nis2-agile

AdminGit2026/nis2-agile

Fork 0

Commit Graph

Author	SHA1	Message	Date
DevEnv nis2-agile	ea2a291325	[FEAT] Gap Analysis ACN: assessment misure/requisiti Det. 164179/2025 (backend) Assessment di SECONDO LIVELLO sulla Determinazione ACN 164179/2025 (non le 10 lettere generiche Art.21, gia coperte). Distingue soggetti importanti/essenziali: - IMPORTANTI (All.1): 37 misure, 87 requisiti - ESSENZIALI (All.2): 43 misure, 116 requisiti - application/data/acn_measures.json: dataset canonico estratto dai testi UFFICIALI ACN (Allegati 1+2), testi requisiti INTEGRALI (no troncamenti), flag per-requisito importante/essenziale. Validato 37/87 + 43/116, zero discrepanze vs codici di riferimento. - AcnAssessmentController: catalog/list/create/get/requirements/respond/complete/ report/aiAnalyze. Pre-popola requisiti applicabili per entity_level, scoring per funzione FW (GOVERN/IDENTIFY/PROTECT/DETECT/RESPOND/RECOVER), grounding AI sui 203 requisiti ACN gia in KB. Anti-IDOR, snapshot testo immutabile. - Migrazione 036: acn_assessments + acn_assessment_responses (APPLICATA su host). - Router: acn-gap controllerMap + actionMap. Origine: finding revisore (la Gap Analysis Art.21 non e l'autovalutazione ACN). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>	2026-06-01 08:02:59 +02:00
Cristiano Benassati	ae78a2f7f4	[CORE] Initial project scaffold - NIS2 Agile Compliance Platform Complete MVP implementation including: - PHP 8.4 backend with Front Controller pattern (80+ API endpoints) - Multi-tenant architecture with organization_id isolation - JWT authentication (HS256, 2h access + 7d refresh tokens) - 14 controllers: Auth, Organization, Assessment, Dashboard, Risk, Incident, Policy, SupplyChain, Training, Asset, Audit, Admin - AI Service integration (Anthropic Claude API) for gap analysis, risk suggestions, policy generation, incident classification - NIS2 gap analysis questionnaire (~80 questions, 10 categories) - MySQL schema (20 tables) with NIS2 Art. 21 compliance controls - NIS2 Art. 23 incident reporting workflow (24h/72h/30d) - Frontend: login, register, dashboard, assessment wizard, org setup - Docker configuration (PHP-FPM + Nginx + MySQL) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-17 17:50:18 +01:00

Author

SHA1

Message

Date

DevEnv nis2-agile

ea2a291325

[FEAT] Gap Analysis ACN: assessment misure/requisiti Det. 164179/2025 (backend)

Assessment di SECONDO LIVELLO sulla Determinazione ACN 164179/2025 (non le 10
lettere generiche Art.21, gia coperte). Distingue soggetti importanti/essenziali:
- IMPORTANTI (All.1): 37 misure, 87 requisiti
- ESSENZIALI (All.2): 43 misure, 116 requisiti

- application/data/acn_measures.json: dataset canonico estratto dai testi
  UFFICIALI ACN (Allegati 1+2), testi requisiti INTEGRALI (no troncamenti),
  flag per-requisito importante/essenziale. Validato 37/87 + 43/116, zero
  discrepanze vs codici di riferimento.
- AcnAssessmentController: catalog/list/create/get/requirements/respond/complete/
  report/aiAnalyze. Pre-popola requisiti applicabili per entity_level, scoring
  per funzione FW (GOVERN/IDENTIFY/PROTECT/DETECT/RESPOND/RECOVER), grounding AI
  sui 203 requisiti ACN gia in KB. Anti-IDOR, snapshot testo immutabile.
- Migrazione 036: acn_assessments + acn_assessment_responses (APPLICATA su host).
- Router: acn-gap controllerMap + actionMap.

Origine: finding revisore (la Gap Analysis Art.21 non e l'autovalutazione ACN).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

2026-06-01 08:02:59 +02:00

Cristiano Benassati

ae78a2f7f4

[CORE] Initial project scaffold - NIS2 Agile Compliance Platform

Complete MVP implementation including:
- PHP 8.4 backend with Front Controller pattern (80+ API endpoints)
- Multi-tenant architecture with organization_id isolation
- JWT authentication (HS256, 2h access + 7d refresh tokens)
- 14 controllers: Auth, Organization, Assessment, Dashboard, Risk,
  Incident, Policy, SupplyChain, Training, Asset, Audit, Admin
- AI Service integration (Anthropic Claude API) for gap analysis,
  risk suggestions, policy generation, incident classification
- NIS2 gap analysis questionnaire (~80 questions, 10 categories)
- MySQL schema (20 tables) with NIS2 Art. 21 compliance controls
- NIS2 Art. 23 incident reporting workflow (24h/72h/30d)
- Frontend: login, register, dashboard, assessment wizard, org setup
- Docker configuration (PHP-FPM + Nginx + MySQL)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-17 17:50:18 +01:00

2 Commits