senaduka/old-riskletpy
1
0
Fork 0
Code Issues 5 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

AUGUST 2. - zamijeniti kontrole CIS-a u NIST #42

New Issue
Closed
opened 2025-08-08 23:26:27 +02:00 by senaduka · 5 comments
senaduka commented 2025-08-08 23:26:27 +02:00 (Migrated from gitlab.com)
Copy Link

Zamijeniti kontrole u registru, umjesto CIS 18 ubaciti NIST CSF 2.0 Ovdje se moze uraditi export u JSON: https://csrc.nist.rip/Projects/Cybersecurity-Framework/Filters#/csf/filters

Kontrole se pohranjuju centralni registar, kao sto su trenutno CIS 18 kontrole. U Registru kontrola treba omoguciti nekoliko polja za svaku kontrolu:

  • Subcategory, npr. "GV.SC-06"
  • Funkcija (Function:Govern: Establish and monitor the organization's cybersecurity risk management strategy, expectations, and policy)
  • Kategorija (Category: Cybersecurity Supply Chain Risk Management (GV.SC)).
  • Implementation examples.
  • Effectiveness monitoring examples.
  • Documentation Score
  • Implementation Score.

Mozda bude jos ovih kolona nekad.

Primjer jedne kontrole: Subcategory GV.SC-06: Planning and due diligence are performed to reduce risks before entering into formal supplier or other third-party relationships Implementation Examples Ex1: Perform thorough due diligence on prospective suppliers that is consistent with procurement planning and commensurate with the level of risk, criticality, and complexity of each supplier relationship Ex2: Assess the suitability of the technology and cybersecurity capabilities and the risk management practices of prospective suppliers Ex3: Conduct supplier risk assessments against business and applicable cybersecurity requirements, including lower-tier suppliers and the supply chain for critical suppliers Ex4: Assess the authenticity, integrity, and security of critical products prior to acquisition and use

Zamijeniti kontrole u registru, umjesto CIS 18 ubaciti NIST CSF 2.0 Ovdje se moze uraditi export u JSON: https://csrc.nist.rip/Projects/Cybersecurity-Framework/Filters#/csf/filters Kontrole se pohranjuju centralni registar, kao sto su trenutno CIS 18 kontrole. U Registru kontrola treba omoguciti nekoliko polja za svaku kontrolu: * Subcategory, npr. "GV.SC-06" * Funkcija (Function:Govern: Establish and monitor the organization's cybersecurity risk management strategy, expectations, and policy) * Kategorija (Category: Cybersecurity Supply Chain Risk Management (GV.SC)). * Implementation examples. * Effectiveness monitoring examples. * Documentation Score * Implementation Score. Mozda bude jos ovih kolona nekad. Primjer jedne kontrole: Subcategory GV.SC-06: Planning and due diligence are performed to reduce risks before entering into formal supplier or other third-party relationships Implementation Examples Ex1: Perform thorough due diligence on prospective suppliers that is consistent with procurement planning and commensurate with the level of risk, criticality, and complexity of each supplier relationship Ex2: Assess the suitability of the technology and cybersecurity capabilities and the risk management practices of prospective suppliers Ex3: Conduct supplier risk assessments against business and applicable cybersecurity requirements, including lower-tier suppliers and the supply chain for critical suppliers Ex4: Assess the authenticity, integrity, and security of critical products prior to acquisition and use
senaduka commented 2025-08-08 23:26:27 +02:00 (Migrated from gitlab.com)
Copy Link

assigned to @amirsabani303

assigned to @amirsabani303
senaduka commented 2025-08-08 23:54:40 +02:00 (Migrated from gitlab.com)
Copy Link

changed the description

changed the description
amirsabani303 commented 2025-08-11 22:06:07 +02:00 (Migrated from gitlab.com)
Copy Link

Jel mozete negde linkovati kontrole, ne mogu uraditi export sa ovog linka : https://csrc.nist.rip/Projects/Cybersecurity-Framework/Filters#/csf/filters @edelic1 @senaduka

Jel mozete negde linkovati kontrole, ne mogu uraditi export sa ovog linka : ```https://csrc.nist.rip/Projects/Cybersecurity-Framework/Filters#/csf/filters ``` @edelic1 @senaduka
amirsabani303 commented 2025-08-14 14:13:44 +02:00 (Migrated from gitlab.com)
Copy Link

mentioned in merge request !53

mentioned in merge request !53
amirsabani303 commented 2025-08-14 14:13:50 +02:00 (Migrated from gitlab.com)
Copy Link

mentioned in commit 80285f2b7a

mentioned in commit 80285f2b7a864b72bbd0e06e5c6a3a1ee8023d15
amirsabani303 (Migrated from gitlab.com) closed this issue 2025-08-14 14:13:50 +02:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
senaduka
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: senaduka/old-riskletpy#42
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?