From 899f11974dd3913139776304178fec4159d7c5db Mon Sep 17 00:00:00 2001 From: sluetze <13255307+sluetze@users.noreply.github.com> Date: Wed, 10 Jan 2024 12:05:34 +0100 Subject: [PATCH] add referencing method --- controls/bsi_app_4_4.yml | 8 +++++++- controls/bsi_sys_1_6.yml | 8 +++++++- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/controls/bsi_app_4_4.yml b/controls/bsi_app_4_4.yml index 31db7b0c88b9..7c2cdcf7c3d8 100644 --- a/controls/bsi_app_4_4.yml +++ b/controls/bsi_app_4_4.yml @@ -1,3 +1,9 @@ +# In BSI Basic Protection are multiple Requirements in one control. +# i.e. there are multiple sentences, some including a RFC2119 keyword +# Since we must increase granularity to create a precise control, +# we number each sentence with a RFC2119 keyword as a section, grouping sentences, which are logically connected. +# we number inline in brackets, so the lookup is easy +# we reference these numbers in comments over each rule or group of rules policy: 'BSI-APP-4-4' title: 'BSI APP.4.4 Kubernetes' id: bsi_app_4_4 @@ -221,7 +227,7 @@ controls: • Regular data backups. notes: >- This requirement needs to be adressed in the respective separate systems. - However, one requirement (Encrypted communication on all network ports) can partitially be + However, one requirement (Encrypted communication on all network ports) can partitially be checked by ensuring that no registry is allowed in over insecure protocols status: partial rules: diff --git a/controls/bsi_sys_1_6.yml b/controls/bsi_sys_1_6.yml index 63fb003af8de..4a76ab766a05 100644 --- a/controls/bsi_sys_1_6.yml +++ b/controls/bsi_sys_1_6.yml @@ -1,3 +1,9 @@ +# In BSI Basic Protection are multiple Requirements in one control. +# i.e. there are multiple sentences, some including a RFC2119 keyword +# Since we must increase granularity to create a precise control, +# we number each sentence with a RFC2119 keyword as a section, grouping sentences, which are logically connected. +# we number inline in brackets, so the lookup is easy +# we reference these numbers in comments over each rule or group of rules policy: 'BSI-SYS-1-6' title: 'SYS.1.6 Containerisation' id: bsi_sys_1_6 @@ -403,4 +409,4 @@ controls: notes: >- ToDo status: manual - #rules: \ No newline at end of file + #rules: