Aegis/backend/app/services/compliance_import_service.py at 0b82d96bcc645b639c7ea3e7b621a5af58787acf

Files

Aegis CI / lint-and-test (push) Has been cancelled

Details

feat(compliance): add ISO/IEC 27001:2022 and ISO/IEC 42001:2023 frameworks

ISO 27001:2022: 37 Annex A controls across 4 themes (Organizational,
People, Physical, Technological) mapped to MITRE ATT&CK techniques.

ISO 42001:2023: 25 Annex A controls for AI Management Systems mapped to
relevant ATT&CK techniques covering AI supply chain, data pipeline
integrity, model serving security, and third-party AI risk.

Backend: import functions, _import_curated_framework() shared helper,
and POST /compliance/import/iso-27001 + iso-42001 endpoints.
Frontend: API client functions + import buttons in CompliancePage.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-06-03 15:50:54 +02:00

51 KiB

Raw Blame History

View Raw

51 KiB Raw Blame History

51 KiB

Raw Blame History