ISO-015
gapISO 27001 Control 015
Severitate 5; lipsesc 3 tipuri de evidenta in esantionul public curent.
PREVIEW PUBLICiso_27001Aliniat: 2026-03-14
ISO 27001 Readiness
A readiness-oriented evidence pack mapped to ISO/IEC 27001:2022 Annex A references, designed for teams that need a concrete baseline before formal audit work.
Aceasta pagina este un wrapper public-sigur peste artefactele reale. Arata forma de review si postura pack-ului curent fara a face public implicit pachetul complet.
Pentru cine este
- Teams preparing for an ISO 27001 programme, internal readiness push, or pre-audit evidence review.
- Operators who need a disciplined control baseline before engaging an external certification body.
- Buyers who want to inspect evidence quality rather than rely on checkbox policy claims.
Civitas preview document
ISO 27001 Readiness
Preview public derivat din pack-ul real. Include sumar de reviewer, controale reprezentative, gap-uri reprezentative si posturi de artefact.
Pack ID: PACK-001
Aliniere publica: 2026-03-14
Sursa publica: Specimen public canonic
Verificare: OK
Controale totale
93
Gap-uri vizibile
93
Claim-uri
2
Verificator
15
Reviewer summary
Structura artefactelor este verificata, dar sample-ul curent ramane gap-heavy: 93 din 93 controale sunt marcate gap in output-ul actual public.
Scope-ul declarat este "Vendor security control assessment", iar out-of-scope-ul declarat este "Penetration testing and red teaming". Acesta este un preview public, nu control matrix-ul complet.
Postura curenta
Structura verificata
Context public: Preview curatoriat peste artefactele reale
Boundary: Pack complet retinut pentru customer delivery
Artefacte sigilate: 6
Model verify: Confirmare locala a pack-ului complet
Controale reprezentative
| ID | Obiectiv | Severitate | Status |
|---|---|---|---|
| ISO-001 | Ensure ISO 27001 control coverage for POLICY/GOVERNANCE/REVIEW with documented ownership and operating cadence. | 1 | gap |
| ISO-002 | Ensure ISO 27001 control coverage for RISK/REGISTER/TREATMENT with documented ownership and operating cadence. | 2 | gap |
| ISO-003 | Ensure ISO 27001 control coverage for ASSET/CLASSIFICATION/OWNERSHIP with documented ownership and operating cadence. | 3 | gap |
Gap-uri reprezentative
ISO-020
gapISO 27001 Control 020
Severitate 5; lipsesc 3 tipuri de evidenta in esantionul public curent.
ISO-040
gapISO 27001 Control 040
Severitate 5; lipsesc 3 tipuri de evidenta in esantionul public curent.
Bloc de artefacte de esantion
Decision preview
HTML/PDF complet exista in pachetul real. Aici expunem doar cover-ul, sumarul si postura de reviewer.
Integritate si verificare
Verifier OK: da; 15 intrari verificate; 6 artefacte sigilate.
Boundary public
Control matrix-ul complet, evidenta completa, runlog-ul complet si pack.zip-ul brut raman in context intern sau customer delivery.
Ce ajuta sa produci
- A structured readiness pack with traceable outputs, public artifacts, and reviewer-facing decisions.
- A high-signal baseline for identifying evidence coverage and readiness gaps before formal assessment.
- A deterministic artifact path that can be shared across leadership, audit, and customer-facing review.
Ce acopera la nivel inalt
- Governance, policy, and accountability signals aligned to Annex A themes.
- Asset, access, operations, supplier, and incident-readiness control areas.
- Business continuity, backup, monitoring, and change-discipline evidence paths.
Ce nu revendica
- ISO certification, auditor sign-off, or a substitute for formal audit scope.
- Complete conformity without the organisation's full ISMS and external assessment context.
Artefacte complete in customer delivery
DecisionPack.html
Browser-readable decision surface for reviewer inspection.
DecisionPack.pdf
Print-ready decision pack for procurement, audit, and leadership review.
DecisionPack.manifest.json
Artifact manifest and pack metadata for traceability.
DecisionPack.seal.json
Deterministic seal metadata for integrity review.
pack.zip
Pack archive delivered for local inspection and replay.
verify.json
Verifier output expected to resolve to a passing state on a valid public pack.
SHA256.txt
Checksums for reviewer-side integrity confirmation.
Aceste artefacte raman reale si neschimbate. Diferenta este doar de expunere publica: preview-ul este implicit, nu dump-ul complet.
CTA relevante
Preview-ul public demonstreaza forma reala a produsului. Pachetul complet, mapping-ul complet si livrarea completa raman disponibile in contextul de customer delivery sau demo controlat.