Identitate si scope
Titlu, pack identity, short scope statement si context de reviewer.
Proof layer
Preview-uri curate arata cover-ul, sumarul de reviewer, postura de verificare, controale reprezentative, gap-uri reprezentative si blocuri de artefacte. Mapping-ul complet si output-ul brut raman in pack-ul complet.
Titlu, pack identity, short scope statement si context de reviewer.
Verify status, sealed artifact posture si sumar de controale, fara dump-ul complet al fisierelor brute.
2-3 controale si 2-3 gap-uri extrase din output-ul real pentru a demonstra forma de review.
Control matrix complet, full evidence trace, runlog-ul complet si pack.zip-ul brut nu mai sunt surfetele publice implicite.
Fiecare pagina de biblioteca este acum un preview wrapper public-sigur peste pack-ul real. Valorile de mai jos sunt derivate din artefactele actuale, nu redactate separat.
CIS Controls v8 family-level mapping
An evidence-first pack for third-party and supplier security review, built to show baseline control posture without relying on sales claims.
ISO/IEC 27001:2022 Annex A references
A readiness-oriented evidence pack mapped to ISO/IEC 27001:2022 Annex A references, designed for teams that need a concrete baseline before formal audit work.
AICPA TSC CC1-CC9 spine
A readiness pack for organisations that need to show disciplined trust-service control evidence before any formal SOC examination.
NIST CSF 1.1 subcategory IDs
A cross-functional readiness pack aligned to NIST CSF 1.1 style categories, built for teams that need an inspectable security-baseline narrative rather than a generic maturity slide.
DFIR lifecycle phases + NIST RS/RC crosswalk
A readiness pack for incident response and recovery review, focused on whether evidence exists for disciplined response rather than whether a team can improvise under stress.
Acesta este modelul public-sigur pe care il folosim pentru a arata forma unui reviewer artifact fara a expune pack-ul complet.
Civitas public proof preview
Cover, sumar, postura de verificare, controale reprezentative si gap-uri reprezentative extrase din output-ul real.
| ID | Obiectiv | Status |
|---|---|---|
| VS-001 | Ensure Vendor Security control coverage for IDENTITY/ACCESS/MFA with documented ownership and operating cadence. | gap |
| VS-002 | Ensure Vendor Security control coverage for PRIVILEGED/REVIEW/ACCESS with documented ownership and operating cadence. | gap |
| VS-003 | Ensure Vendor Security control coverage for LOGGING/MONITORING/RETENTION with documented ownership and operating cadence. | gap |
Severitate 5; lipsesc 3 tipuri de evidenta in esantionul actual public.
Severitate 5; lipsesc 3 tipuri de evidenta in esantionul actual public.
Severitate 5; lipsesc 3 tipuri de evidenta in esantionul actual public.
Suprafata publica arata cover-ul, sumarul si starea de reviewer. DecisionPack.html si PDF complete raman in contextul pack-ului complet.
Verifier OK: da; 15 intrari verificate; 6 artefacte sigilate.
Preview-ul public este aliniat la starea canonica din martie 2026; metadatele interne ale specimenului brut sunt ascunse pe suprafata publica.
Pack-ul complet contine mapping-ul complet, full evidence trace si output-urile finale. Acestea nu sunt expuse implicit pe suprafata publica.
Artefactele specimenului sintetic raman neschimbate pentru verificare interna si repetitia livrarii. Ele sunt sumarizate aici, nu expuse ca suprafata publica implicita.
Browser-readable decision surface for reviewer inspection.
Specimen complet / repetitie controlata
Print-ready decision pack for procurement, audit, and leadership review.
Specimen complet / repetitie controlata
Artifact manifest and pack metadata for traceability.
Specimen complet / repetitie controlata
Deterministic seal metadata for integrity review.
Specimen complet / repetitie controlata
Pack archive delivered for local inspection and replay.
Specimen complet / repetitie controlata
Verifier output expected to resolve to a passing state on a valid public pack.
Specimen complet / repetitie controlata
Checksums for reviewer-side integrity confirmation.
Specimen complet / repetitie controlata
Preview-ul public nu elimina verificarea; doar nu mai face din pack.zip, verify.json si SHA256.txt prima experienta pentru publicul rece. Verificarea locala ramane ancorata in specimenul complet si in workflow-ul intern de repetitie.