kitos/Aegis
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat(compliance): add ISO/IEC 27001:2022 and ISO/IEC 42001:2023 frameworks

Browse Source 
ISO 27001:2022: 37 Annex A controls across 4 themes (Organizational,
People, Physical, Technological) mapped to MITRE ATT&CK techniques.

ISO 42001:2023: 25 Annex A controls for AI Management Systems mapped to
relevant ATT&CK techniques covering AI supply chain, data pipeline
integrity, model serving security, and third-party AI risk.

Backend: import functions, _import_curated_framework() shared helper,
and POST /compliance/import/iso-27001 + iso-42001 endpoints.
Frontend: API client functions + import buttons in CompliancePage.
This commit is contained in:
kitos
2026-06-03 15:50:54 +02:00
parent fd39658f5d
commit 200ef88d67
4 changed files with 640 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
frontend/src/api/compliance.ts
+12
View File
@@ -126,3 +126,15 @@ export async function importDoraMappings(): Promise<Record<string, unknown>> {
const { data } = await client.post("/compliance/import/dora");
return data;
}
/** Import ISO/IEC 27001:2022 Annex A compliance mappings (admin). */
export async function importIso27001Mappings(): Promise<Record<string, unknown>> {
const { data } = await client.post("/compliance/import/iso-27001");
return data;
}
/** Import ISO/IEC 42001:2023 AI Management System compliance mappings (admin). */
export async function importIso42001Mappings(): Promise<Record<string, unknown>> {
const { data } = await client.post("/compliance/import/iso-42001");
return data;
}