnerable_product_stems": [] } 2024-03-14T13:11:31.967819+00:00 https://objects.monarc.lu/object/get/5212 2024-05-02T13:22:55.401745+00:00 CVE-Search { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2021-34527" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "Windows Print Spooler Remote Code Execution Vulnerability" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-269" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34527", "refsource": "MISC", "tags": [ "Mitigation", "Patch", "Vendor Advisory" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34527" }, { "name": "VU#383432", "refsource": "CERT-VN", "tags": [], "url": "https://www.kb.cert.org/vuls/id/383432" } ] } } 2024-03-14T13:11:31.967833+00:00 https://objects.monarc.lu/object/get/5253 2024-05-02T13:22:55.400202+00:00 CIRCL { "affected": [], "aliases": [ "CVE-2021-34527" ], "database_specific": {}, "details": "Windows Print Spooler Remote Code Execution Vulnerability", "id": "GHSA-75f9-mm5v-2rgm", "modified": "2022-05-26T00:01:23Z", "published": "2022-05-24T19:06:54Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34527" }, { "type": "WEB", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34527" }, { "type": "WEB", "url": "https://www.kb.cert.org/vuls/id/383432" }, { "type": "WEB", "url": "http://packetstormsecurity.com/files/167261/Print-Spooler-Remote-DLL-Injection.html" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] } 2024-03-14T13:11:58.208121+00:00 https://objects.monarc.lu/object/get/5227 2024-05-02T13:22:55.397886+00:00 MONARC { "authors": [ "CASES Team" ], "label": "ISO/IEC 27002 [2022]", "language": "EN", "refs": [ "https://www.iso.org/standard/54533.html" ], "uuid": "831acc76-2bcc-4376-836a-f6b0ee6df568", "values": [ { "category": "Organizational controls", "code": "5.1", "label": "Policies for information security", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "ac5590c1-5e43-4a29-87fb-5ba7416a0831" }, { "category": "Organizational controls", "code": "5.2", "label": "Information security roles and responsibilities", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "dcdebb24-3cf2-4c27-bb01-4cd04118e6f5" }, { "category": "Organizational controls", "code": "5.3", "label": "Segregation of duties", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "6ea4f43d-0d12-4edf-8191-bf469f25e252" }, { "category": "Organizational controls", "code": "5.4", "label": "Management responsibilities", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "957e0fb3-f06e-4ef5-b152-f1045b3a576f" }, { "category": "Organizational controls", "code": "5.5", "label": "Contact with authorities", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "7a5c4510-1d09-481b-822d-2d58745d390b" }, { "category": "Organizational controls", "code": "5.6", "label": "Contact with special interest groups", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "33aa534c-482a-4503-919c-635ac65d084e" }, { "category": "Organizational controls", "code": "5.7", "label": "Threat intelligence", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "dca62889-6240-406e-8c94-5f418e7e004e" }, { "category": "Organizational controls", "code": "5.8", "label": "Information security in project management", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "45d81142-d8b8-45c5-811b-8a636c404af8" }, { "category": "Organizational controls", "code": "5.9", "label": "Inventory of information and other associated assets", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "48ecb62f-f73d-4c65-a8e4-2fa831346a70" }, { "category": "Organizational controls", "code": "5.10", "label": "Acceptable use of information and other associated assets", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "95882551-578c-4c0d-afe8-1dff2b251da4" }, { "category": "Organizational controls", "code": "5.11", "label": "Return of assets", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "fb24425c-10df-4bc3-9b48-d72b952b92b5" }, { "category": "Organizational controls", "code": "5.12", "label": "Classification of information", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "4ca57d37-8fc9-4d15-b6a7-64416a520ac1" }, { "category": "Organizational controls", "code": "5.13", "label": "Labelling of information", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "006fc402-2bba-4bcb-85b6-7bb9de4c54cd" }, { "category": "Organizational controls", "code": "5.14", "label": "Information transfer", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "1fbd96df-158c-47a2-8dc5-a22c6f915a79" }, { "category": "Organizational controls", "code": "5.15", "label": "Access control", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "de075220-6acf-4ca7-837b-713b1f87f5f3" }, { "category": "Organizational controls", "code": "5.16", "label": "Identity management", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "d2cb623e-3cc6-46fd-bbe7-3239e5fa2626" }, { "category": "Organizational controls", "code": "5.17", "label": "Authentication information", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "7fe8f85a-6c22-4680-b076-88d74ba5c4e3" }, { "category": "Organizational controls", "code": "5.18", "label": "Access rights", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "c26bedb1-42f5-4154-8cea-b923b1103cfe" }, { "category": "Organizational controls", "code": "5.19", "label": "Information security in supplier relationships", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "239e3bca-0b4b-4692-9ba1-9e2a73d6cc40" }, { "category": "Organizational controls", "code": "5.20", "label": "Addressing information security within supplier agreements", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "0a23f517-b172-47b2-bc0a-0f693d2900b0" }, { "category": "Organizational controls", "code": "5.21", "label": "Managing information security in the ICT supply chain", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "86fdcdd5-2d94-43ad-aab1-ccc64b3e42f7" }, { "category": "Organizational controls", "code": "5.22", "label": "Monitoring, review and change management of supplier services", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "307d39d8-d31f-4b55-8a0e-9632cd0e380a" }, { "category": "Organizational controls", "code": "5.23", "label": "Information security for use of cloud services", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "e706a0d1-b2ce-4488-b8ae-905f88ab7e4d" }, { "category": "Organizational controls", "code": "5.24", "label": "Information security incident management planning and preparation", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "07e0fb5e-7b82-4f85-b7c7-d22b205436b1" }, { "category": "Organizational controls", "code": "5.25", "label": "Assessment and decision on information security events", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "0aa214a8-51a6-45df-a279-03f04ea5c19e" }, { "category": "Organizational controls", "code": "5.26", "label": "Response to information security incidents", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "865ca2d0-30e8-47f2-9f25-4256943a0d72" }, { "category": "Organizational controls", "code": "5.27", "label": "Learning from information security incidents", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "1c03c68f-29a0-4606-b99d-072491f53e96" }, { "category": "Organizational controls", "code": "5.28", "label": "Collection of evidence", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "432a79d3-45e9-477e-b63a-ab7566bb8590" }, { "category": "Organizational controls", "code": "5.29", "label": "Information security during disruption", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "a197825e-e8f5-47f5-851d-66105a6fc3b2" }, { "category": "Organizational controls", "code": "5.30", "label": "ICT readiness for business continuity", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "4ca07c19-4442-41b8-81ef-bd105af640c8" }, { "category": "Organizational controls", "code": "5.31", "label": "Legal, statutory, regulatory and contractual requirements", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "7f58e55e-17f5-4dca-a7e5-4566192fa8f1" }, { "category": "Organizational controls", "code": "5.32", "label": "Intellectual property rights", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "3d347675-c00a-4fa2-a0af-a5b66cbd8edd" }, { "category": "Organizational controls", "code": "5.33", "label": "Protection of records", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "9f8e81c8-8a90-4b5e-bcf1-ff2e8b4384e8" }, { "category": "Organizational controls", "code": "5.34", "label": "Privacy and protection of PII", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "6a6b0a5f-4e3a-4845-94cc-890aee7f19d9" }, { "category": "Organizational controls", "code": "5.35", "label": "Independent review of information security", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "41d38a42-6f44-4561-b0a2-801095d4eec9" }, { "category": "Organizational controls", "code": "5.36", "label": "Compliance with policies, rules and standards for information security", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "3ff683de-9ca5-482d-8423-06d4d8e315a3" }, { "category": "Organizational controls", "code": "5.37", "label": "Documented operating procedures", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "4c41ffb8-fbf4-48b7-9e16-52293fbcc3c3" }, { "category": "People controls", "code": "6.1", "label": "Screening", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "9e7bdc0e-1603-4545-a2cc-0650fe035e37" }, { "category": "People controls", "code": "6.2", "label": "Terms and conditions of employment", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "83389b64-b080-4625-8e81-05174311e2d8" }, { "category": "People controls", "code": "6.3", "label": "Information security awareness, education and training", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "bb6eac6b-129a-4ea8-8c26-3df5e05d9680" }, { "category": "People controls", "code": "6.4", "label": "Disciplinary process", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "9acaadb0-2f58-4d9b-963b-7671ed0471a6" }, { "category": "People controls", "code": "6.5", "label": "Responsibilities after termination or change of employment", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "e4ef6822-7f1f-46f8-9700-37cde17e81b8" }, { "category": "People controls", "code": "6.6", "label": "Confidentiality or non-disclosure agreements", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "e283f5ed-3a64-4bed-b479-35e4cd8173e6" }, { "category": "People controls", "code": "6.7", "label": "Remote working", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "276430e7-47c5-461b-a5c4-7b46dae11759" }, { "category": "People controls", "code": "6.8", "label": "Information security event reporting", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "ed627a92-cb52-472a-aa2e-b981f8b12de5" }, { "category": "Physical controls", "code": "7.1", "label": "Physical security perimeters", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "26fbd0ef-28da-4930-850f-8519da290fd4" }, { "category": "Physical controls", "code": "7.2", "label": "Physical entry", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "14667423-4f22-49dd-a0fc-bbf3c25597d3" }, { "category": "Physical controls", "code": "7.3", "label": "Securing offices, rooms and facilities", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "474fedbd-0b89-436c-ac04-41c21d6e7420" }, { "category": "Physical controls", "code": "7.4", "label": "Physical security monitoring", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "f439e26f-cec6-41cb-8c86-1b6c0f112ebf" }, { "category": "Physical controls", "code": "7.5", "label": "Protecting against physical and environmental threats", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "07285d43-9ee2-406b-a9fa-3ad36650054b" }, { "category": "Physical controls", "code": "7.6", "label": "Working in secure areas", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "cb371cfa-e8d4-4a83-af29-2f8982929268" }, { "category": "Physical controls", "code": "7.7", "label": "Clear desk and clear screen", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "069bd61a-62a9-4158-b5f9-59e4ee0c8614" }, { "category": "Physical controls", "code": "7.8", "label": "Equipment siting and protection", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "a3897661-541e-4c4c-9844-2981d8288ec6" }, { "category": "Physical controls", "code": "7.9", "label": "Security of assets off-premises", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "68c2f82b-83a3-4aaf-9bce-c57b3f537fa6" }, { "category": "Physical controls", "code": "7.10", "label": "Storage media", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "1167decd-0e55-4359-8fb2-599c490d89fa" }, { "category": "Physical controls", "code": "7.11", "label": "Supporting utilities", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "fc66f113-3f02-4354-8610-879b5467971a" }, { "category": "Physical controls", "code": "7.12", "label": "Cabling security", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "00e9c4c9-c718-4834-a312-c08abb03838c" }, { "category": "Physical controls", "code": "7.13", "label": "Equipment maintenance", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "096b291e-bded-40aa-a3f7-492bcc5dcf4c" }, { "category": "Physical controls", "code": "7.14", "label": "Secure disposal or re-use of equipment", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "43e73ea3-8fcd-455c-b05e-c5d8a747ec33" }, { "category": "Technological controls", "code": "8.1", "label": "User endpoint devices", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "26f82aa2-2a5b-49d9-92dd-53a2d98d743f" }, { "category": "Technological controls", "code": "8.2", "label": "Privileged access rights", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "8890016c-2883-4771-b346-2e8ec19ff2dd" }, { "category": "Technological controls", "code": "8.3", "label": "Information access restriction", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "8eda18e5-8a5e-404a-9f2b-1880fa0e400d" }, { "category": "Technological controls", "code": "8.4", "label": "Access to source code", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "b56726a8-3883-4893-ae75-2ba555411148" }, { "category": "Technological controls", "code": "8.5", "label": "Secure authentication", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "1d9e4229-e86e-4cb1-8e63-fd30711040dd" }, { "category": "Technological controls", "code": "8.6", "label": "Capacity management", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "e8d6402b-f022-494b-b289-3d5d98368e8e" }, { "category": "Technological controls", "code": "8.7", "label": "Protection against malware", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "f331b956-c83b-47b6-a563-09222b1ae7a0" }, { "category": "Technological controls", "code": "8.8", "label": "Management of technical vulnerabilities", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "b2fc0199-a3a8-4386-88d1-0f3b776c3e5d" }, { "category": "Technological controls", "code": "8.9", "label": "Configuration management", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "6f4468c5-06a6-4248-a82b-ef86601d6dd9" }, { "category": "Technological controls", "code": "8.10", "label": "Information deletion", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "af8efe54-1e09-44e8-818d-22dc5446b234" }, { "category": "Technological controls", "code": "8.11", "label": "Data masking", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "082e34b9-5811-485b-a81a-761e79918ebc" }, { "category": "Technological controls", "code": "8.12", "label": "Data leakage prevention", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "c24dd798-1284-440e-82d3-78ef0d149ae6" }, { "category": "Technological controls", "code": "8.13", "label": "Information backup", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "e2e52a80-4222-4f57-b471-92ce90a83ed7" }, { "category": "Technological controls", "code": "8.14", "label": "Redundancy of information processing facilities", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "6a76bfdb-843e-4aa2-8cd7-f738f68845e4" }, { "category": "Technological controls", "code": "8.15", "label": "Logging", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "6e2ed592-c992-4076-b9ec-b7e9a78a7029" }, { "category": "Technological controls", "code": "8.16", "label": "Monitoring activities", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "ba719d1a-81a3-485c-b9b5-fb6332fd3aff" }, { "category": "Technological controls", "code": "8.17", "label": "Clock synchronization", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "dab5cccf-c67d-45b0-a3d4-89ef9f51a2f2" }, { "category": "Technological controls", "code": "8.18", "label": "Use of privileged utility programs", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "9389f178-57cb-4b52-b464-5b983d10ae90" }, { "category": "Technological controls", "code": "8.19", "label": "Installation of software on operational systems", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "5773b0a9-8687-4802-9f19-2d1fba45e6a5" }, { "category": "Technological controls", "code": "8.20", "label": "Networks security", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "3cfb677a-cc3c-437d-aabf-c0ad88d740a5" }, { "category": "Technological controls", "code": "8.21", "label": "Security of network services", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "47ad87a1-dd3e-443e-8d82-2ec782979637" }, { "category": "Technological controls", "code": "8.22", "label": "Segregation of networks", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "6c305573-67ac-488e-882a-8e94e6373355" }, { "category": "Technological controls", "code": "8.23", "label": "Web filtering", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "8a973656-95e8-4664-9e6c-c788b4ba0771" }, { "category": "Technological controls", "code": "8.24", "label": "Use of cryptography", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "1a0fe2b2-4401-4d3d-b4a2-53d7d95a76c9" }, { "category": "Technological controls", "code": "8.25", "label": "Secure development life cycle", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "3ddf1641-0529-44d2-8a23-b5811555cdd2" }, { "category": "Technological controls", "code": "8.26", "label": "Application security requirements", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "8298dbd1-c18e-4f03-bb63-4867bfeaf716" }, { "category": "Technological controls", "code": "8.27", "label": "Secure system architecture and engineering principles", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "497618e9-e495-42b6-b04e-21801f9c01f7" }, { "category": "Technological controls", "code": "8.28", "label": "Secure coding", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "2452bf90-43da-46d9-9dee-05d73b9fce09" }, { "category": "Technological controls", "code": "8.29", "label": "Security testing in development and acceptance", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "991f8c55-2da0-4dbf-b604-cbadc8df8389" }, { "category": "Technological controls", "code": "8.30", "label": "Outsourced development", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "d5f93f4a-eac7-4200-b90b-c02db54c76f4" }, { "category": "Technological controls", "code": "8.31", "label": "Separation of development, test and production environments", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "00383120-11a9-4b95-bfb9-47b3d4975bcb" }, { "category": "Technological controls", "code": "8.32", "label": "Change management", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "866a0676-f2bd-4499-ba25-cd6f9466969a" }, { "category": "Technological controls", "code": "8.33", "label": "Test information", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "7df0a5ac-79b3-416c-8a38-c22f5c4d94d5" }, { "category": "Technological controls", "code": "8.34", "label": "Protection of information systems during audit testing", "referential": "831acc76-2bcc-4376-836a-f6b0ee6df568", "referential_label": "ISO/IEC 27002 [2022]", "uuid": "744146f1-5a14-43c0-b675-8c2649486f64" } ], "version": 1, "version_ext": "ISO/IEC 27002:2022" } 2024-04-16T12:43:14.447141+00:00 https://objects.monarc.lu/object/get/5254 2024-05-02T13:22:55.396228+00:00 Various contributors { "label": "ISO/IEC 27002 [2022][DE]", "language": "DE", "uuid": "bc4bf7d8-d738-4093-9a1a-33bbd13af30f", "values": [ { "category": "Organisatorische Ma\u00dfnahmen", "code": "5.1", "label": "Informationssicherheitsrichtlinien", "referential": "bc4bf7d8-d738-4093-9a1a-33bbd13af30f", "referential_label": "ISO/IEC 27002 [2022][DE]", "uuid": "43fe08c3-c29c-42db-918b-901949981e83" }, { "category": "Organisatorische Ma\u00dfnahmen", "code": "5.2", "label": "Informationssicherheitsrollen und -verantwortlichkeiten", "referential": "bc4bf7d8-d738-4093-9a1a-33bbd13af30f", "referential_label": "ISO/IEC 27002 [2022][DE]", "uuid": "32634bb6-e6eb-4d3e-b90c-53f5d8851d2e" }, { "category": "Organisatorische Ma\u00dfnahmen", "code": "5.3", "label": "Aufgabentrennung", "referential": "bc4bf7d8-d738-4093-9a1a-33bbd13af30f", "referential_label": "ISO/IEC 27002 [2022][DE]", "uuid": "36f7a45c-3b8f-4dc9-bafb-77f9bb8ebb9c" }, { "category": "Organisatorische Ma\u00dfnahmen", "code": "5.4", "label": "Verantwortlichkeiten der Leitung", "referential": "bc4bf7d8-d738-4093-9a1a-33bbd13af30f", "referential_label": "ISO/IEC 27002 [2022][DE]", "uuid": "accc7de7-51aa-43d0-a08e-508d824d24b1" } ], "version": 0 } 2024-04-16T14:25:45.677620+00:00