2445 lines
84 KiB
JSON
2445 lines
84 KiB
JSON
[
|
||
{
|
||
"anr": "{{uuid}}",
|
||
"type": "risk",
|
||
"date": "{{date}}",
|
||
"data": {
|
||
"risks": {
|
||
"current": {
|
||
"informational": [
|
||
{
|
||
"level": "Low risks",
|
||
"value": 66
|
||
},
|
||
{
|
||
"level": "Medium risks",
|
||
"value": 27
|
||
},
|
||
{
|
||
"level": "High risks",
|
||
"value": 8
|
||
}
|
||
],
|
||
"operational": [
|
||
{
|
||
"level": "Low risks",
|
||
"value": 18
|
||
},
|
||
{
|
||
"level": "Medium risks",
|
||
"value": 0
|
||
},
|
||
{
|
||
"level": "High risks",
|
||
"value": 10
|
||
}
|
||
]
|
||
},
|
||
"residual": {
|
||
"informational": [
|
||
{
|
||
"level": "Low risks",
|
||
"value": 74
|
||
},
|
||
{
|
||
"level": "Medium risks",
|
||
"value": 26
|
||
},
|
||
{
|
||
"level": "High risks",
|
||
"value": 1
|
||
}
|
||
],
|
||
"operational": [
|
||
{
|
||
"level": "Low risks",
|
||
"value": 28
|
||
},
|
||
{
|
||
"level": "Medium risks",
|
||
"value": 0
|
||
},
|
||
{
|
||
"level": "High risks",
|
||
"value": 0
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"total": {
|
||
"current": {
|
||
"informational": 101,
|
||
"operational": 28
|
||
},
|
||
"residual": {
|
||
"informational": 101,
|
||
"operational": 28
|
||
}
|
||
}
|
||
}
|
||
},
|
||
{
|
||
"anr": "{{uuid}}",
|
||
"type": "threat",
|
||
"date": "{{date}}",
|
||
"data": [
|
||
{
|
||
"averageRate": "2.82",
|
||
"count": 12,
|
||
"label1": "Erreur d'utilisation",
|
||
"label2": "Error in use",
|
||
"label3": "Benutzungsfehler",
|
||
"label4": "Gebruiksfout",
|
||
"maxRisk": 36,
|
||
"uuid": "b402d4e0-4576-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "2.87",
|
||
"count": 8,
|
||
"label1": "Dysfonctionnement ou panne du matériel",
|
||
"label2": "Equipment malfunction or failure",
|
||
"label3": "Fehlfunktion oder Ausfallen von Betriebsmittel",
|
||
"label4": "Slecht functionerende of defecte hardware",
|
||
"maxRisk": 45,
|
||
"uuid": "b402d523-4576-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "2.15",
|
||
"count": 6,
|
||
"label1": "Usurpation de droits",
|
||
"label2": "Forging of rights",
|
||
"label3": "Rechtsanmassung",
|
||
"label4": "Toe-eigening van rechten",
|
||
"maxRisk": 45,
|
||
"uuid": "b402d530-4576-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Écoute passive",
|
||
"label2": "Eavesdropping",
|
||
"label3": "Passives mithören",
|
||
"label4": "Passieve afluistering",
|
||
"maxRisk": 1,
|
||
"uuid": "b402d557-4576-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Espionnage à distance",
|
||
"label2": "Remote spying",
|
||
"label3": "Fern-spionage",
|
||
"label4": "Spionage op afstand",
|
||
"maxRisk": 1,
|
||
"uuid": "b402d563-4576-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1.00",
|
||
"count": 2,
|
||
"label1": "Copie frauduleuse ou utilisation de logiciels contrefaits",
|
||
"label2": "Fraudulent copying or use of counterfeit software",
|
||
"label3": "Betrügeriches Kopieren oder Nutzung von Raubkopien von Software",
|
||
"label4": "Frauduleus kopiëren of gebruiken van nagemaakte software",
|
||
"maxRisk": 3,
|
||
"uuid": "b402d579-4576-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1.00",
|
||
"count": 2,
|
||
"label1": "Altération des données",
|
||
"label2": "Corruption of data",
|
||
"label3": "Datenmanipulation",
|
||
"label4": "Wijziging van de gegevens",
|
||
"maxRisk": 2,
|
||
"uuid": "b402d584-4576-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1.74",
|
||
"count": 4,
|
||
"label1": "Reniement d'actions",
|
||
"label2": "Denial of actions",
|
||
"label3": "Verleugnung von aktionen",
|
||
"label4": "Ontkenning van handelingen",
|
||
"maxRisk": 27,
|
||
"uuid": "b402d58f-4576-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1.84",
|
||
"count": 7,
|
||
"label1": "Vol ou destruction de supports, de documents ou de matériel",
|
||
"label2": "Theft or destruction of media, documents or equipment",
|
||
"label3": "Entwenden oder Zerstören von Speichermedien, Dokumenten oder Datenträger",
|
||
"label4": "Diefstal of vernieling van dragers, documenten of hardware",
|
||
"maxRisk": 20,
|
||
"uuid": "b402d5af-4576-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "2.00",
|
||
"count": 2,
|
||
"label1": "Récupération de supports recyclés ou mis au rebut",
|
||
"label2": "Retrieval of recycled or discarded media",
|
||
"label3": "Übernahme recycelter oder ausgemusterter datenträger",
|
||
"label4": "Recuperatie van gerecycleerde of afgedankte dragers",
|
||
"maxRisk": 2,
|
||
"uuid": "b402d5c9-4576-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "3.00",
|
||
"count": 3,
|
||
"label1": "Infection par un malware",
|
||
"label2": "Malware infection",
|
||
"label3": "Infektion durch Schadsoftware (Malware)",
|
||
"label4": "Infectie met malware",
|
||
"maxRisk": 18,
|
||
"uuid": "b402d5d5-4576-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "2.24",
|
||
"count": 4,
|
||
"label1": "Abus de droits",
|
||
"label2": "Abuse of rights",
|
||
"label3": "Rechtsmissbrauch",
|
||
"label4": "Misbruik van rechten",
|
||
"maxRisk": 30,
|
||
"uuid": "b402d5ea-4576-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "2.00",
|
||
"count": 2,
|
||
"label1": "Divulgation d'information",
|
||
"label2": "Disclosure",
|
||
"label3": "Verbreitung",
|
||
"label4": "Verspreiding van informatie",
|
||
"maxRisk": 6,
|
||
"uuid": "b402d600-4576-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "2.00",
|
||
"count": 4,
|
||
"label1": "Atteinte à la maintenabilité du système d'information",
|
||
"label2": "Breach of information system maintainability",
|
||
"label3": "Beeinträchtigung der wartbarkeit des informationssystems",
|
||
"label4": "Aantasting van de onderhoudbaarheid van het informatiesysteem",
|
||
"maxRisk": 12,
|
||
"uuid": "b402d60a-4576-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "2.00",
|
||
"count": 3,
|
||
"label1": "Atteinte à la disponibilité du personnel",
|
||
"label2": "Breach of personnel availability",
|
||
"label3": "Beeinträchtigung der personalverfügbarkeit",
|
||
"label4": "Aantasting van de beschikbaarheid van het personeel",
|
||
"maxRisk": 30,
|
||
"uuid": "b402d615-4576-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "2.00",
|
||
"count": 2,
|
||
"label1": "Destruction de matériel ou de supports",
|
||
"label2": "Destruction of equipment or supports",
|
||
"label3": "Beschädigung von Ausrüstung oder Datenträger",
|
||
"label4": "Vernietiging van hardware of dragers",
|
||
"maxRisk": 6,
|
||
"uuid": "b402d620-4576-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1.00",
|
||
"count": 2,
|
||
"label1": "Incendie",
|
||
"label2": "Fire",
|
||
"label3": "Brand",
|
||
"label4": "Brand",
|
||
"maxRisk": 3,
|
||
"uuid": "b402d63d-4576-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Dégâts des eaux",
|
||
"label2": "Water damage",
|
||
"label3": "Wasserschäden",
|
||
"label4": "Waterschade",
|
||
"maxRisk": 3,
|
||
"uuid": "b402d648-4576-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Sinistre majeur",
|
||
"label2": "Major accident",
|
||
"label3": "Grösserer schadensfall",
|
||
"label4": "Schadegeval van de hoogste orde",
|
||
"maxRisk": 3,
|
||
"uuid": "b402d653-4576-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "2.50",
|
||
"count": 2,
|
||
"label1": "Perte d'alimentation énergétique",
|
||
"label2": "Loss of power supply",
|
||
"label3": "Ausfall der energieversorgung",
|
||
"label4": "Verlies van energievoorziening",
|
||
"maxRisk": 6,
|
||
"uuid": "b402d673-4576-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "2.00",
|
||
"count": 2,
|
||
"label1": "Défaillance de la climatisation",
|
||
"label2": "Failure of air-conditioning",
|
||
"label3": "Ausfall der klimatisierungssysteme",
|
||
"label4": "Defect van de airconditioning",
|
||
"maxRisk": 12,
|
||
"uuid": "b402d67d-4576-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Sinistre environnemental (Incendie, eau, poussière, saleté, etc.)",
|
||
"label2": "Environmental disaster (fire, flood, dust, dirt, etc.)",
|
||
"label3": "Umweltkatastrophe (Feuer, Überschwemmung, Staub, Smutz, etc.)",
|
||
"label4": "Milieuramp (brand, water, stof, vuil enz.)",
|
||
"maxRisk": 3,
|
||
"uuid": "b402d688-4576-11e9-9173-0800277f0571"
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"anr": "{{uuid}}",
|
||
"type": "vulnerability",
|
||
"date": "{{date}}",
|
||
"data": [
|
||
{
|
||
"averageRate": "4.00",
|
||
"count": 2,
|
||
"label1": "Absence de charte informatique précisant les exigences d'utilisation",
|
||
"label2": "No IT charter specifying the rules of use",
|
||
"label3": "Fehlende Informatik-Charta, in der die Benutzungsanforderungen definiert werden",
|
||
"label4": "Gebrek aan een informaticacharter waarin de gebruikseisen worden beschreven",
|
||
"maxRisk": 36,
|
||
"uuid": "69fc1ab1-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "2.50",
|
||
"count": 2,
|
||
"label1": "Les utilisateurs ne sont pas sensibilisés à la sécurité de l'information",
|
||
"label2": "Users are not made aware of information security",
|
||
"label3": "Die Benutzer sind nicht für das Thema Informationssicherheit sensibilisiert.",
|
||
"label4": "De gebruikers worden niet gesensibiliseerd voor informatiebeveiliging",
|
||
"maxRisk": 36,
|
||
"uuid": "69fc0421-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1.00",
|
||
"count": 2,
|
||
"label1": "Absence de formation sur les matériels ou logiciels utilisés",
|
||
"label2": "No training on the equipment or software used",
|
||
"label3": "Fehlende Schulung bezüglich der zum Einsatz kommenden Hardware- und Softwarekomponenten",
|
||
"label4": "Gebrek aan een opleiding omtrent de gebruikte hardware en software",
|
||
"maxRisk": 9,
|
||
"uuid": "69fc1b5f-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "2.00",
|
||
"count": 2,
|
||
"label1": "Possibilité que certains matériels provoquent des nuisances pour le personnel utilisateur (travail devant écran, ondes...)",
|
||
"label2": "Possibility of some equipment being harmful to users (working in front of a screen, emanations, etc.)",
|
||
"label3": "Möglichkeit, dass bestimmte Betriebsmittel schädliche Einwirkungen auf das benutzende Personal haben (Arbeiten am Bildschirm, Wellen usw.)",
|
||
"label4": "Mogelijkheid dat bepaalde hardwarecomponenten hinder veroorzaken voor het gebruikspersoneel (werken voor een scherm, straling ...)",
|
||
"maxRisk": 27,
|
||
"uuid": "69fc0b02-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "2",
|
||
"count": 1,
|
||
"label1": "Matériel d'utilisation complexe ou peu ergonomique",
|
||
"label2": "Equipment that is complex to use or not user-friendly",
|
||
"label3": "Komplex anzuwendende und wenig ergonomische Hardware",
|
||
"label4": "Complexe of niet bijzonder ergonomische hardware",
|
||
"maxRisk": 18,
|
||
"uuid": "69fc0848-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1.50",
|
||
"count": 2,
|
||
"label1": "Mauvaises conditions d'utilisation",
|
||
"label2": "Incorrect operating conditions",
|
||
"label3": "Schlechte Nutzungsbedingungen",
|
||
"label4": "Verkeerde gebruiksomstandigheden",
|
||
"maxRisk": 18,
|
||
"uuid": "69fc0833-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Absence de support à l'utilisateur accessible",
|
||
"label2": "No accessible user support",
|
||
"label3": "Informationsmedien sind dem Benutzer nicht zugänglich",
|
||
"label4": "Gebrek aan toegankelijke gebruikersondersteuning",
|
||
"maxRisk": 9,
|
||
"uuid": "69fc20e0-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Insuffisance de compétence de l'utilisateur",
|
||
"label2": "Users lack competency",
|
||
"label3": "Mangelnder Sachverstand des Nutzers",
|
||
"label4": "Gebruiker beschikt over te weinig kennis",
|
||
"maxRisk": 9,
|
||
"uuid": "69fc1f2b-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "2",
|
||
"count": 1,
|
||
"label1": "Absence de base documentaire, de règles et de procédures",
|
||
"label2": "No document base for rules and procedures",
|
||
"label3": "Fehlende Unterlagendatenbank über Vorschriften und Prozeduren",
|
||
"label4": "Gebrek aan documentatiebasis, regels en procedures",
|
||
"maxRisk": 18,
|
||
"uuid": "69fc1d28-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "2",
|
||
"count": 1,
|
||
"label1": "Vieillissement du matériel",
|
||
"label2": "Ageing of the equipment",
|
||
"label3": "Veralterung des Materials",
|
||
"label4": "Veroudering van de hardware",
|
||
"maxRisk": 18,
|
||
"uuid": "69fc0a81-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "2",
|
||
"count": 1,
|
||
"label1": "Mauvaise fiabilité des matériels",
|
||
"label2": "Poor equipment reliability",
|
||
"label3": "Schlechte Zuverlässigkeit der Betriebsmittel",
|
||
"label4": "Geringe betrouwbaarheid van de hardware",
|
||
"maxRisk": 18,
|
||
"uuid": "69fc0a71-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "2",
|
||
"count": 1,
|
||
"label1": "Défaut de maintenance",
|
||
"label2": "Maintenance fault",
|
||
"label3": "Wartungsfehler",
|
||
"label4": "Onderhoudsfout",
|
||
"maxRisk": 18,
|
||
"uuid": "69fc0a5f-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Absence de protection contre les perturbations électriques",
|
||
"label2": "No protection against electrical disturbances",
|
||
"label3": "Fehlender Schutz gegen elektrische Störungen",
|
||
"label4": "Gebrek aan bescherming tegen elektrische storingen",
|
||
"maxRisk": 9,
|
||
"uuid": "69fc0828-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "3.00",
|
||
"count": 2,
|
||
"label1": "Absence de gestion de niveau de service",
|
||
"label2": "No service level management",
|
||
"label3": "Kein Service-Level-Management",
|
||
"label4": "Gebrek aan beheer van het serviceniveau",
|
||
"maxRisk": 45,
|
||
"uuid": "69fc1324-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "5",
|
||
"count": 1,
|
||
"label1": "Les backups ne sont pas réalisés selon l'état de l'art",
|
||
"label2": "Backups are not carried out in accordance with the state of the art",
|
||
"label3": "Backups werden nicht nach dem neuesten technischen Stand durchgeführt.",
|
||
"label4": "De back-ups worden niet uitgevoerd volgens de regels van het vak",
|
||
"maxRisk": 30,
|
||
"uuid": "69fc0501-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Le matériel est connecté à des réseaux externes",
|
||
"label2": "The system is connected to external networks",
|
||
"label3": "Anschluss des Betriebsmittels an externe Netzwerke",
|
||
"label4": "De hardware is aangesloten op externe netwerken",
|
||
"maxRisk": 6,
|
||
"uuid": "69fc0aed-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "2",
|
||
"count": 1,
|
||
"label1": "Failles dans la gestion de comptes d'administration",
|
||
"label2": "Flaws in the management of administrator accounts",
|
||
"label3": "Verwaltung von Administratorkonten weist Mängel auf",
|
||
"label4": "Zwakke plekken in het beheer van de administratoraccounts",
|
||
"maxRisk": 12,
|
||
"uuid": "69fc16b2-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "4.50",
|
||
"count": 2,
|
||
"label1": "La gestion des autorisations comporte des failles",
|
||
"label2": "Authorisation management is flawed",
|
||
"label3": "Das Genehmigungsmanagement weist Mängel auf.",
|
||
"label4": "Het beheer van de machtiging vertoont mankementen",
|
||
"maxRisk": 45,
|
||
"uuid": "69fc04c4-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Failles dans la gestion ou l'utilisation dans les comptes à privilèges",
|
||
"label2": "Flaws in the management or use of accounts with privileges",
|
||
"label3": "Verwaltung oder Nutzung der Konten mit besonderen Berechtigungen weisen Mängel auf.",
|
||
"label4": "Zwakke plekken in het beheer of het gebruik van de accounts met bepaalde bevoegdheden",
|
||
"maxRisk": 6,
|
||
"uuid": "69fc05aa-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Possibilité d'administrer le système à distance",
|
||
"label2": "Possibility of remote system administration",
|
||
"label3": "Möglichkeit zur Fern-Systemadministration von jeder beliebigen Arbeitsstation aus",
|
||
"label4": "Mogelijkheid om het systeem op afstand te beheren",
|
||
"maxRisk": 6,
|
||
"uuid": "69fbfe5f-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "4",
|
||
"count": 1,
|
||
"label1": "Absence de contrôle périodique des autorisations d’accès logique",
|
||
"label2": "Logical access authorisations are not checked regularly",
|
||
"label3": "Keine regelmäßige Kontrolle der Genehmigungen für den elektronischen Zugang",
|
||
"label4": "Gebrek aan een periodieke controle van de logische-toegangsbevoegdheden",
|
||
"maxRisk": 24,
|
||
"uuid": "69fc05c9-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Absence de cloisonnement des réseaux de communication",
|
||
"label2": "No partitioning of communication networks",
|
||
"label3": "Fehlende Abtrennung der Kommunikationsnetze",
|
||
"label4": "Gebrek aan indeling van de communicatienetwerken",
|
||
"maxRisk": 1,
|
||
"uuid": "69fc011f-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Écran observable depuis l'extérieur",
|
||
"label2": "Screen observable from outside",
|
||
"label3": "Von außen einsehbarer Bildschirm",
|
||
"label4": "Van buitenaf observeerbaar scherm",
|
||
"maxRisk": 1,
|
||
"uuid": "69fc0b46-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Matériel permettant l'enregistrement de données sur support (disquette, ZIP, graveur Cédérom/DVD)",
|
||
"label2": "Equipment allowing data to be recorded on media (floppy disc, ZIP disc, CD/DVD writer)",
|
||
"label3": "Hardware zur Aufzeichnung von Daten auf Datenträgern (Diskette, ZIP, CD-ROM/DVD-Brenner)",
|
||
"label4": "Hardware die het opslaan van gegevens op een drager mogelijk maakt (diskette, zipdisk, cd-rom/dvd-brander)",
|
||
"maxRisk": 3,
|
||
"uuid": "69fc0d2a-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Absence de gestion des privilèges des profils (administrateurs, utilisateurs, invité...)",
|
||
"label2": "No management of profile privileges (administrators, users, guest, etc.)",
|
||
"label3": "Fehlende Verwaltung der Zugriffsprivilegien der einzelnen Profile (Administratoren, Anwender, Gäste usw.)",
|
||
"label4": "Gebrek aan beheer van de rechten van de profielen (administrators, gebruikers, gast ...)",
|
||
"maxRisk": 3,
|
||
"uuid": "69fc166f-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Absence de redondance ou procédure de sauvegarde",
|
||
"label2": "No back-up redundancy or procedure",
|
||
"label3": "Fehlende Redundanz oder Speicherprozedur",
|
||
"label4": "Gebrek aan redundantie of back-upprocedure",
|
||
"maxRisk": 2,
|
||
"uuid": "69fc0d35-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Absence de règles de protection des données",
|
||
"label2": "No data protection rules",
|
||
"label3": "Fehlende Datenschutzvorschriften",
|
||
"label4": "Gebrek aan gegevensbeschermingsregels",
|
||
"maxRisk": 2,
|
||
"uuid": "69fc0c35-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Le matériel est accessible et utilisable par tous",
|
||
"label2": "The equipment can be accessed and used by everyone",
|
||
"label3": "Die Hardware ist allgemein zugänglich und von jedermann benutzbar",
|
||
"label4": "De hardware is voor iedereen toegankelijk en kan door iedereen worden gebruikt",
|
||
"maxRisk": 2,
|
||
"uuid": "69fc0b3b-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Absence de dispositif de traces et d'audit",
|
||
"label2": "No tracking and auditing system",
|
||
"label3": "Fehlende Einrichtung für Protokolldaten und Audits",
|
||
"label4": "Gebrek aan traceer- en auditsystemen",
|
||
"maxRisk": 2,
|
||
"uuid": "69fc0b30-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "3",
|
||
"count": 1,
|
||
"label1": "Absence de conservation des traces des activités",
|
||
"label2": "No storage of activity tracks",
|
||
"label3": "Fehlende Aufbewahrung von Protokolldaten, die Aufschluss über die Aktivitäten geben",
|
||
"label4": "Er worden geen sporen bewaard van de activiteiten",
|
||
"maxRisk": 27,
|
||
"uuid": "69fc1924-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Absence de définition des responsabilités",
|
||
"label2": "No definition of responsibilities",
|
||
"label3": "Fehlende Definition der Verantwortungen",
|
||
"label4": "Gebrek aan een definitie van de verantwoordelijkheden",
|
||
"maxRisk": 6,
|
||
"uuid": "69fc1498-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Matériels attractifs (valeur marchande, technologique, stratégique)",
|
||
"label2": "Tempting equipment (trading value, technology, strategic)",
|
||
"label3": "Attraktive Betriebsmittel (Marktwert und technologische und strategische Werte)",
|
||
"label4": "Aantrekkelijke hardware (handelswaarde, technologische en strategische waarde)",
|
||
"maxRisk": 3,
|
||
"uuid": "69fc0973-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "2.00",
|
||
"count": 3,
|
||
"label1": "Le principe du moindre privilège n'est pas appliqué",
|
||
"label2": "The principle of least privilege is not applied",
|
||
"label3": "Der Least-Privileg-Grundsatz wird nicht angewendet",
|
||
"label4": "Het “least privilege”-beginsel wordt niet toegepast",
|
||
"maxRisk": 18,
|
||
"uuid": "69fbfe14-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "5",
|
||
"count": 1,
|
||
"label1": "Failles dans les périmètres d'accès physiques",
|
||
"label2": "Flaws in the physical access boundaries",
|
||
"label3": "Mängel bei der physischen Zugangskontrolle",
|
||
"label4": "Zwakke plekken in de fysieke toegangsperimeters",
|
||
"maxRisk": 20,
|
||
"uuid": "69fc054b-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "5",
|
||
"count": 1,
|
||
"label1": "Les supports de backup ne sont pas entreposés dans un endroit adéquat",
|
||
"label2": "Backup media are not stored in a suitable place",
|
||
"label3": "Die Backup-Datenträger werden nicht an einem geeigneten Ort aufbewahrt.",
|
||
"label4": "De back-updragers worden niet op een geschikte plaats ondergebracht",
|
||
"maxRisk": 20,
|
||
"uuid": "69fc0574-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "5",
|
||
"count": 1,
|
||
"label1": "Absence de contrôle périodique des autorisations d’accès physique",
|
||
"label2": "Physical access authorisations are not checked regularly",
|
||
"label3": "Keine regelmäßige Kontrolle der Genehmigungen für den physischen Zugang",
|
||
"label4": "Gebrek aan een periodieke controle van de fysieke-toegangsbevoegdheden",
|
||
"maxRisk": 20,
|
||
"uuid": "69fc05bf-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1.00",
|
||
"count": 2,
|
||
"label1": "Présence de données résiduelles à l'insu de l'utilisateur de matériels réattribués ou mis au rebut",
|
||
"label2": "Presence of residual data unknown to the user of reallocated or discarded equipment",
|
||
"label3": "Vorhandensein von Restdaten ohne Wissen des Benutzers auf weitergegebenen oder ausgemusterten Betriebsmitteln",
|
||
"label4": "Aanwezigheid van residuele data buiten het medeweten van de gebruiker op herbestemde of afgedankte hardware",
|
||
"maxRisk": 2,
|
||
"uuid": "69fc0b85-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Absence de système de détection des logiciels malveillants\n\n",
|
||
"label2": "No detection system of malicious programs",
|
||
"label3": "Fehlende Malware Erkennungssystem",
|
||
"label4": "Gebrek aan een systeem voor het detecteren van malware\n\n",
|
||
"maxRisk": 9,
|
||
"uuid": "69fc1afd-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "2",
|
||
"count": 1,
|
||
"label1": "La gestion des mises à jour (patch) comporte des lacunes",
|
||
"label2": "Update management (patches) is flawed",
|
||
"label3": "Das Update-Management (Patches) weist Lücken auf.",
|
||
"label4": "Het beheer van de updates (patches) vertoont lacunes",
|
||
"maxRisk": 18,
|
||
"uuid": "69fc051f-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Absence d'une politique de durcissement des systèmes",
|
||
"label2": "Lack of a system hardening policy",
|
||
"label3": "Keine Richtlinien für das Hardening der Systeme",
|
||
"label4": "Gebrek aan een beleid voor het versterken van de systemen",
|
||
"maxRisk": 9,
|
||
"uuid": "69fc059f-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Absence de procédure d'installation et de configuration",
|
||
"label2": "No procedures for system install and configuration",
|
||
"label3": "Fehlende Prozeduren zur Verwaltung der System Installation und Konfiguration",
|
||
"label4": "Gebrek aan een installatie- en configuratieprocedure",
|
||
"maxRisk": 6,
|
||
"uuid": "69fc1a87-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "5",
|
||
"count": 1,
|
||
"label1": "Absence de vigilance lors d'une intervention d’un tiers (fournisseur, femme de ménage, etc.)",
|
||
"label2": "No supervision of third-party access (supplier, cleaner, etc.)",
|
||
"label3": "Keine Beaufsichtigung Dritter bei ihren Einsätzen (Lieferanten, Reinigungskräfte usw.)",
|
||
"label4": "Gebrek aan waakzaamheid tijdens een interventie van een derde (leverancier, poetsvrouw enz.)",
|
||
"maxRisk": 30,
|
||
"uuid": "69fc05d3-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Absence de coordination entre services concernés avant l'embauche et lors de la modification du contrat",
|
||
"label2": "No coordination between the departments concerned before hiring staff and when contracts are modified",
|
||
"label3": "Keine Koordination zwischen den betreffenden Abteilungen vor der Einstellung von Mitarbeitern und bei Vertragsänderungen",
|
||
"label4": "Gebrek aan coördinatie tussen de betrokken diensten vóór de indienstneming en tijdens de wijziging van het contract",
|
||
"maxRisk": 6,
|
||
"uuid": "69fc063b-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "3",
|
||
"count": 1,
|
||
"label1": "Absence de règles de contrôle des entrées/sorties des matériels dans l'organisme",
|
||
"label2": "No rules for checking equipment entering/leaving the organisation",
|
||
"label3": "Fehlende Kontrollvorschriften für ein- und ausgelieferte Betriebsmittel",
|
||
"label4": "Gebrek aan regels voor de controle van inkomende/uitgaande hardware in het organisme",
|
||
"maxRisk": 6,
|
||
"uuid": "69fc190e-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Les données de production sont utilisées à des fins de test ou de développement",
|
||
"label2": "Production data are used for tests or development",
|
||
"label3": "Die Produktivdaten werden für Test- oder Entwicklungszwecke verwendet.",
|
||
"label4": "De productiegegevens worden gebruikt voor test- of ontwikkelingsdoeleinden",
|
||
"maxRisk": 2,
|
||
"uuid": "69fc05dd-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Matériels obsolètes",
|
||
"label2": "Obsolete hardware",
|
||
"label3": "Veraltete Betriebsmittel",
|
||
"label4": "Verouderde hardware",
|
||
"maxRisk": 6,
|
||
"uuid": "69fc0ad8-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Matériels à configurations non évolutives",
|
||
"label2": "Non-upgradable hardware",
|
||
"label3": "Hardware ohne weiterentwicklungsfähige Konfigurationen",
|
||
"label4": "Hardware met niet-evolutieve configuraties",
|
||
"maxRisk": 6,
|
||
"uuid": "69fc0acd-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Absence d'organisation de gestion des incidents de sécurité",
|
||
"label2": "No organisation for management of security incidents",
|
||
"label3": "Fehlende Organisation zur Verwaltung von Sicherheitszwischenfällen",
|
||
"label4": "Gebrek aan beheer van de veiligheidsincidenten",
|
||
"maxRisk": 4,
|
||
"uuid": "69fc18f7-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "3",
|
||
"count": 1,
|
||
"label1": "Absence de plan de reprise",
|
||
"label2": "No recovery plan",
|
||
"label3": "Kein Disaster Recovery-Plan",
|
||
"label4": "Gebrek aan een herstelprogramma",
|
||
"maxRisk": 12,
|
||
"uuid": "69fc04f7-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "3.00",
|
||
"count": 2,
|
||
"label1": "Non-redondance du personnel stratégique",
|
||
"label2": "No substitutes for strategic personnel",
|
||
"label3": "Keine Redundanz des strategischen Personals",
|
||
"label4": "Niet-redundantie van het strategische personeel",
|
||
"maxRisk": 30,
|
||
"uuid": "69fc1cfd-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Matériel accessible à des personnes non autorisées",
|
||
"label2": "Equipment accessible to unauthorized persons",
|
||
"label3": "Zugänglichkeit der Betriebsmittel durch Fremde",
|
||
"label4": "Hardware toegankelijk voor onbevoegde personen",
|
||
"maxRisk": 6,
|
||
"uuid": "69fc091c-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Fragilité des matériels",
|
||
"label2": "Fragility of equipment",
|
||
"label3": "Empfindlichkeit der Betriebsmittel",
|
||
"label4": "Broosheid van de hardware",
|
||
"maxRisk": 6,
|
||
"uuid": "69fc088a-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Matériel utilisant des matériaux inflammables (ex.: imprimantes de masse provoquant des poussières)",
|
||
"label2": "Equipment using flammable materials (e.g. bulk printers producing dust)",
|
||
"label3": "Betriebsmittel in Kontakt mit brennbaren Stoffen (z. B. stauberzeugende Massendrucker)",
|
||
"label4": "Hardware die gebruikmaakt van brandbare materialen (bv.: massaprinters die stof veroorzaken)",
|
||
"maxRisk": 3,
|
||
"uuid": "69fc087f-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1.00",
|
||
"count": 3,
|
||
"label1": "Absence de matériels de remplacement",
|
||
"label2": "No substitution equipment",
|
||
"label3": "Fehlende Ersatz-Betriebsmittel",
|
||
"label4": "Gebrek aan een vervangingshardware",
|
||
"maxRisk": 3,
|
||
"uuid": "69fc0852-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Matériel sensible aux perturbations électriques (chutes de tension, surtensions, microcoupure)",
|
||
"label2": "Equipment sensitive to electrical disturbances (voltage drops, overvoltages, transient power-cuts)",
|
||
"label3": "Störempfindliches Material (Spannungsabfälle, Überspannungen, Mikrounterbrechungen)",
|
||
"label4": "Hardware gevoelig voor elektrische storingen (spanningsdalingen, overspanningen, micro-onderbrekingen)",
|
||
"maxRisk": 6,
|
||
"uuid": "69fc0929-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Mauvais dimensionnement des dispositifs de secours énergie (onduleur, batteries...)",
|
||
"label2": "Incorrect sizing of emergency power supply equipment (inverter, batteries, etc.)",
|
||
"label3": "Schlechte Dimensionierung der Notversorgungseinheiten (Wechselrichter, Batterien usw.)",
|
||
"label4": "Verkeerde dimensionering van de noodvoedingssystemen (omzetter, batterijen ...)",
|
||
"maxRisk": 6,
|
||
"uuid": "69fc280e-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "2",
|
||
"count": 1,
|
||
"label1": "Matériel nécessitant une climatisation pour fonctionner",
|
||
"label2": "Equipment requiring air-conditioning in order to operate",
|
||
"label3": "Zu klimatisierende Betriebsmittel",
|
||
"label4": "Hardware die een airconditioning vereist om te werken",
|
||
"maxRisk": 12,
|
||
"uuid": "69fc0c63-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Absence de révision des besoins de climatisation en cas de modification des locaux ou d'ajout de matériel",
|
||
"label2": "No revision of air-conditioning needs when premises are modified or equipment is added.",
|
||
"label3": "Fehlende Nachkontrolle der Klimatisierungsbedürfnisse nach Umbau oder Hinzufügung von Betriebsmitteln",
|
||
"label4": "Gebrek aan herziening van de airconditioningsbehoeften in geval van een wijziging van de lokalen of toevoeging van hardware",
|
||
"maxRisk": 4,
|
||
"uuid": "69fc2475-4591-11e9-9173-0800277f0571"
|
||
},
|
||
{
|
||
"averageRate": "1",
|
||
"count": 1,
|
||
"label1": "Les locaux ne sont pas sécurisés ou peuvent être compromis par des éléments externes",
|
||
"label2": "Premises are not secure or could be compromised by external elements",
|
||
"label3": "Die Räumlichkeiten sind nicht gesichert bzw. können von fremden Personen betreten werden.",
|
||
"label4": "De lokalen zijn niet beveiligd of kunnen in gevaar worden gebracht door externe elementen",
|
||
"maxRisk": 3,
|
||
"uuid": "69fc0536-4591-11e9-9173-0800277f0571"
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"anr": "{{uuid}}",
|
||
"type": "cartography",
|
||
"date": "{{date}}",
|
||
"data": {
|
||
"risks": {
|
||
"current": {
|
||
"informational": {
|
||
"1": {
|
||
"0": 12,
|
||
"1": 2,
|
||
"2": 3,
|
||
"6": 1
|
||
},
|
||
"2": {
|
||
"0": 5,
|
||
"1": 4,
|
||
"2": 3,
|
||
"3": 1,
|
||
"6": 1,
|
||
"8": 1,
|
||
"10": 3
|
||
},
|
||
"3": {
|
||
"0": 12,
|
||
"1": 8,
|
||
"2": 15,
|
||
"3": 8,
|
||
"4": 2,
|
||
"6": 9,
|
||
"8": 1,
|
||
"9": 2,
|
||
"10": 3,
|
||
"12": 3,
|
||
"15": 2
|
||
}
|
||
},
|
||
"operational": {
|
||
"1": [
|
||
8,
|
||
6
|
||
],
|
||
"2": {
|
||
"0": 2,
|
||
"1": 2,
|
||
"4": 1
|
||
},
|
||
"3": {
|
||
"2": 1,
|
||
"4": 8
|
||
}
|
||
}
|
||
},
|
||
"residual": {
|
||
"informational": {
|
||
"1": {
|
||
"0": 12,
|
||
"1": 2,
|
||
"2": 3,
|
||
"6": 1
|
||
},
|
||
"2": {
|
||
"0": 7,
|
||
"1": 4,
|
||
"2": 3,
|
||
"3": 1,
|
||
"4": 2,
|
||
"6": 1
|
||
},
|
||
"3": {
|
||
"0": 12,
|
||
"1": 8,
|
||
"2": 19,
|
||
"3": 11,
|
||
"4": 3,
|
||
"6": 9,
|
||
"9": 2,
|
||
"12": 1
|
||
}
|
||
},
|
||
"operational": {
|
||
"1": [
|
||
8,
|
||
6
|
||
],
|
||
"2": [
|
||
2,
|
||
3
|
||
],
|
||
"3": {
|
||
"1": 9
|
||
}
|
||
}
|
||
}
|
||
},
|
||
"scales": {
|
||
"impact": [
|
||
0,
|
||
1,
|
||
2,
|
||
3,
|
||
4
|
||
],
|
||
"likelihood": [
|
||
0,
|
||
1,
|
||
2,
|
||
3,
|
||
4,
|
||
5,
|
||
6,
|
||
8,
|
||
9,
|
||
10,
|
||
12,
|
||
15,
|
||
16,
|
||
20
|
||
],
|
||
"probability": [
|
||
0,
|
||
1,
|
||
2,
|
||
3,
|
||
4
|
||
]
|
||
}
|
||
}
|
||
},
|
||
{
|
||
"anr": "{{uuid}}",
|
||
"type": "compliance",
|
||
"date": "{{date}}",
|
||
"data": [
|
||
{
|
||
"current": [
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "5.1.1",
|
||
"measure": "267fc596-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.20"
|
||
},
|
||
{
|
||
"code": "5.1.2",
|
||
"measure": "267fc6a6-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.20"
|
||
}
|
||
],
|
||
"label1": "Politiques de sécurité de l'information",
|
||
"label2": "Information security policies",
|
||
"label3": "Informationssicherheitspolitik",
|
||
"label4": "Informatiebeveiligingsbeleid",
|
||
"value": "0.20"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "6.1.1",
|
||
"measure": "267fc73c-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "6.1.2",
|
||
"measure": "267fd0b1-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "6.1.3",
|
||
"measure": "267fc7c0-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.20"
|
||
},
|
||
{
|
||
"code": "6.1.4",
|
||
"measure": "267fc80f-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.60"
|
||
},
|
||
{
|
||
"code": "6.1.5",
|
||
"measure": "267fe6b9-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.00"
|
||
},
|
||
{
|
||
"code": "6.2.1",
|
||
"measure": "267fd9d0-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.20"
|
||
},
|
||
{
|
||
"code": "6.2.2",
|
||
"measure": "267fda0e-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.00"
|
||
}
|
||
],
|
||
"label1": "Organisation de la sécurité de l'information",
|
||
"label2": "Organization of information security",
|
||
"label3": "Organisation der Informationssicherheit",
|
||
"label4": "Organiseren van informatiebeveiliging",
|
||
"value": "0.42"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "7.1.1",
|
||
"measure": "267fca6b-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "7.1.2",
|
||
"measure": "267fcaad-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "7.2.1",
|
||
"measure": "267fc6f7-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.60"
|
||
},
|
||
{
|
||
"code": "7.2.2",
|
||
"measure": "267fcaeb-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.40"
|
||
},
|
||
{
|
||
"code": "7.2.3",
|
||
"measure": "267fcb29-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.60"
|
||
},
|
||
{
|
||
"code": "7.3.1",
|
||
"measure": "267fcb79-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.80"
|
||
}
|
||
],
|
||
"label1": "La sécurité des ressources humaines",
|
||
"label2": "Human resource security",
|
||
"label3": "Personalsicherheit",
|
||
"label4": "Veilig personeel",
|
||
"value": "0.73"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "8.1.1",
|
||
"measure": "267fc90c-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "8.1.2",
|
||
"measure": "267fc94c-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "8.1.3",
|
||
"measure": "267fc989-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.40"
|
||
},
|
||
{
|
||
"code": "8.1.4",
|
||
"measure": "267fcbce-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.80"
|
||
},
|
||
{
|
||
"code": "8.2.1",
|
||
"measure": "267fc9c9-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.80"
|
||
},
|
||
{
|
||
"code": "8.2.2",
|
||
"measure": "267fca19-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.20"
|
||
},
|
||
{
|
||
"code": "8.2.3",
|
||
"measure": "267fe71a-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "8.3.1",
|
||
"measure": "267fd32a-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.00"
|
||
},
|
||
{
|
||
"code": "8.3.2",
|
||
"measure": "267fd369-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.80"
|
||
},
|
||
{
|
||
"code": "8.3.3",
|
||
"measure": "267fd421-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.60"
|
||
}
|
||
],
|
||
"label1": "Gestion des actifs",
|
||
"label2": "Asset management",
|
||
"label3": "Asset Management",
|
||
"label4": "Beheer van bedrijfsmiddelen",
|
||
"value": "0.66"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "9.1.1",
|
||
"measure": "267fd659-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.20"
|
||
},
|
||
{
|
||
"code": "9.1.2",
|
||
"measure": "267fd81b-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.80"
|
||
},
|
||
{
|
||
"code": "9.2.1",
|
||
"measure": "267fd899-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.40"
|
||
},
|
||
{
|
||
"code": "9.2.2",
|
||
"measure": "267fe782-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.20"
|
||
},
|
||
{
|
||
"code": "9.2.3",
|
||
"measure": "267fd69f-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.60"
|
||
},
|
||
{
|
||
"code": "9.2.4",
|
||
"measure": "267fd6e4-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.20"
|
||
},
|
||
{
|
||
"code": "9.2.5",
|
||
"measure": "267fd723-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.80"
|
||
},
|
||
{
|
||
"code": "9.2.6",
|
||
"measure": "267fcc3c-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "9.3.1",
|
||
"measure": "267fd761-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.60"
|
||
},
|
||
{
|
||
"code": "9.4.1",
|
||
"measure": "267fd993-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.00"
|
||
},
|
||
{
|
||
"code": "9.4.2",
|
||
"measure": "267fd954-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.80"
|
||
},
|
||
{
|
||
"code": "9.4.3",
|
||
"measure": "267fd8d8-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.40"
|
||
},
|
||
{
|
||
"code": "9.4.4",
|
||
"measure": "267fd917-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.80"
|
||
},
|
||
{
|
||
"code": "9.4.5",
|
||
"measure": "267fdbf1-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
}
|
||
],
|
||
"label1": "Contrôle d'accès",
|
||
"label2": "Access control",
|
||
"label3": "Zugriffskontrolle",
|
||
"label4": "Toegangsbeveiliging",
|
||
"value": "0.55"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "10.1.1",
|
||
"measure": "267fda8c-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.40"
|
||
},
|
||
{
|
||
"code": "10.1.2",
|
||
"measure": "267fdacc-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.00"
|
||
}
|
||
],
|
||
"label1": "Cryptographie",
|
||
"label2": "Cryptography",
|
||
"label3": "Kryptografie",
|
||
"label4": "Cryptografie",
|
||
"value": "0.20"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "11.1.1",
|
||
"measure": "267fcca4-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.40"
|
||
},
|
||
{
|
||
"code": "11.1.2",
|
||
"measure": "267fcce9-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.60"
|
||
},
|
||
{
|
||
"code": "11.1.3",
|
||
"measure": "267fcd30-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "11.1.4",
|
||
"measure": "267fcd6f-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.80"
|
||
},
|
||
{
|
||
"code": "11.1.5",
|
||
"measure": "267fcdac-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "11.1.6",
|
||
"measure": "267fcdec-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.20"
|
||
},
|
||
{
|
||
"code": "11.2.1",
|
||
"measure": "267fce44-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.40"
|
||
},
|
||
{
|
||
"code": "11.2.2",
|
||
"measure": "267fce8a-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.60"
|
||
},
|
||
{
|
||
"code": "11.2.3",
|
||
"measure": "267fcecb-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.80"
|
||
},
|
||
{
|
||
"code": "11.2.4",
|
||
"measure": "267fcf0a-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "11.2.5",
|
||
"measure": "267fcfdf-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "11.2.6",
|
||
"measure": "267fcf4f-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "11.2.7",
|
||
"measure": "267fcf90-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "11.2.8",
|
||
"measure": "267fd7a0-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.40"
|
||
},
|
||
{
|
||
"code": "11.2.9",
|
||
"measure": "267fd7dd-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.40"
|
||
}
|
||
],
|
||
"label1": "Sécurité physique et environnementale",
|
||
"label2": "Physical and environmental security",
|
||
"label3": "Physische und Umgebungssicherheit",
|
||
"label4": "Fysieke beveiliging en beveiliging van de omgeving",
|
||
"value": "0.70"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "12.1.1",
|
||
"measure": "267fd029-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "12.1.2",
|
||
"measure": "267fd073-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.80"
|
||
},
|
||
{
|
||
"code": "12.1.3",
|
||
"measure": "267fd1a8-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "12.1.4",
|
||
"measure": "267fd0ef-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.80"
|
||
},
|
||
{
|
||
"code": "12.2.1",
|
||
"measure": "267fd22e-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "12.3.1",
|
||
"measure": "267fd272-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "12.4.1",
|
||
"measure": "267fd529-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "12.4.2",
|
||
"measure": "267fd567-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "12.4.3",
|
||
"measure": "267fd5ae-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.20"
|
||
},
|
||
{
|
||
"code": "12.4.4",
|
||
"measure": "267fd610-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.40"
|
||
},
|
||
{
|
||
"code": "12.5.1",
|
||
"measure": "267fdb18-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.80"
|
||
},
|
||
{
|
||
"code": "12.6.1",
|
||
"measure": "267fdda3-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "12.6.2",
|
||
"measure": "267fe8fe-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "12.7.1",
|
||
"measure": "267fe660-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
}
|
||
],
|
||
"label1": "Sécurité liée à l'exploitation",
|
||
"label2": "Operations security",
|
||
"label3": "Betriebssicherheit",
|
||
"label4": "Beveiliging bedrijfsvoering",
|
||
"value": "0.85"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "13.1.1",
|
||
"measure": "267fd2b1-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.20"
|
||
},
|
||
{
|
||
"code": "13.1.2",
|
||
"measure": "267fd2ee-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "13.1.3",
|
||
"measure": "267fd85b-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "13.2.1",
|
||
"measure": "267fd3a6-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "13.2.2",
|
||
"measure": "267fd3e3-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "13.2.3",
|
||
"measure": "267fd462-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.20"
|
||
},
|
||
{
|
||
"code": "13.2.4",
|
||
"measure": "267fc77e-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.60"
|
||
}
|
||
],
|
||
"label1": "Sécurité des communications",
|
||
"label2": "Communications security",
|
||
"label3": "Kommunikationssicherheit",
|
||
"label4": "Communicatiebeveiliging",
|
||
"value": "0.71"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "14.1.1",
|
||
"measure": "267fda50-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "14.1.2",
|
||
"measure": "267fd4ac-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.40"
|
||
},
|
||
{
|
||
"code": "14.1.3",
|
||
"measure": "267fd4ed-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.60"
|
||
},
|
||
{
|
||
"code": "14.2.1",
|
||
"measure": "267fe8a1-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.20"
|
||
},
|
||
{
|
||
"code": "14.2.2",
|
||
"measure": "267fdc38-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.40"
|
||
},
|
||
{
|
||
"code": "14.2.3",
|
||
"measure": "267fdc8c-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.40"
|
||
},
|
||
{
|
||
"code": "14.2.4",
|
||
"measure": "267fdcf3-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.80"
|
||
},
|
||
{
|
||
"code": "14.2.5",
|
||
"measure": "267fdf36-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "14.2.6",
|
||
"measure": "267fe847-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.40"
|
||
},
|
||
{
|
||
"code": "14.2.7",
|
||
"measure": "267fdd55-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.80"
|
||
},
|
||
{
|
||
"code": "14.2.8",
|
||
"measure": "267fe7e9-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.80"
|
||
},
|
||
{
|
||
"code": "14.2.9",
|
||
"measure": "267fd1ea-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "14.3.1",
|
||
"measure": "267fdb78-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
}
|
||
],
|
||
"label1": "Acquisition, développement et maintenance des systèmes d'information",
|
||
"label2": "System acquisition, development and maintenance",
|
||
"label3": "Systemerwerb, Entwicklung und Wartung",
|
||
"label4": "Acquisitie, ontwikkeling en onderhoud van informatiesystemen",
|
||
"value": "0.67"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "15.1.1",
|
||
"measure": "267fc88e-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.20"
|
||
},
|
||
{
|
||
"code": "15.1.2",
|
||
"measure": "267fc8cc-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.60"
|
||
},
|
||
{
|
||
"code": "15.1.3",
|
||
"measure": "267fe959-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.80"
|
||
},
|
||
{
|
||
"code": "15.2.1",
|
||
"measure": "267fd12f-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.80"
|
||
},
|
||
{
|
||
"code": "15.2.2",
|
||
"measure": "267fd16b-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
}
|
||
],
|
||
"label1": "Relations avec le fournisseurs",
|
||
"label2": "Supplier relationships",
|
||
"label3": "Lieferantenbeziehungen",
|
||
"label4": "Leveranciersrelaties",
|
||
"value": "0.68"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "16.1.1",
|
||
"measure": "267fde78-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.80"
|
||
},
|
||
{
|
||
"code": "16.1.2",
|
||
"measure": "267fddeb-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.00"
|
||
},
|
||
{
|
||
"code": "16.1.3",
|
||
"measure": "267fde31-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "16.1.4",
|
||
"measure": "267fe9b4-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "16.1.5",
|
||
"measure": "267fea11-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "16.1.6",
|
||
"measure": "267fdeb8-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.00"
|
||
},
|
||
{
|
||
"code": "16.1.7",
|
||
"measure": "267fdef6-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.60"
|
||
}
|
||
],
|
||
"label1": "Gestion des incidents liés à la sécurité de l'information",
|
||
"label2": "information security incident management",
|
||
"label3": "Informationssicherheits-Störfallmanagement",
|
||
"label4": "Beheer van informatiebeveiligingsincidenten",
|
||
"value": "0.62"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "17.1.1",
|
||
"measure": "267fdf76-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.80"
|
||
},
|
||
{
|
||
"code": "17.1.2",
|
||
"measure": "267fdfbe-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "17.1.3",
|
||
"measure": "267fe022-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "17.2.1",
|
||
"measure": "267fea72-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.20"
|
||
}
|
||
],
|
||
"label1": "Aspects de la sécurité de l'information dans la gestion de la continuité de l'activité",
|
||
"label2": "Information security aspects of business continuity management",
|
||
"label3": "Informationssicherheitsaspekte des betrieblichen Kontinuitätsmanagement",
|
||
"label4": "Informatiebeveiligingsaspecten van bedrijfscontinuïteitsbeheer",
|
||
"value": "0.75"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "18.1.1",
|
||
"measure": "267fe08b-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.60"
|
||
},
|
||
{
|
||
"code": "18.1.2",
|
||
"measure": "267fe307-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.80"
|
||
},
|
||
{
|
||
"code": "18.1.3",
|
||
"measure": "267fe37d-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "18.1.4",
|
||
"measure": "267fe3de-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "18.1.5",
|
||
"measure": "267fe510-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.40"
|
||
},
|
||
{
|
||
"code": "18.2.1",
|
||
"measure": "267fc84f-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.60"
|
||
},
|
||
{
|
||
"code": "18.2.2",
|
||
"measure": "267fe58f-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"code": "18.2.3",
|
||
"measure": "267fe600-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0.80"
|
||
}
|
||
],
|
||
"label1": "Conformité",
|
||
"label2": "Compliance",
|
||
"label3": "Konformität",
|
||
"label4": "Naleving",
|
||
"value": "0.77"
|
||
}
|
||
],
|
||
"label1": "ISO 27002",
|
||
"label2": "ISO 27002",
|
||
"label3": "ISO 27002",
|
||
"label4": "ISO 27002",
|
||
"referential": "98ca84fb-db87-11e8-ac77-0800279aaa2b",
|
||
"target": [
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "5.1.1",
|
||
"measure": "267fc596-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "5.1.2",
|
||
"measure": "267fc6a6-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
}
|
||
],
|
||
"label1": "Politiques de sécurité de l'information",
|
||
"label2": "Information security policies",
|
||
"label3": "Informationssicherheitspolitik",
|
||
"label4": "Informatiebeveiligingsbeleid",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "6.1.1",
|
||
"measure": "267fc73c-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "6.1.2",
|
||
"measure": "267fd0b1-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "6.1.3",
|
||
"measure": "267fc7c0-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "6.1.4",
|
||
"measure": "267fc80f-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "6.1.5",
|
||
"measure": "267fe6b9-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0"
|
||
},
|
||
{
|
||
"code": "6.2.1",
|
||
"measure": "267fd9d0-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "6.2.2",
|
||
"measure": "267fda0e-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0"
|
||
}
|
||
],
|
||
"label1": "Organisation de la sécurité de l'information",
|
||
"label2": "Organization of information security",
|
||
"label3": "Organisation der Informationssicherheit",
|
||
"label4": "Organiseren van informatiebeveiliging",
|
||
"value": "0.71"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "7.1.1",
|
||
"measure": "267fca6b-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "7.1.2",
|
||
"measure": "267fcaad-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "7.2.1",
|
||
"measure": "267fc6f7-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "7.2.2",
|
||
"measure": "267fcaeb-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "7.2.3",
|
||
"measure": "267fcb29-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "7.3.1",
|
||
"measure": "267fcb79-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
}
|
||
],
|
||
"label1": "La sécurité des ressources humaines",
|
||
"label2": "Human resource security",
|
||
"label3": "Personalsicherheit",
|
||
"label4": "Veilig personeel",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "8.1.1",
|
||
"measure": "267fc90c-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "8.1.2",
|
||
"measure": "267fc94c-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "8.1.3",
|
||
"measure": "267fc989-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "8.1.4",
|
||
"measure": "267fcbce-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "8.2.1",
|
||
"measure": "267fc9c9-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "8.2.2",
|
||
"measure": "267fca19-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "8.2.3",
|
||
"measure": "267fe71a-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "8.3.1",
|
||
"measure": "267fd32a-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0"
|
||
},
|
||
{
|
||
"code": "8.3.2",
|
||
"measure": "267fd369-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "8.3.3",
|
||
"measure": "267fd421-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
}
|
||
],
|
||
"label1": "Gestion des actifs",
|
||
"label2": "Asset management",
|
||
"label3": "Asset Management",
|
||
"label4": "Beheer van bedrijfsmiddelen",
|
||
"value": "0.90"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "9.1.1",
|
||
"measure": "267fd659-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "9.1.2",
|
||
"measure": "267fd81b-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "9.2.1",
|
||
"measure": "267fd899-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "9.2.2",
|
||
"measure": "267fe782-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "9.2.3",
|
||
"measure": "267fd69f-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "9.2.4",
|
||
"measure": "267fd6e4-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "9.2.5",
|
||
"measure": "267fd723-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "9.2.6",
|
||
"measure": "267fcc3c-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "9.3.1",
|
||
"measure": "267fd761-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "9.4.1",
|
||
"measure": "267fd993-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0"
|
||
},
|
||
{
|
||
"code": "9.4.2",
|
||
"measure": "267fd954-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "9.4.3",
|
||
"measure": "267fd8d8-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "9.4.4",
|
||
"measure": "267fd917-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "9.4.5",
|
||
"measure": "267fdbf1-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
}
|
||
],
|
||
"label1": "Contrôle d'accès",
|
||
"label2": "Access control",
|
||
"label3": "Zugriffskontrolle",
|
||
"label4": "Toegangsbeveiliging",
|
||
"value": "0.92"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "10.1.1",
|
||
"measure": "267fda8c-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "10.1.2",
|
||
"measure": "267fdacc-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0"
|
||
}
|
||
],
|
||
"label1": "Cryptographie",
|
||
"label2": "Cryptography",
|
||
"label3": "Kryptografie",
|
||
"label4": "Cryptografie",
|
||
"value": "0.50"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "11.1.1",
|
||
"measure": "267fcca4-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "11.1.2",
|
||
"measure": "267fcce9-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "11.1.3",
|
||
"measure": "267fcd30-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "11.1.4",
|
||
"measure": "267fcd6f-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "11.1.5",
|
||
"measure": "267fcdac-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "11.1.6",
|
||
"measure": "267fcdec-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "11.2.1",
|
||
"measure": "267fce44-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "11.2.2",
|
||
"measure": "267fce8a-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "11.2.3",
|
||
"measure": "267fcecb-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "11.2.4",
|
||
"measure": "267fcf0a-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "11.2.5",
|
||
"measure": "267fcfdf-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "11.2.6",
|
||
"measure": "267fcf4f-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "11.2.7",
|
||
"measure": "267fcf90-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "11.2.8",
|
||
"measure": "267fd7a0-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "11.2.9",
|
||
"measure": "267fd7dd-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
}
|
||
],
|
||
"label1": "Sécurité physique et environnementale",
|
||
"label2": "Physical and environmental security",
|
||
"label3": "Physische und Umgebungssicherheit",
|
||
"label4": "Fysieke beveiliging en beveiliging van de omgeving",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "12.1.1",
|
||
"measure": "267fd029-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "12.1.2",
|
||
"measure": "267fd073-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "12.1.3",
|
||
"measure": "267fd1a8-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "12.1.4",
|
||
"measure": "267fd0ef-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "12.2.1",
|
||
"measure": "267fd22e-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "12.3.1",
|
||
"measure": "267fd272-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "12.4.1",
|
||
"measure": "267fd529-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "12.4.2",
|
||
"measure": "267fd567-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "12.4.3",
|
||
"measure": "267fd5ae-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "12.4.4",
|
||
"measure": "267fd610-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "12.5.1",
|
||
"measure": "267fdb18-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "12.6.1",
|
||
"measure": "267fdda3-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "12.6.2",
|
||
"measure": "267fe8fe-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "12.7.1",
|
||
"measure": "267fe660-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
}
|
||
],
|
||
"label1": "Sécurité liée à l'exploitation",
|
||
"label2": "Operations security",
|
||
"label3": "Betriebssicherheit",
|
||
"label4": "Beveiliging bedrijfsvoering",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "13.1.1",
|
||
"measure": "267fd2b1-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "13.1.2",
|
||
"measure": "267fd2ee-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "13.1.3",
|
||
"measure": "267fd85b-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "13.2.1",
|
||
"measure": "267fd3a6-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "13.2.2",
|
||
"measure": "267fd3e3-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "13.2.3",
|
||
"measure": "267fd462-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "13.2.4",
|
||
"measure": "267fc77e-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
}
|
||
],
|
||
"label1": "Sécurité des communications",
|
||
"label2": "Communications security",
|
||
"label3": "Kommunikationssicherheit",
|
||
"label4": "Communicatiebeveiliging",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "14.1.1",
|
||
"measure": "267fda50-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "14.1.2",
|
||
"measure": "267fd4ac-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "14.1.3",
|
||
"measure": "267fd4ed-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "14.2.1",
|
||
"measure": "267fe8a1-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "14.2.2",
|
||
"measure": "267fdc38-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "14.2.3",
|
||
"measure": "267fdc8c-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "14.2.4",
|
||
"measure": "267fdcf3-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "14.2.5",
|
||
"measure": "267fdf36-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "14.2.6",
|
||
"measure": "267fe847-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "14.2.7",
|
||
"measure": "267fdd55-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "14.2.8",
|
||
"measure": "267fe7e9-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "14.2.9",
|
||
"measure": "267fd1ea-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "14.3.1",
|
||
"measure": "267fdb78-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
}
|
||
],
|
||
"label1": "Acquisition, développement et maintenance des systèmes d'information",
|
||
"label2": "System acquisition, development and maintenance",
|
||
"label3": "Systemerwerb, Entwicklung und Wartung",
|
||
"label4": "Acquisitie, ontwikkeling en onderhoud van informatiesystemen",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "15.1.1",
|
||
"measure": "267fc88e-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "15.1.2",
|
||
"measure": "267fc8cc-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "15.1.3",
|
||
"measure": "267fe959-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "15.2.1",
|
||
"measure": "267fd12f-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "15.2.2",
|
||
"measure": "267fd16b-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
}
|
||
],
|
||
"label1": "Relations avec le fournisseurs",
|
||
"label2": "Supplier relationships",
|
||
"label3": "Lieferantenbeziehungen",
|
||
"label4": "Leveranciersrelaties",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "16.1.1",
|
||
"measure": "267fde78-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "16.1.2",
|
||
"measure": "267fddeb-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0"
|
||
},
|
||
{
|
||
"code": "16.1.3",
|
||
"measure": "267fde31-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "16.1.4",
|
||
"measure": "267fe9b4-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "16.1.5",
|
||
"measure": "267fea11-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "16.1.6",
|
||
"measure": "267fdeb8-f705-11e8-b555-0800279aaa2b",
|
||
"value": "0"
|
||
},
|
||
{
|
||
"code": "16.1.7",
|
||
"measure": "267fdef6-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
}
|
||
],
|
||
"label1": "Gestion des incidents liés à la sécurité de l'information",
|
||
"label2": "information security incident management",
|
||
"label3": "Informationssicherheits-Störfallmanagement",
|
||
"label4": "Beheer van informatiebeveiligingsincidenten",
|
||
"value": "0.71"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "17.1.1",
|
||
"measure": "267fdf76-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "17.1.2",
|
||
"measure": "267fdfbe-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "17.1.3",
|
||
"measure": "267fe022-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "17.2.1",
|
||
"measure": "267fea72-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
}
|
||
],
|
||
"label1": "Aspects de la sécurité de l'information dans la gestion de la continuité de l'activité",
|
||
"label2": "Information security aspects of business continuity management",
|
||
"label3": "Informationssicherheitsaspekte des betrieblichen Kontinuitätsmanagement",
|
||
"label4": "Informatiebeveiligingsaspecten van bedrijfscontinuïteitsbeheer",
|
||
"value": "1.00"
|
||
},
|
||
{
|
||
"controls": [
|
||
{
|
||
"code": "18.1.1",
|
||
"measure": "267fe08b-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "18.1.2",
|
||
"measure": "267fe307-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "18.1.3",
|
||
"measure": "267fe37d-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "18.1.4",
|
||
"measure": "267fe3de-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "18.1.5",
|
||
"measure": "267fe510-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "18.2.1",
|
||
"measure": "267fc84f-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "18.2.2",
|
||
"measure": "267fe58f-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
},
|
||
{
|
||
"code": "18.2.3",
|
||
"measure": "267fe600-f705-11e8-b555-0800279aaa2b",
|
||
"value": "1"
|
||
}
|
||
],
|
||
"label1": "Conformité",
|
||
"label2": "Compliance",
|
||
"label3": "Konformität",
|
||
"label4": "Naleving",
|
||
"value": "1.00"
|
||
}
|
||
]
|
||
}
|
||
]
|
||
}
|
||
]
|