AdminGit2026/nis2-agile
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
634c3bfc87
nis2-agile/docs/sql/021_incident_nis2_taxonomy.sql
DevEnv nis2-agile 5c545ea3d0 [FEAT] Integrazione analisi docs/nis2 v1.7.0 — scoring asset, tassonomia incidenti, PIR, NIST CSF, fonti certe 
Fase 1 - Asset Relevance Scoring NIS2 (GV.OC-04): metodologia 0-100 a 6 criteri,
  AssetScoringService + endpoint scoringGrid/score/relevantSystems + UI assets.html + registro stampabile.
Fase 2 - Tassonomia incidenti Determina ACN 164179/2025: IS-1..4 + regime essenziale/importante (Allegati 3/4).
Fase 3 - Post-Incident Review (5-Whys) + metriche TTD/TTC/TTR + timestamp di fase.
Fase 4 - Mapping NIST CSF 2.0 (43 controlli) reference-only.
Fonti certe: registry config/nis2_sources.php + grounding AI (vieta riferimenti inventati) +
  citazioni help.js + ingest PDF normativi nella KB RAG (scripts/ingest-nis2-sources.php).
Migrazioni 020/021/022 (additive idempotenti). Fix VectorService IP Qdrant (drift .5->.3).
Analisi concorrenza Evix (docs/EVIX_ANALISI_CONCORRENZA.html, gap-driven).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-05-29 17:15:13 +02:00

37 lines
1.8 KiB
SQL
Raw Blame History

-- ============================================================================
-- Migration 021 - Tassonomia Incidenti NIS2 (Determina ACN 164179/2025)
-- ----------------------------------------------------------------------------
-- Aggiunge alla tabella incidents:
-- - nis2_incident_type: tipologia incidente significativo IS-1/IS-2/IS-3/IS-4
-- (Determinazione ACN n. 164179 del 14/04/2025, Allegati 3 e 4).
-- - entity_obligation: regime di obblighi applicabile (essential=Allegato 3,
-- important=Allegato 4). I soggetti importanti NON sono tenuti all'IS-4
-- (incidenti ricorrenti).
--
-- Fonte: D.Lgs. 138/2024 art. 23 + Determina ACN 164179/2025.
-- Idempotente via information_schema. Rilanciabile.
-- mysql -h localhost nis2_agile_db -e "source docs/sql/021_incident_nis2_taxonomy.sql"
-- ============================================================================
DELIMITER //
DROP PROCEDURE IF EXISTS _mig021_add_col //
CREATE PROCEDURE _mig021_add_col(IN col VARCHAR(64), IN ddl TEXT)
BEGIN
IF NOT EXISTS (
SELECT 1 FROM information_schema.COLUMNS
WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = 'incidents' AND COLUMN_NAME = col
) THEN
SET @sql = CONCAT('ALTER TABLE incidents ADD COLUMN ', ddl);
PREPARE st FROM @sql; EXECUTE st; DEALLOCATE PREPARE st;
END IF;
END //
DELIMITER ;
CALL _mig021_add_col('nis2_incident_type', "nis2_incident_type ENUM('IS-1','IS-2','IS-3','IS-4') NULL COMMENT 'Tipologia incidente significativo - Determina ACN 164179/2025'");
CALL _mig021_add_col('entity_obligation', "entity_obligation ENUM('essential','important') NULL COMMENT 'Regime obblighi: essential=Allegato 3, important=Allegato 4'");
DROP PROCEDURE IF EXISTS _mig021_add_col;
-- ROLLBACK:
-- ALTER TABLE incidents DROP COLUMN nis2_incident_type, DROP COLUMN entity_obligation;
Reference in New Issue View Git Blame Copy Permalink