From f808ce7a38594bddb936351616c9b629d7cb59e6 Mon Sep 17 00:00:00 2001 From: eric-intuitem <71850047+eric-intuitem@users.noreply.github.com> Date: Sun, 8 Dec 2024 15:47:59 +0100 Subject: [PATCH] improve urn when ref_id missing Use the urn of parent + counter --- .../libraries/anssi-guide-hygiene-detail.yaml | 526 +++++++++--------- tools/convert_library.py | 49 +- 2 files changed, 294 insertions(+), 281 deletions(-) diff --git a/backend/library/libraries/anssi-guide-hygiene-detail.yaml b/backend/library/libraries/anssi-guide-hygiene-detail.yaml index 1d28213abd..394c3e9ab0 100644 --- a/backend/library/libraries/anssi-guide-hygiene-detail.yaml +++ b/backend/library/libraries/anssi-guide-hygiene-detail.yaml @@ -37,7 +37,7 @@ objects: mes d\u2019information" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node4 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:1:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:1 @@ -60,70 +60,70 @@ objects: - urn:intuitem:risk:function:doc-pol:pol.educ - urn:intuitem:risk:function:doc-pol:doc.educ_plan - urn:intuitem:risk:function:doc-pol:doc.educ_register - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node5 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:1:1:1 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node4 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:1:1 description: "la l\xE9gislation en vigueur ;" implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:train.legal - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node6 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:1:1:2 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node4 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:1:1 description: les principaux risques et menaces ; implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:train.threat - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node7 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:1:1:3 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node4 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:1:1 description: "le maintien en condition de s\xE9curit\xE9 ;" implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:train.mcs - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node8 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:1:1:4 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node4 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:1:1 description: "l\u2019authentification et le contr\xF4le d\u2019acc\xE8s ;" implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:train.iam - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node9 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:1:1:5 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node4 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:1:1 description: "le param\xE9trage fin et le durcissement des syst\xE8mes ; " implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:train.hardening - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node10 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:1:1:6 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node4 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:1:1 description: "le cloisonnement r\xE9seau ;" implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:train.network_security - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node11 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:1:1:7 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node4 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:1:1 description: 'et la journalisation. ' implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:train.logging - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node12 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:1:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:1 @@ -136,7 +136,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:doc.educ_plan - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node13 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:1:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:1 @@ -158,7 +158,7 @@ objects: implementation_groups: - S - R - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node15 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:2:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:2 @@ -175,7 +175,7 @@ objects: - urn:intuitem:risk:function:doc-pol:pol.educ - urn:intuitem:risk:function:doc-pol:doc.educ_plan - urn:intuitem:risk:function:doc-pol:doc.educ_register - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node16 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:2:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:2 @@ -187,7 +187,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:doc.educ_plan - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node17 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:2:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:2 @@ -197,7 +197,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:doc.educ_plan - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node18 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:2:4 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:2 @@ -206,7 +206,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:doc.educ_plan - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node19 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:2:5 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:2 @@ -215,7 +215,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:doc.educ_plan - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node20 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:2:6 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:2 @@ -229,7 +229,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:doc.educ_plan - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node21 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:2:7 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:2 @@ -240,7 +240,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:doc.educ_plan - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node22 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:2:8 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:2 @@ -262,7 +262,7 @@ objects: name: "Ma\xEEtriser les risques de l\u2019infog\xE9rance" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node24 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:3:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:3 @@ -278,7 +278,7 @@ objects: reference_controls: - urn:intuitem:risk:function:doc-pol:pol.supplier - urn:intuitem:risk:function:doc-pol:doc.risk_register - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node25 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:3:2 assessable: false depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:3 @@ -289,10 +289,10 @@ objects: \ :" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node26 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:3:2:1 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node25 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:3:2 description: "d\u2019\xE9tudier attentivement les conditions des offres, la\ \ possibilit\xE9 de les adapter \xE0 des besoins sp\xE9cifiques et les limites\ \ de responsabilit\xE9 du prestataire ;" @@ -300,10 +300,10 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.supplier - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node27 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:3:2:2 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node25 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:3:2 description: "d\u2019imposer une liste d\u2019exigences pr\xE9cises au prestataire\ \ : r\xE9versibilit\xE9 du contrat, r\xE9alisation d\u2019audits, sauvegarde\ \ et restitution des donn\xE9es dans un format ouvert normalis\xE9, maintien\ @@ -312,7 +312,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.supplier - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node28 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:3:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:3 @@ -326,7 +326,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:doc.sap - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node29 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:3:4 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:3 @@ -354,7 +354,7 @@ objects: \ un sch\xE9ma du r\xE9seau" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node32 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:4:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:4 @@ -369,7 +369,7 @@ objects: - urn:intuitem:risk:function:doc-pol:pol.asset - urn:intuitem:risk:function:doc-pol:pol.classif - urn:intuitem:risk:function:doc-pol:doc.asset_register - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node33 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:4:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:4 @@ -384,7 +384,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:doc.proc_register - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node34 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:4:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:4 @@ -398,7 +398,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:doc.is_map - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node35 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:4:4 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:4 @@ -417,7 +417,7 @@ objects: s et le maintenir \xE0 jour" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node37 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:5:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:5 @@ -433,10 +433,10 @@ objects: reference_controls: - urn:intuitem:risk:function:doc-pol:proc.pam - urn:intuitem:risk:function:doc-pol:doc.pam_register - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node38 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:5:1:1 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node37 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:5:1 description: "les utilisateurs ayant un compte administrateur ou des droits\ \ sup\xE9rieurs \xE0 ceux d\u2019un utilisateur standard sur le syst\xE8me\ \ d\u2019information ;" @@ -445,10 +445,10 @@ objects: reference_controls: - urn:intuitem:risk:function:doc-pol:proc.pam - urn:intuitem:risk:function:doc-pol:doc.pam_register - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node39 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:5:1:2 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node37 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:5:1 description: "les utilisateurs disposant de suffisamment de droits pour acc\xE9\ der aux r\xE9pertoires de travail des responsables ou de l\u2019ensemble des\ \ utilisateurs ;" @@ -457,10 +457,10 @@ objects: reference_controls: - urn:intuitem:risk:function:doc-pol:proc.pam - urn:intuitem:risk:function:doc-pol:doc.pam_register - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node40 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:5:1:3 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node37 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:5:1 description: "les utilisateurs utilisant un poste non administr\xE9 par le service\ \ informatique et qui ne fait pas l\u2019objet de mesures de s\xE9curit\xE9\ \ \xE9dict\xE9es par la politique de s\xE9curit\xE9 g\xE9n\xE9rale de l\u2019\ @@ -470,7 +470,7 @@ objects: reference_controls: - urn:intuitem:risk:function:doc-pol:proc.pam - urn:intuitem:risk:function:doc-pol:doc.pam_register - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node41 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:5:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:5 @@ -484,7 +484,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:proc.recertification - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node42 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:5:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:5 @@ -506,7 +506,7 @@ objects: implementation_groups: - S - R - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node44 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:6:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:6 @@ -521,10 +521,10 @@ objects: \ ressources humaines. Elles doivent au minimum prendre en compte :" reference_controls: - urn:intuitem:risk:function:doc-pol:pol.access - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node45 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:6:1:1 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node44 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:6:1 description: "la cr\xE9ation et la suppression des comptes informatiques et\ \ bo\xEEtes aux lettres associ\xE9es ;" implementation_groups: @@ -532,30 +532,30 @@ objects: reference_controls: - urn:intuitem:risk:function:doc-pol:pol.access - urn:intuitem:risk:function:doc-pol:proc.hr_security - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node46 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:6:1:2 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node44 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:6:1 description: " la gestion des acc\xE8s physiques aux locaux (attribution, restitution\ \ des badges et des cl\xE9s, etc.) ;" implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:proc.physical_security - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node47 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:6:1:3 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node44 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:6:1 description: " l\u2019affectation des \xE9quipements mobiles (ordinateur portable,\ \ cl\xE9 USB, disque dur, ordiphone, etc.) ;" implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.work - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node48 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:6:1:4 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node44 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:6:1 description: "la gestion des documents et informations sensibles (transfert\ \ de mots de passe, changement des mots de passe ou des codes sur les syst\xE8\ mes existants)." @@ -563,10 +563,10 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.classif - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node49 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:6:1:5 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node44 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:6:1 description: "Les proc\xE9dures doivent \xEAtre formalis\xE9es et mises \xE0\ \ jour en fonction du contexte." implementation_groups: @@ -583,7 +583,7 @@ objects: implementation_groups: - S - R - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node51 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:7:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:7 @@ -600,7 +600,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.network - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node52 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:7:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:7 @@ -614,7 +614,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.accept - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node53 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:7:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:7 @@ -626,7 +626,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.network - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node54 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:7:4 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:7 @@ -655,7 +655,7 @@ objects: implementation_groups: - S - R - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node57 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:8:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:8 @@ -667,7 +667,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.access - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node58 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:8:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:8 @@ -684,7 +684,7 @@ objects: - urn:intuitem:risk:function:doc-pol:pol.access - urn:intuitem:risk:function:doc-pol:proc.pam - urn:intuitem:risk:function:doc-pol:doc.pam_register - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node59 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:8:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:8 @@ -703,7 +703,7 @@ objects: - urn:intuitem:risk:function:doc-pol:pol.access - urn:intuitem:risk:function:doc-pol:proc.pam - urn:intuitem:risk:function:doc-pol:doc.pam_register - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node60 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:8:4 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:8 @@ -726,7 +726,7 @@ objects: \ d\u2019information" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node62 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:9:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:9 @@ -740,19 +740,19 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:doc.asset_register - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node63 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:9:1:1 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node62 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:9:1 description: "de d\xE9finir quelle population peut y avoir acc\xE8s ;" implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.access - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node64 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:9:1:2 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node62 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:9:1 description: "de contr\xF4ler strictement son acc\xE8s, en s\u2019assurant que\ \ les utilisateurs sont authentifi\xE9s et font partie de la population cibl\xE9\ e ;" @@ -761,10 +761,10 @@ objects: reference_controls: - urn:intuitem:risk:function:doc-pol:pol.access - urn:intuitem:risk:function:doc-pol:proc.pam - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node65 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:9:1:3 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node62 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:9:1 description: "d\u2019\xE9viter sa dispersion et sa duplication \xE0 des endroits\ \ non ma\xEEtris\xE9s ou soumis \xE0 un contr\xF4le d\u2019acc\xE8s moins\ \ strict." @@ -772,7 +772,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.accept - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node66 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:9:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:9 @@ -783,7 +783,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.access - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node67 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:9:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:9 @@ -795,7 +795,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.network - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node68 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:9:4 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:9 @@ -815,7 +815,7 @@ objects: \ des mots de passe" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node70 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:10:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:10 @@ -833,7 +833,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.access - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node71 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:10:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:10 @@ -844,36 +844,36 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.access - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node72 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:10:2:1 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node71 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:10:2 description: "le blocage des comptes \xE0 l\u2019issue de plusieurs \xE9checs\ \ de connexion ;" implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.access - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node73 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:10:2:2 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node71 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:10:2 description: "la d\xE9sactivation des options de connexion anonyme ;" implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.access - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node74 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:10:2:3 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node71 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:10:2 description: " l\u2019utilisation d\u2019un outil d\u2019audit de la robustesse\ \ des mots de passe." implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.access - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node75 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:10:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:10 @@ -892,7 +892,7 @@ objects: name: "Prot\xE9ger les mots de passe stock\xE9s sur les syst\xE8mes" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node77 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:11:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:11 @@ -915,7 +915,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:tech.password_manager - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node78 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:11:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:11 @@ -937,7 +937,7 @@ objects: \ les \xE9quipements et services" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node80 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:12:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:12 @@ -957,7 +957,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.access - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node81 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:12:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:12 @@ -969,7 +969,7 @@ objects: annotation: Inacceptable en 2025 implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node82 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:12:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:12 @@ -989,7 +989,7 @@ objects: name: "Privil\xE9gier lorsque c\u2019est possible une authentification forte" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node84 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:13:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:13 @@ -1005,7 +1005,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.access - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node85 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:13:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:13 @@ -1040,7 +1040,7 @@ objects: implementation_groups: - S - R - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node88 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:14:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:14 @@ -1055,10 +1055,10 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.work - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node89 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:14:1:1 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node88 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:14:1 description: "limiter les applications install\xE9es et modules optionnels des\ \ navigateurs web aux seuls n\xE9cessaires ;" annotation: Par exemple SCCM @@ -1066,10 +1066,10 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:tech.uem - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node90 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:14:1:2 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node88 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:14:1 description: "doter les postes utilisateurs d\u2019un pare-feu local et d\u2019\ un anti-virus (ceux-ci sont parfois inclus dans le syst\xE8me d\u2019exploitation)\ \ ;" @@ -1080,10 +1080,10 @@ objects: reference_controls: - urn:intuitem:risk:function:doc-pol:pol.malware - urn:intuitem:risk:function:doc-pol:tech.endpoint_protection - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node91 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:14:1:3 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node88 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:14:1 description: "chiffrer les partitions o\xF9 sont stock\xE9es les donn\xE9es\ \ des utilisateurs ;" annotation: "Par exemple Bitlocker, CRYHOD, MacOS\u2026" @@ -1091,17 +1091,17 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:tech.disk_encryption - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node92 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:14:1:4 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node88 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:14:1 description: "d\xE9sactiver les ex\xE9cutions automatiques (autorun)." annotation: "GPO de d\xE9sactivation de l'autorun" implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:proc.gpo - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node93 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:14:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:14 @@ -1114,7 +1114,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.network - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node94 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:14:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:14 @@ -1147,7 +1147,7 @@ objects: implementation_groups: - S - R - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node96 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:15:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:15 @@ -1166,7 +1166,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.work - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node97 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:15:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:15 @@ -1181,7 +1181,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:tech.endpoint_protection - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node98 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:15:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:15 @@ -1194,7 +1194,7 @@ objects: - R reference_controls: - urn:intuitem:risk:function:doc-pol:tech.endpoint_protection - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node99 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:15:4 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:15 @@ -1215,7 +1215,7 @@ objects: iser les politiques de s\xE9curit\xE9" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node101 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:16:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:16 @@ -1252,7 +1252,7 @@ objects: name: Activer et configurer le pare-feu local des postes de travail implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node103 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:17:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:17 @@ -1273,7 +1273,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:tech.endpoint_protection - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node104 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:17:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:17 @@ -1287,7 +1287,7 @@ objects: - R reference_controls: - urn:intuitem:risk:function:doc-pol:tech.endpoint_protection - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node105 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:17:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:17 @@ -1301,7 +1301,7 @@ objects: - R reference_controls: - urn:intuitem:risk:function:doc-pol:doc.flow_matrix - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node106 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:17:4 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:17 @@ -1323,7 +1323,7 @@ objects: name: "Chiffrer les donn\xE9es sensibles transmises par voie Internet" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node108 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:18:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:18 @@ -1344,7 +1344,7 @@ objects: - urn:intuitem:risk:function:doc-pol:pol.transfer - urn:intuitem:risk:function:doc-pol:pol.crypto - urn:intuitem:risk:function:doc-pol:tech.file_encryption - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node109 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:18:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:18 @@ -1375,7 +1375,7 @@ objects: \ zones" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node112 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:19:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:19 @@ -1395,7 +1395,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.network - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node113 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:19:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:19 @@ -1411,7 +1411,7 @@ objects: reference_controls: - urn:intuitem:risk:function:doc-pol:tech.vlan - urn:intuitem:risk:function:doc-pol:tech.network_firewall - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node114 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:19:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:19 @@ -1434,7 +1434,7 @@ objects: \ la s\xE9paration des usages" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node116 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:20:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:20 @@ -1456,7 +1456,7 @@ objects: reference_controls: - urn:intuitem:risk:function:doc-pol:tech.vlan - urn:intuitem:risk:function:doc-pol:tech.network_firewall - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node117 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:20:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:20 @@ -1473,7 +1473,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:tech.wifi_sec - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node118 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:20:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:20 @@ -1485,7 +1485,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.network - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node119 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:20:4 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:20 @@ -1498,7 +1498,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.network - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node120 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:20:5 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:20 @@ -1520,7 +1520,7 @@ objects: name: "Utiliser des protocoles r\xE9seaux s\xE9curis\xE9s d\xE8s qu'ils existent" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node122 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:21:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:21 @@ -1557,7 +1557,7 @@ objects: implementation_groups: - S - R - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node124 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:22:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:22 @@ -1571,7 +1571,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.network - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node125 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:22:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:22 @@ -1589,7 +1589,7 @@ objects: reference_controls: - urn:intuitem:risk:function:doc-pol:tech.network_firewall - urn:intuitem:risk:function:doc-pol:tech.web_proxy - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node126 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:22:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:22 @@ -1598,7 +1598,7 @@ objects: \ antivirus du contenu, filtrage par cat\xE9gories d\u2019URLs, etc." implementation_groups: - R - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node127 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:22:4 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:22 @@ -1609,7 +1609,7 @@ objects: - R reference_controls: - urn:intuitem:risk:function:doc-pol:pol.maintenance - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node128 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:22:5 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:22 @@ -1617,7 +1617,7 @@ objects: , ces \xE9quipements pourront \xEAtre redond\xE9s. " implementation_groups: - R - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node129 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:22:6 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:22 @@ -1629,7 +1629,7 @@ objects: reference_controls: - urn:intuitem:risk:function:doc-pol:tech.network_firewall - urn:intuitem:risk:function:doc-pol:tech.web_proxy - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node130 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:22:7 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:22 @@ -1651,7 +1651,7 @@ objects: me d'information" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node132 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:23:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:23 @@ -1668,7 +1668,7 @@ objects: reference_controls: - urn:intuitem:risk:function:doc-pol:doc.educ_plan - urn:intuitem:risk:function:doc-pol:pol.network - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node133 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:23:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:23 @@ -1682,7 +1682,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:tech.network_firewall - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node134 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:23:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:23 @@ -1707,7 +1707,7 @@ objects: implementation_groups: - S - R - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node136 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:24:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:24 @@ -1725,7 +1725,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:doc.educ_plan - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node137 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:24:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:24 @@ -1738,7 +1738,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.seg_duty - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node138 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:24:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:24 @@ -1751,7 +1751,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.accept - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node139 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:24:4 assessable: false depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:24 @@ -1759,10 +1759,10 @@ objects: me de messagerie, elle doit s\u2019assurer :" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node140 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:24:4:1 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node139 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:24:4 description: "de disposer d\u2019un syst\xE8me d\u2019analyse antivirus en amont\ \ des bo\xEEtes aux lettres des utilisateurs pour pr\xE9venir la r\xE9ception\ \ de fichiers infect\xE9s ;" @@ -1770,10 +1770,10 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:tech.network_antivirus - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node141 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:24:4:2 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node139 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:24:4 description: "de l\u2019activation du chiffrement TLS des \xE9changes entre\ \ serveurs de messagerie (de l\u2019entit\xE9 ou publics) ainsi qu\u2019entre\ \ les postes utilisateur et les serveurs h\xE9bergeant les bo\xEEtes aux lettres." @@ -1782,7 +1782,7 @@ objects: reference_controls: - urn:intuitem:risk:function:doc-pol:pol.transfer - urn:intuitem:risk:function:doc-pol:pol.crypto - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node142 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:24:5 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:24 @@ -1797,7 +1797,7 @@ objects: - R reference_controls: - urn:intuitem:risk:function:doc-pol:tech.mail_gateway - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node143 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:24:6 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:24 @@ -1810,7 +1810,7 @@ objects: - R reference_controls: - urn:intuitem:risk:function:doc-pol:tech.mail_gateway - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node144 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:24:7 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:24 @@ -1834,7 +1834,7 @@ objects: implementation_groups: - S - R - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node146 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:25:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:25 @@ -1851,7 +1851,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:tech.vpn - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node147 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:25:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:25 @@ -1865,7 +1865,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:tech.network_firewall - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node148 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:25:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:25 @@ -1876,7 +1876,7 @@ objects: - R reference_controls: - urn:intuitem:risk:function:doc-pol:tech.network_firewall - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node149 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:25:4 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:25 @@ -1886,7 +1886,7 @@ objects: - R reference_controls: - urn:intuitem:risk:function:doc-pol:tech.ids - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node150 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:25:5 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:25 @@ -1906,7 +1906,7 @@ objects: \ techniques" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node152 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:26:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:26 @@ -1921,7 +1921,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.physical - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node153 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:26:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:26 @@ -1932,7 +1932,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.physical - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node154 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:26:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:26 @@ -1944,7 +1944,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:proc.physical_security - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node155 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:26:4 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:26 @@ -1955,7 +1955,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:proc.physical_security - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node156 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:26:5 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:26 @@ -1966,7 +1966,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:proc.hr_security - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node157 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:26:6 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:26 @@ -1994,7 +1994,7 @@ objects: implementation_groups: - S - R - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node160 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:27:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:27 @@ -2007,7 +2007,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.network - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node161 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:27:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:27 @@ -2027,7 +2027,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:proc.pam - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node162 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:27:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:27 @@ -2041,7 +2041,7 @@ objects: - R reference_controls: - urn:intuitem:risk:function:doc-pol:proc.update - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node163 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:27:4 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:27 @@ -2052,7 +2052,7 @@ objects: - R reference_controls: - urn:intuitem:risk:function:doc-pol:proc.update - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node164 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:27:5 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:27 @@ -2072,7 +2072,7 @@ objects: implementation_groups: - S - R - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node166 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:28:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:28 @@ -2087,7 +2087,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.network - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node167 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:28:2 assessable: false depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:28 @@ -2095,10 +2095,10 @@ objects: \ recommand\xE9 :" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node168 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:28:2:1 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node167 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:28:2 description: "de privil\xE9gier en premier lieu un cloisonnement physique des\ \ r\xE9seaux d\xE8s que cela est possible, cette solution pouvant repr\xE9\ senter des co\xFBts et un temps de d\xE9ploiement importants;" @@ -2106,10 +2106,10 @@ objects: - R reference_controls: - urn:intuitem:risk:function:doc-pol:pol.network - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node169 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:28:2:2 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node167 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:28:2 description: "\xE0 d\xE9faut, de mettre en \u0153uvre un cloisonnement logique\ \ cryptographique reposant sur la mise en place de tunnels IPsec. Ceci permet\ \ d\u2019assurer l\u2019int\xE9grit\xE9 et la confidentialit\xE9 des informations\ @@ -2119,10 +2119,10 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.network - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node170 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:28:2:3 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node167 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:28:2 description: "au minimum, de mettre en \u0153uvre un cloisonnement logique par\ \ VLAN. " implementation_groups: @@ -2138,7 +2138,7 @@ objects: \ sur les postes de travail" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node172 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:29:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:29 @@ -2160,7 +2160,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.work - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node173 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:29:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:29 @@ -2189,7 +2189,7 @@ objects: implementation_groups: - S - R - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node176 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:30:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:30 @@ -2204,7 +2204,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.work - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node177 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:30:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:30 @@ -2220,7 +2220,7 @@ objects: - urn:intuitem:risk:function:doc-pol:pol.educ - urn:intuitem:risk:function:doc-pol:doc.educ_plan - urn:intuitem:risk:function:doc-pol:doc.educ_register - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node178 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:30:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:30 @@ -2232,7 +2232,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:doc.educ_plan - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node179 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:30:4 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:30 @@ -2243,7 +2243,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:tech.screen_filter - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node180 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:30:5 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:30 @@ -2265,7 +2265,7 @@ objects: \ potentiellement perdable" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node182 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:31:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:31 @@ -2282,7 +2282,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.crypto - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node183 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:31:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:31 @@ -2295,7 +2295,7 @@ objects: reference_controls: - urn:intuitem:risk:function:doc-pol:tech.disk_encryption - urn:intuitem:risk:function:doc-pol:tech.file_encryption - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node184 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:31:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:31 @@ -2319,7 +2319,7 @@ objects: implementation_groups: - S - R - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node186 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:32:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:32 @@ -2335,7 +2335,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:tech.vpn - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node187 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:32:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:32 @@ -2348,7 +2348,7 @@ objects: reference_controls: - urn:intuitem:risk:function:doc-pol:pol.work - urn:intuitem:risk:function:doc-pol:tech.endpoint_protection - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node188 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:32:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:32 @@ -2363,7 +2363,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:tech.vpn - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node189 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:32:4 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:32 @@ -2388,7 +2388,7 @@ objects: implementation_groups: - S - R - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node191 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:33:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:33 @@ -2403,7 +2403,7 @@ objects: reference_controls: - urn:intuitem:risk:function:doc-pol:pol.work - urn:intuitem:risk:function:doc-pol:pol.accept - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node192 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:33:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:33 @@ -2422,7 +2422,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:tech.uem - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node193 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:33:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:33 @@ -2433,7 +2433,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.work - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node194 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:33:4 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:33 @@ -2460,7 +2460,7 @@ objects: me d\u2019information" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node197 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:34:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:34 @@ -2477,27 +2477,27 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.maintenance - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node198 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:34:2 assessable: false depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:34 description: "Celles-ci doivent notamment pr\xE9ciser :" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node199 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:34:2:1 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node198 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:34:2 description: "la mani\xE8re dont l\u2019inventaire des composants du syst\xE8\ me d\u2019information est r\xE9alis\xE9 ;" implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:proc.update - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node200 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:34:2:2 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node198 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:34:2 description: "les sources d\u2019information relatives \xE0 la publication des\ \ mises \xE0 jour ;" implementation_groups: @@ -2505,10 +2505,10 @@ objects: reference_controls: - urn:intuitem:risk:function:doc-pol:pol.threat_intel - urn:intuitem:risk:function:doc-pol:proc.update - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node201 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:34:2:3 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node198 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:34:2 description: "les outils pour d\xE9ployer les correctifs sur le parc (par exemple\ \ WSUS pour les mises \xE0 jour des composants Microsoft, des outils gratuits\ \ ou payants pour les composants tiers et autres syst\xE8mes d\u2019exploitation)\ @@ -2517,17 +2517,17 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:proc.update - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node202 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:34:2:4 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node198 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:34:2 description: "l\u2019\xE9ventuelle qualification des correctifs et leur d\xE9\ ploiement progressif sur le parc." implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:proc.update - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node203 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:34:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:34 @@ -2549,7 +2549,7 @@ objects: \ les adh\xE9rences logicielles" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node205 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:35:1 assessable: false depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:35 @@ -2563,40 +2563,40 @@ objects: cautions existent :" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node206 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:35:1:1 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node205 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:35:1 description: "\xE9tablir et tenir \xE0 jour un inventaire des syst\xE8mes et\ \ applications du syst\xE8me d\u2019information ;" implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:tech.file_encryption - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node207 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:35:1:2 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node205 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:35:1 description: "choisir des solutions dont le support est assur\xE9 pour une dur\xE9\ e correspondant \xE0 leur utilisation ;" implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.maintenance - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node208 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:35:1:3 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node205 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:35:1 description: "assurer un suivi des mises \xE0 jour et des dates de fin de support\ \ des logiciels ;" implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:tech.file_encryption - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node209 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:35:1:4 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node205 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:35:1 description: "maintenir un parc logiciel homog\xE8ne (la coexistence de versions\ \ diff\xE9rentes d\u2019un m\xEAme produit multiplie les risques et complique\ \ le suivi) ;" @@ -2604,10 +2604,10 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.maintenance - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node210 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:35:1:5 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node205 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:35:1 description: "limiter les adh\xE9rences logicielles, c\u2019est-\xE0-dire les\ \ d\xE9pendances de fonctionnement d\u2019un logiciel par rapport \xE0 un\ \ autre, en particulier lorsque le support de ce dernier arrive \xE0 son terme\ @@ -2617,10 +2617,10 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:doc.arc_principles - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node211 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:35:1:6 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node205 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:35:1 description: "inclure dans les contrats avec les prestataires et fournisseurs\ \ des clauses garantissant le suivi des correctifs de s\xE9curit\xE9 et la\ \ gestion des obsolescences ;" @@ -2628,10 +2628,10 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.supplier - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node212 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:35:1:7 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node205 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:35:1 description: "identifier les d\xE9lais et ressources n\xE9cessaires (mat\xE9\ rielles, humaines, budg\xE9taires) \xE0 la migration de chaque logiciel en\ \ fin de vie (tests de non-r\xE9gression, proc\xE9dure de sauvegarde, proc\xE9\ @@ -2654,7 +2654,7 @@ objects: implementation_groups: - S - R - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node215 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:36:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:36 @@ -2665,7 +2665,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.monitor - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node216 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:36:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:36 @@ -2678,7 +2678,7 @@ objects: reference_controls: - urn:intuitem:risk:function:doc-pol:doc.asset_register - urn:intuitem:risk:function:doc-pol:doc.is_map - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node217 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:36:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:36 @@ -2690,7 +2690,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:proc.logging - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node218 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:36:4 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:36 @@ -2701,7 +2701,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.monitor - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node219 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:36:5 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:36 @@ -2712,10 +2712,10 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:proc.logging - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node220 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:36:5:1 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node219 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:36:5 description: "pare-feu : paquets bloqu\xE9s ;" implementation_groups: - S @@ -2723,10 +2723,10 @@ objects: - urn:intuitem:risk:function:doc-pol:proc.logging - urn:intuitem:risk:function:doc-pol:tech.network_firewall - urn:intuitem:risk:function:doc-pol:tech.edr - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node221 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:36:5:2 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node219 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:36:5 description: "syst\xE8mes et applications : authentifications et autorisations\ \ (\xE9checs et succ\xE8s), arr\xEAts inopin\xE9s ;" implementation_groups: @@ -2734,10 +2734,10 @@ objects: reference_controls: - urn:intuitem:risk:function:doc-pol:proc.logging - urn:intuitem:risk:function:doc-pol:tech.edr - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node222 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:36:5:3 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node219 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:36:5 description: "services : erreurs de protocoles (par exemples les erreurs 403,\ \ 404 et 500 pour les services hTTP), tra\xE7abilit\xE9 des flux applicatifs\ \ aux interconnexions (URL sur un relai hTTP, en-t\xEAtes des messages sur\ @@ -2747,7 +2747,7 @@ objects: reference_controls: - urn:intuitem:risk:function:doc-pol:proc.logging - urn:intuitem:risk:function:doc-pol:tech.edr - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node223 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:36:6 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:36 @@ -2758,7 +2758,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:proc.ntp - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node224 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:36:7 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:36 @@ -2781,7 +2781,7 @@ objects: implementation_groups: - S - R - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node226 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37 @@ -2796,7 +2796,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.backup - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node227 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:2 assessable: false depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37 @@ -2804,74 +2804,74 @@ objects: \ :" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node228 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:2:1 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node227 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:2 description: "la liste des donn\xE9es jug\xE9es vitales pour l\u2019organisme\ \ et les serveurs concern\xE9s ;" implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.backup - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node229 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:2:2 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node227 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:2 description: "les diff\xE9rents types de sauvegarde (par exemple le mode hors\ \ ligne) ;" implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.backup - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node230 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:2:3 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node227 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:2 description: "la fr\xE9quence des sauvegardes ;" implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.backup - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node231 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:2:4 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node227 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:2 description: "la proc\xE9dure d\u2019administration et d\u2019ex\xE9cution des\ \ sauvegardes ;" implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.backup - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node232 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:2:5 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node227 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:2 description: "les informations de stockage et les restrictions d\u2019acc\xE8\ s aux sauvegardes ;" implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.backup - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node233 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:2:6 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node227 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:2 description: "les proc\xE9dures de test de restauration ;" implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.backup - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node234 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:2:7 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node227 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:2 description: ' la destruction des supports ayant contenu les sauvegardes.' implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:proc.disposal - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node235 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:3 assessable: false depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37 @@ -2879,36 +2879,36 @@ objects: \ mani\xE8res :" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node236 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:3:1 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node235 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:3 description: "syst\xE9matique, par un ordonnanceur de t\xE2ches pour les applications\ \ importantes ;" implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.backup - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node237 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:3:2 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node235 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:3 description: "ponctuelle, en cas d\u2019erreur sur les fichiers ;" implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.backup - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node238 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:3:3 assessable: true depth: 4 - parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node235 + parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:3 description: "g\xE9n\xE9rale, pour une sauvegarde et restauration enti\xE8res\ \ du syst\xE8me d\u2019information." implementation_groups: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.bcp - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node239 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37:4 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:37 @@ -2930,7 +2930,7 @@ objects: \ puis appliquer les actions correctives associ\xE9es (renforc\xE9)" implementation_groups: - R - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node241 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:38:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:38 @@ -2944,7 +2944,7 @@ objects: - R reference_controls: - urn:intuitem:risk:function:doc-pol:pol.audit - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node242 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:38:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:38 @@ -2959,7 +2959,7 @@ objects: - R reference_controls: - urn:intuitem:risk:function:doc-pol:doc.audit_plan - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node243 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:38:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:38 @@ -2973,7 +2973,7 @@ objects: - R reference_controls: - urn:intuitem:risk:function:doc-pol:doc.nc_log - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node244 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:38:4 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:38 @@ -2995,7 +2995,7 @@ objects: information et le faire conna\xEEtre aupr\xE8s du personnel" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node246 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:39:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:39 @@ -3007,7 +3007,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:doc.raci - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node247 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:39:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:39 @@ -3023,7 +3023,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:doc.educ_plan - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node248 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:39:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:39 @@ -3033,7 +3033,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:doc.educ_plan - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node249 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:39:4 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:39 @@ -3055,7 +3055,7 @@ objects: name: "D\xE9finir une proc\xE9dure de gestion des incidents de s\xE9curit\xE9" implementation_groups: - S - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node251 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:40:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:40 @@ -3068,7 +3068,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.incident - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node252 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:40:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:40 @@ -3084,7 +3084,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:proc.incident - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node253 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:40:3 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:40 @@ -3101,7 +3101,7 @@ objects: - S reference_controls: - urn:intuitem:risk:function:doc-pol:pol.incident - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node254 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:40:4 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:40 @@ -3126,7 +3126,7 @@ objects: name: "Mener une analyse de risques formelle (renforc\xE9)" implementation_groups: - R - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node257 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:41:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:41 @@ -3153,7 +3153,7 @@ objects: - R reference_controls: - urn:intuitem:risk:function:doc-pol:pol.risk - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node258 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:41:2 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:41 @@ -3180,7 +3180,7 @@ objects: \ l'ANSSI (renforc\xE9)" implementation_groups: - R - - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:node260 + - urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:42:1 assessable: true depth: 3 parent_urn: urn:intuitem:risk:req_node:anssi-guide-hygiene-detail:42 diff --git a/tools/convert_library.py b/tools/convert_library.py index d06e50e107..4fa630bd1a 100644 --- a/tools/convert_library.py +++ b/tools/convert_library.py @@ -151,6 +151,7 @@ description="convert an Excel file in a library for CISO Assistant", ) parser.add_argument("input_file_name") +parser.add_argument("--compat", action='store_true') args = parser.parse_args() ref_name = re.sub(r"\.\w+$", "", args.input_file_name).lower() @@ -401,11 +402,13 @@ def build_ids_set(tab_name): current_depth = 0 parent_urn = None parent_for_depth = {} + count_for_depth = {} section = library_vars_dict_arg["tab"][title] if section: section_id = section.lower().replace(" ", "-") current_node_urn = f"{root_nodes_urn}:{section_id}" parent_for_depth[1] = current_node_urn + count_for_depth[1] = 1 requirement_nodes.append( {"urn": current_node_urn, "name": section, "assessable": False} ) @@ -451,31 +454,41 @@ def build_ids_set(tab_name): else None ) translations = get_translations(header, row) - skip_count = "skip_count" in header and bool( - row[header["skip_count"]].value - ) - if skip_count: - counter_fix += 1 - ref_id_urn = f"node{counter-counter_fix}-{counter_fix}" - else: - ref_id_urn = ( - ref_id.lower().replace(" ", "-") - if ref_id - else f"node{counter-counter_fix}" - ) - urn = f"{root_nodes_urn}:{ref_id_urn}" - if urn in urn_unicity_checker: - print("URN duplicate:", urn) - exit(1) - urn_unicity_checker.add(urn) - assert isinstance(depth, int), f"incorrect depth for {row}" if depth == current_depth + 1: parent_for_depth[depth] = current_node_urn + count_for_depth[depth] = 1 parent_urn = parent_for_depth[depth] elif depth <= current_depth: pass else: error(f"wrong depth in requirement (tab {title}) {urn}") + if args.compat: + skip_count = "skip_count" in header and bool( + row[header["skip_count"]].value + ) + if skip_count: + counter_fix += 1 + ref_id_urn = f"node{counter-counter_fix}-{counter_fix}" + else: + ref_id_urn = ( + ref_id.lower().replace(" ", "-") + if ref_id + else f"node{counter-counter_fix}" + ) + urn = f"{root_nodes_urn}:{ref_id_urn}" + else: + if ref_id: + urn = f"{root_nodes_urn}:{ref_id.lower().replace(' ', '-')}" + else: + p = parent_for_depth[depth] + c = count_for_depth[depth] + urn =f"{p}:{c}" + count_for_depth[depth] += 1 + if urn in urn_unicity_checker: + print("URN duplicate:", urn) + exit(1) + urn_unicity_checker.add(urn) + assert isinstance(depth, int), f"incorrect depth for {row}" current_node_urn = urn parent_urn = parent_for_depth[depth] current_depth = depth