forked from VantaInc/vanta-control-set
-
Notifications
You must be signed in to change notification settings - Fork 0
/
mapping.schema.json
82 lines (82 loc) · 2.49 KB
/
mapping.schema.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
{
"$schema": "http://json-schema.org/draft-07/schema#",
"$id": "https://github.com/cystack/security-controls/blob/main/mapping.schema.json",
"title": "CyStack Security Controls",
"description": "JSON Schema for a mapping of a compliance standard to CyStack Security Controls",
"type": "object",
"properties": {
"notice": {
"description": "Copyright notice",
"type": "string"
},
"standard": {
"description": "A compliance standard, split into sections",
"type": "object",
"properties": {
"name": {
"description": "The name of the standard",
"type": "string"
},
"principles": {
"description": "Top level sections/principles of the standard",
"type": "array",
"items": {
"type": "object",
"properties": {
"name": {
"description": "The name of the principle",
"type": "string"
},
"section": {
"description": "The section in the official standard to which this principle refers",
"type": "string"
},
"requirements": {
"description": "Requirements of this principle",
"type": "array",
"items": {
"type": "object",
"properties": {
"name": {
"description": "The name of the requirement",
"type": "string"
},
"section": {
"description": "The subsection in the official standard to which this requirement refers",
"type": "string"
},
"control_ids": {
"description": "The IDs of all Vanta Controls that correspond to this requirement",
"type": "array",
"items": {
"type": "string"
}
}
},
"required": [
"name",
"section",
"control_ids"
]
}
}
},
"required": [
"name",
"section",
"requirements"
]
}
}
},
"required": [
"name",
"principles"
]
}
},
"required": [
"standard",
"notice"
]
}