Add support for CSA CAIQ

intuitem / ciso-assistant-community

CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec and Audit Management and supporting +57 frameworks worldwide with auto-mapping: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS2, CMMC, PSPF, GDPR, HIPAA, Essential Eight, NYDFS-500, DORA, NIST AI RMF, 800-53, 800-171, CyFun, CJIS, AirCyber, NCSC, ECC, SCF and so much more

https://intuitem.com

Other

1.08k stars 139 forks source link

Add support for CSA CAIQ #555

Closed cota44ur closed 3 months ago

cota44ur commented 3 months ago

Hi,

I would like to add to CISO Assistant librairies 2 new framworks : CCM and CAIQ from CSA.

Both .XLS et YAML files are available on CSA web site : https://cloudsecurityalliance.org/research/cloud-controls-matrix

Is it possible to add these 2 new frameworks in the next release ?
How is it possible to add custom frameworks (that would not necessarily interest the community) ?

Thank you for your great job ;-)

ab-smith commented 3 months ago

Hello, thank you for the feedback, the CCM is actually supported but with an extra manual action given the license restriction, checkout the instructions on tools folder; we can do the same for CAIQ

ab-smith commented 3 months ago

We've added the the CAIQ part as annotation over the CCM to avoid duplication :)