AdminGit2026/nis2-agile
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6a573117f7
nis2-agile/docs/nis2/assets.html
DevEnv nis2-agile 5c545ea3d0 [FEAT] Integrazione analisi docs/nis2 v1.7.0 — scoring asset, tassonomia incidenti, PIR, NIST CSF, fonti certe 
Fase 1 - Asset Relevance Scoring NIS2 (GV.OC-04): metodologia 0-100 a 6 criteri,
  AssetScoringService + endpoint scoringGrid/score/relevantSystems + UI assets.html + registro stampabile.
Fase 2 - Tassonomia incidenti Determina ACN 164179/2025: IS-1..4 + regime essenziale/importante (Allegati 3/4).
Fase 3 - Post-Incident Review (5-Whys) + metriche TTD/TTC/TTR + timestamp di fase.
Fase 4 - Mapping NIST CSF 2.0 (43 controlli) reference-only.
Fonti certe: registry config/nis2_sources.php + grounding AI (vieta riferimenti inventati) +
  citazioni help.js + ingest PDF normativi nella KB RAG (scripts/ingest-nis2-sources.php).
Migrazioni 020/021/022 (additive idempotenti). Fix VectorService IP Qdrant (drift .5->.3).
Analisi concorrenza Evix (docs/EVIX_ANALISI_CONCORRENZA.html, gap-driven).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-05-29 17:15:13 +02:00

2016 lines
90 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html lang="it">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Inventario Asset - NIS2 Management System</title>
<style>
:root {
--bg-primary: #0d1117;
--bg-secondary: #161b22;
--bg-tertiary: #1c2128;
--border-color: #30363d;
--text-primary: #c9d1d9;
--text-secondary: #8b949e;
--accent-primary: #58a6ff;
--accent-secondary: #1f6feb;
--success: #3fb950;
--warning: #d29922;
--danger: #f85149;
--essential-bg: #fef3c7;
--essential-text: #92400e;
--essential-border: #f59e0b;
--calc-highlight: #2d1b69;
}
* {
margin: 0;
padding: 0;
box-sizing: border-box;
}
body {
font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', 'Noto Sans', Helvetica, Arial, sans-serif;
background-color: var(--bg-primary);
color: var(--text-primary);
line-height: 1.6;
overflow-y: auto;
overflow-x: hidden;
}
.container {
max-width: 1800px;
margin: 0 auto;
padding: 20px;
}
/* Header */
.header {
background-color: var(--bg-secondary);
border-bottom: 1px solid var(--border-color);
padding: 24px 0;
margin-bottom: 32px;
position: sticky;
top: 0;
z-index: 100;
}
.header-content {
max-width: 1800px;
margin: 0 auto;
padding: 0 20px;
display: flex;
justify-content: space-between;
align-items: center;
}
.header h1 {
font-size: 24px;
font-weight: 600;
color: var(--text-primary);
}
.breadcrumb {
font-size: 13px;
color: var(--text-secondary);
}
.breadcrumb a {
color: var(--accent-primary);
text-decoration: none;
}
.breadcrumb a:hover {
text-decoration: underline;
}
/* Tabs */
.tabs {
display: flex;
gap: 8px;
margin-bottom: 24px;
border-bottom: 1px solid var(--border-color);
padding-bottom: 0;
flex-wrap: wrap;
}
.tab {
padding: 12px 16px;
background: transparent;
border: none;
color: var(--text-secondary);
cursor: pointer;
font-size: 14px;
font-weight: 500;
border-bottom: 2px solid transparent;
transition: all 0.2s;
}
.tab:hover {
color: var(--text-primary);
background-color: var(--bg-tertiary);
}
.tab.active {
color: var(--accent-primary);
border-bottom-color: var(--accent-primary);
}
/* Section */
.section {
background-color: var(--bg-secondary);
border: 1px solid var(--border-color);
border-radius: 6px;
padding: 24px;
margin-bottom: 24px;
display: none;
}
.section.active {
display: block;
}
.section-header {
display: flex;
justify-content: space-between;
align-items: center;
margin-bottom: 24px;
padding-bottom: 16px;
border-bottom: 1px solid var(--border-color);
}
.section-title {
font-size: 18px;
font-weight: 600;
color: var(--text-primary);
display: flex;
align-items: center;
gap: 8px;
}
.section-actions {
display: flex;
gap: 8px;
}
.btn {
padding: 8px 16px;
background-color: var(--bg-tertiary);
border: 1px solid var(--border-color);
border-radius: 6px;
color: var(--text-primary);
font-size: 13px;
font-weight: 500;
cursor: pointer;
transition: all 0.2s;
}
.btn:hover {
background-color: var(--bg-tertiary);
border-color: var(--border-color);
}
.btn-primary {
background-color: var(--bg-tertiary);
border-color: var(--border-color);
color: var(--text-primary);
}
.btn-primary:hover {
background-color: var(--bg-tertiary);
border-color: var(--border-color);
}
/* Bottoni con azioni interattive - colore viola */
.btn-interactive {
color: #a78bfa;
font-weight: 600;
}
.btn-interactive:hover {
color: #c4b5fd;
background-color: rgba(167, 139, 250, 0.1);
border-color: #a78bfa;
}
/* Help Icon */
.help-icon {
display: inline-flex;
align-items: center;
justify-content: center;
width: 22px;
height: 22px;
background-color: rgba(167, 139, 250, 0.2);
border: 2px solid #a78bfa;
border-radius: 50%;
font-size: 13px;
font-weight: 700;
color: #a78bfa;
cursor: help;
position: relative;
margin-left: 6px;
}
.help-icon:hover {
background-color: rgba(167, 139, 250, 0.3);
color: #c4b5fd;
border-color: #c4b5fd;
transform: scale(1.1);
}
.tooltip {
visibility: hidden;
position: absolute;
z-index: 1000;
background-color: var(--bg-tertiary);
color: var(--text-primary);
padding: 12px;
border-radius: 6px;
border: 1px solid var(--border-color);
box-shadow: 0 8px 24px rgba(0, 0, 0, 0.5);
width: 320px;
top: 28px;
left: 50%;
transform: translateX(-50%);
font-size: 12px;
line-height: 1.5;
opacity: 0;
transition: opacity 0.2s;
white-space: normal;
}
.tooltip::before {
content: '';
position: absolute;
top: -6px;
left: 50%;
transform: translateX(-50%);
border-left: 6px solid transparent;
border-right: 6px solid transparent;
border-bottom: 6px solid var(--border-color);
}
.tooltip-title {
color: var(--accent-primary);
font-weight: 600;
margin-bottom: 8px;
font-size: 11px;
text-transform: uppercase;
letter-spacing: 0.5px;
}
.help-icon:hover .tooltip {
visibility: visible;
opacity: 1;
}
/* Table */
.table-container {
overflow-x: auto;
margin-top: 16px;
}
table {
width: 100%;
border-collapse: collapse;
font-size: 13px;
}
th {
background-color: var(--bg-tertiary);
color: var(--text-secondary);
font-weight: 600;
text-align: left;
padding: 12px;
border: 1px solid var(--border-color);
text-transform: uppercase;
font-size: 11px;
letter-spacing: 0.5px;
}
td {
padding: 12px;
border: 1px solid var(--border-color);
color: var(--text-primary);
}
tr:hover {
background-color: var(--bg-tertiary);
}
.cell-calculated {
font-weight: 600;
}
.cell-critical {
color: var(--danger);
font-weight: 600;
}
.cell-high {
color: var(--warning);
font-weight: 600;
}
.cell-medium {
color: var(--success);
font-weight: 600;
}
/* Essential Badge */
.essential-badge {
display: inline-block;
background-color: var(--essential-bg);
color: var(--essential-text);
padding: 4px 8px;
border-radius: 3px;
font-size: 10px;
font-weight: 700;
text-transform: uppercase;
letter-spacing: 0.5px;
border: 1px solid var(--essential-border);
margin-left: 8px;
transform: rotate(-1deg);
box-shadow: 0 2px 4px rgba(0, 0, 0, 0.3);
}
/* Status Badge */
.status-badge {
display: inline-block;
padding: 4px 8px;
border-radius: 3px;
font-size: 11px;
font-weight: 600;
text-transform: uppercase;
}
.status-relevant {
background-color: rgba(63, 185, 80, 0.2);
color: var(--success);
border: 1px solid var(--success);
}
.status-not-relevant {
background-color: rgba(139, 148, 158, 0.2);
color: var(--text-secondary);
border: 1px solid var(--border-color);
}
.status-operational {
background-color: rgba(63, 185, 80, 0.2);
color: var(--success);
}
.status-maintenance {
background-color: rgba(210, 153, 34, 0.2);
color: var(--warning);
}
.status-dismissed {
background-color: rgba(248, 81, 73, 0.2);
color: var(--danger);
}
/* Info Box */
.info-box {
background-color: var(--bg-tertiary);
border: 1px solid var(--border-color);
border-left: 3px solid var(--accent-primary);
padding: 16px;
border-radius: 6px;
margin-bottom: 16px;
}
.info-box-title {
font-weight: 600;
color: var(--accent-primary);
margin-bottom: 8px;
font-size: 14px;
}
.info-box-content {
font-size: 13px;
color: var(--text-secondary);
line-height: 1.6;
}
/* Scoring Grid */
.scoring-grid {
display: grid;
grid-template-columns: repeat(auto-fit, minmax(300px, 1fr));
gap: 16px;
margin-top: 16px;
}
.scoring-card {
background-color: var(--bg-tertiary);
border: 1px solid var(--border-color);
border-radius: 6px;
padding: 16px;
}
.scoring-card-header {
font-weight: 600;
color: var(--text-primary);
margin-bottom: 12px;
font-size: 14px;
display: flex;
justify-content: space-between;
align-items: center;
}
.scoring-card-points {
color: var(--accent-primary);
font-size: 18px;
font-weight: 700;
}
.scoring-card-content {
font-size: 12px;
color: var(--text-secondary);
line-height: 1.5;
}
.scoring-levels {
margin-top: 12px;
}
.scoring-level {
display: flex;
justify-content: space-between;
padding: 6px 0;
border-bottom: 1px solid var(--border-color);
font-size: 12px;
}
.scoring-level:last-child {
border-bottom: none;
}
.scoring-level-name {
color: var(--text-primary);
}
.scoring-level-points {
color: var(--accent-primary);
font-weight: 600;
}
/* Document Link */
.doc-link {
display: inline-flex;
align-items: center;
gap: 8px;
padding: 8px 12px;
background-color: var(--bg-tertiary);
border: 1px solid var(--border-color);
border-radius: 6px;
color: #a78bfa;
text-decoration: none;
font-size: 13px;
font-weight: 600;
transition: all 0.2s;
}
.doc-link:hover {
background-color: rgba(167, 139, 250, 0.1);
border-color: #a78bfa;
color: #c4b5fd;
}
/* Filter Bar */
.filter-bar {
display: flex;
gap: 12px;
margin-bottom: 16px;
flex-wrap: wrap;
align-items: center;
}
.filter-group {
display: flex;
align-items: center;
gap: 8px;
}
.filter-label {
font-size: 13px;
color: var(--text-secondary);
font-weight: 500;
}
select, input[type="text"], input[type="search"] {
padding: 8px 12px;
background-color: var(--bg-tertiary);
border: 1px solid var(--border-color);
border-radius: 6px;
color: var(--text-primary);
font-size: 13px;
}
select:focus, input:focus {
outline: none;
border-color: var(--accent-primary);
}
/* Stats Cards */
.stats-row {
display: grid;
grid-template-columns: repeat(auto-fit, minmax(200px, 1fr));
gap: 16px;
margin-bottom: 24px;
}
.stat-card {
background-color: var(--bg-tertiary);
border: 1px solid var(--border-color);
border-radius: 6px;
padding: 16px;
}
.stat-label {
font-size: 12px;
color: var(--text-secondary);
text-transform: uppercase;
letter-spacing: 0.5px;
margin-bottom: 8px;
}
.stat-value {
font-size: 28px;
font-weight: 700;
color: var(--text-primary);
}
.stat-change {
font-size: 12px;
margin-top: 4px;
}
.stat-change.positive {
color: var(--success);
}
.stat-change.negative {
color: var(--danger);
}
/* Responsive */
@media (max-width: 768px) {
.header-content {
flex-direction: column;
align-items: flex-start;
gap: 12px;
}
.tabs {
overflow-x: auto;
flex-wrap: nowrap;
}
.filter-bar {
flex-direction: column;
align-items: stretch;
}
.stats-row {
grid-template-columns: 1fr;
}
.scoring-grid {
grid-template-columns: 1fr;
}
}
</style>
</head>
<body>
<div class="header">
<div class="header-content">
<div>
<h1>Inventario Asset e Sistemi Rilevanti</h1>
<div class="breadcrumb">
<a href="dashboard.html">Dashboard</a> / Org.01 - Inventario Asset
</div>
</div>
<div class="section-actions">
<button class="btn btn-interactive" onclick="exportData()">Esporta</button>
<button class="btn btn-primary" onclick="addAsset()">+ Nuovo Asset</button>
</div>
</div>
</div>
<div class="container">
<!-- Statistics -->
<div class="stats-row">
<div class="stat-card">
<div class="stat-label">Asset Totali</div>
<div class="stat-value">247</div>
<div class="stat-change positive">+12 ultimo mese</div>
</div>
<div class="stat-card">
<div class="stat-label">Sistemi Rilevanti NIS2</div>
<div class="stat-value">38</div>
<div class="stat-change">15.4% del totale</div>
</div>
<div class="stat-card">
<div class="stat-label">Asset Critici (≥80)</div>
<div class="stat-value">12</div>
<div class="stat-change positive">100% protetti</div>
</div>
<div class="stat-card">
<div class="stat-label">Copertura Inventario</div>
<div class="stat-value">98.5%</div>
<div class="stat-change positive">Target: ≥98%</div>
</div>
<div class="stat-card">
<div class="stat-label">Accuratezza Dati</div>
<div class="stat-value">96.2%</div>
<div class="stat-change positive">Target: ≥95%</div>
</div>
<div class="stat-card">
<div class="stat-label">Aggiornamento</div>
<div class="stat-value">100%</div>
<div class="stat-change positive">Ultimi 90gg</div>
</div>
</div>
<!-- Info Box -->
<div class="info-box">
<div class="info-box-title">Requisiti NIS2 Coperti</div>
<div class="info-box-content">
<strong>ID.AM-01</strong> Inventario asset fisici |
<strong>ID.AM-02</strong> Inventario software e sistemi |
<strong>ID.AM-03</strong> Diagrammi flussi dati <span class="essential-badge">SOLO ESSENZIALI</span> |
<strong>ID.AM-04</strong> Catalogo servizi |
<strong>GV.OC-04</strong> Elenco sistemi rilevanti
</div>
</div>
<!-- Tabs -->
<div class="tabs">
<button class="tab active" onclick="showTab('hardware')">Asset Hardware</button>
<button class="tab" onclick="showTab('software')">Asset Software</button>
<button class="tab" onclick="showTab('cloud')">Servizi Cloud</button>
<button class="tab" onclick="showTab('network')">Diagrammi Rete <span class="essential-badge">ESSENZIALI</span></button>
<button class="tab" onclick="showTab('services')">Catalogo Servizi</button>
<button class="tab" onclick="showTab('relevant')">Sistemi Rilevanti</button>
<button class="tab" onclick="showTab('scoring')">Griglia Valutazione</button>
</div>
<!-- Hardware Section -->
<div class="section active" id="section-hardware">
<div class="section-header">
<div class="section-title">
Inventario Asset Hardware (ID.AM-01)
<span class="help-icon">?
<div class="tooltip">
<div class="tooltip-title">HELP DELLA SEZIONE</div>
Censimento completo di tutti gli asset fisici: server, dispositivi di rete, endpoint, dispositivi speciali. Per ogni asset sono richiesti metadati completi incluso il campo RILEVANZA NIS2 obbligatorio con punteggio calcolato secondo griglia di valutazione.
</div>
</span>
</div>
</div>
<div class="filter-bar">
<div class="filter-group">
<span class="filter-label">Categoria:</span>
<select>
<option>Tutte</option>
<option>Server e Infrastruttura</option>
<option>Dispositivi di Rete</option>
<option>Endpoint</option>
<option>Dispositivi Speciali</option>
</select>
</div>
<div class="filter-group">
<span class="filter-label">Rilevanza NIS2:</span>
<select>
<option>Tutti</option>
<option>SI - Rilevanti</option>
<option>NO - Non Rilevanti</option>
</select>
</div>
<div class="filter-group">
<span class="filter-label">Criticità:</span>
<select>
<option>Tutte</option>
<option>Critico (≥80)</option>
<option>Alto (60-79)</option>
<option>Medio (40-59)</option>
<option>Basso (<40)</option>
</select>
</div>
<div class="filter-group">
<span class="filter-label">Cerca:</span>
<input type="search" placeholder="Codice, nome, IP...">
</div>
</div>
<div class="table-container">
<table>
<thead>
<tr>
<th>Codice</th>
<th>Tipo Asset</th>
<th>Nome/Descrizione</th>
<th>Marca/Modello</th>
<th>IP Address</th>
<th>Ubicazione</th>
<th>Responsabile</th>
<th>Criticità</th>
<th>Rilevanza NIS2</th>
<th>Punteggio
<span class="help-icon">?
<div class="tooltip">
<div class="tooltip-title">CALCOLO</div>
Punteggio = Somma(Criteri 1-6)<br>
Criterio 1: Criticità Operativa (0-25)<br>
Criterio 2: Impatto Interruzione (0-25)<br>
Criterio 3: Dati Trattati (0-20)<br>
Criterio 4: Dipendenze (0-15)<br>
Criterio 5: Esposizione (0-10)<br>
Criterio 6: Obblighi Normativi (0-5)<br>
Max: 100 punti<br>
Soglia Rilevanza: ≥40
</div>
</span>
</th>
<th>Stato</th>
<th>Azioni</th>
</tr>
</thead>
<tbody>
<tr>
<td>HW-SRV-001</td>
<td>Server Fisico</td>
<td>ERP-PROD-01 - Server ERP Principale</td>
<td>Dell PowerEdge R750</td>
<td>10.10.1.10</td>
<td>DC-Milano-Rack-A12</td>
<td>M. Rossi</td>
<td><span class="cell-critical">Critico</span></td>
<td><span class="status-badge status-relevant">SI</span></td>
<td class="cell-calculated">91
<span class="help-icon">?
<div class="tooltip">
<div class="tooltip-title">CALCOLO</div>
Criticità Operativa: 25<br>
Impatto Interruzione: 25<br>
Dati Trattati: 15<br>
Dipendenze: 15<br>
Esposizione: 8<br>
Obblighi Normativi: 3<br>
<strong>TOTALE: 91</strong>
</div>
</span>
</td>
<td><span class="status-badge status-operational">Operativo</span></td>
<td><button class="btn btn-interactive" onclick="viewDetails('HW-SRV-001')">Dettagli</button></td>
</tr>
<tr>
<td>HW-NET-015</td>
<td>Firewall</td>
<td>FW-PERIMETRALE-01</td>
<td>Fortinet FortiGate 600E</td>
<td>10.10.0.1</td>
<td>DC-Milano-Rack-A01</td>
<td>L. Bianchi</td>
<td><span class="cell-critical">Critico</span></td>
<td><span class="status-badge status-relevant">SI</span></td>
<td class="cell-calculated">88
<span class="help-icon">?
<div class="tooltip">
<div class="tooltip-title">CALCOLO</div>
Criticità Operativa: 25<br>
Impatto Interruzione: 25<br>
Dati Trattati: 10<br>
Dipendenze: 15<br>
Esposizione: 10<br>
Obblighi Normativi: 3<br>
<strong>TOTALE: 88</strong>
</div>
</span>
</td>
<td><span class="status-badge status-operational">Operativo</span></td>
<td><button class="btn btn-interactive" onclick="viewDetails('HW-NET-015')">Dettagli</button></td>
</tr>
<tr>
<td>HW-SRV-023</td>
<td>Server Virtuale</td>
<td>WEB-APP-PROD-01</td>
<td>VMware VM</td>
<td>10.10.2.45</td>
<td>Cluster-VMware-01</td>
<td>G. Verdi</td>
<td><span class="cell-high">Alto</span></td>
<td><span class="status-badge status-relevant">SI</span></td>
<td class="cell-calculated">72
<span class="help-icon">?
<div class="tooltip">
<div class="tooltip-title">CALCOLO</div>
Criticità Operativa: 20<br>
Impatto Interruzione: 20<br>
Dati Trattati: 15<br>
Dipendenze: 9<br>
Esposizione: 8<br>
Obblighi Normativi: 0<br>
<strong>TOTALE: 72</strong>
</div>
</span>
</td>
<td><span class="status-badge status-operational">Operativo</span></td>
<td><button class="btn btn-interactive" onclick="viewDetails('HW-SRV-023')">Dettagli</button></td>
</tr>
<tr>
<td>HW-END-156</td>
<td>Laptop</td>
<td>Laptop CEO</td>
<td>Dell Latitude 7420</td>
<td>DHCP</td>
<td>Ufficio Direzione</td>
<td>CEO</td>
<td><span class="cell-medium">Medio</span></td>
<td><span class="status-badge status-relevant">SI</span></td>
<td class="cell-calculated">52
<span class="help-icon">?
<div class="tooltip">
<div class="tooltip-title">CALCOLO</div>
Criticità Operativa: 15<br>
Impatto Interruzione: 10<br>
Dati Trattati: 15<br>
Dipendenze: 0<br>
Esposizione: 10<br>
Obblighi Normativi: 2<br>
<strong>TOTALE: 52</strong>
</div>
</span>
</td>
<td><span class="status-badge status-operational">Operativo</span></td>
<td><button class="btn btn-interactive" onclick="viewDetails('HW-END-156')">Dettagli</button></td>
</tr>
<tr>
<td>HW-END-234</td>
<td>Desktop</td>
<td>Workstation Ufficio</td>
<td>HP EliteDesk 800</td>
<td>10.20.5.87</td>
<td>Ufficio Piano 2</td>
<td>Dipendente Amm.</td>
<td>Basso</td>
<td><span class="status-badge status-not-relevant">NO</span></td>
<td>28</td>
<td><span class="status-badge status-operational">Operativo</span></td>
<td><button class="btn btn-interactive" onclick="viewDetails('HW-END-234')">Dettagli</button></td>
</tr>
</tbody>
</table>
</div>
</div>
<!-- Software Section -->
<div class="section" id="section-software">
<div class="section-header">
<div class="section-title">
Inventario Asset Software e Sistemi (ID.AM-02)
<span class="help-icon">?
<div class="tooltip">
<div class="tooltip-title">HELP DELLA SEZIONE</div>
Catalogo completo di software, applicazioni e sistemi operativi. Include licenze, versioni, responsabili e valutazione rilevanza NIS2. Particolare attenzione a sistemi business-critical e applicazioni di sicurezza (SIEM obbligatorio per soggetti essenziali).
</div>
</span>
</div>
</div>
<div class="filter-bar">
<div class="filter-group">
<span class="filter-label">Categoria:</span>
<select>
<option>Tutte</option>
<option>Sistemi Operativi</option>
<option>Applicazioni Business-Critical</option>
<option>Applicazioni Sicurezza</option>
<option>Strumenti Sviluppo</option>
</select>
</div>
<div class="filter-group">
<span class="filter-label">Rilevanza NIS2:</span>
<select>
<option>Tutti</option>
<option>SI - Rilevanti</option>
<option>NO - Non Rilevanti</option>
</select>
</div>
</div>
<div class="table-container">
<table>
<thead>
<tr>
<th>Codice</th>
<th>Nome Applicazione</th>
<th>Vendor</th>
<th>Versione</th>
<th>Licenze</th>
<th>Responsabile</th>
<th>Server/Infra</th>
<th>Criticità</th>
<th>Rilevanza NIS2</th>
<th>Punteggio</th>
<th>Ultimo Aggiornamento</th>
<th>Azioni</th>
</tr>
</thead>
<tbody>
<tr>
<td>SW-ERP-001</td>
<td>SAP ERP</td>
<td>SAP SE</td>
<td>S/4HANA 2021</td>
<td>150 Named Users</td>
<td>M. Rossi</td>
<td>HW-SRV-001</td>
<td><span class="cell-critical">Critico</span></td>
<td><span class="status-badge status-relevant">SI</span></td>
<td class="cell-calculated">95</td>
<td>2024-01-15</td>
<td><button class="btn btn-interactive" onclick="viewDetails('SW-ERP-001')">Dettagli</button></td>
</tr>
<tr>
<td>SW-SEC-008</td>
<td>Splunk SIEM <span class="essential-badge">OBBLIGATORIO ESSENZIALI</span></td>
<td>Splunk Inc.</td>
<td>9.1.2</td>
<td>500GB/day</td>
<td>CISO</td>
<td>HW-SRV-045</td>
<td><span class="cell-critical">Critico</span></td>
<td><span class="status-badge status-relevant">SI</span></td>
<td class="cell-calculated">92</td>
<td>2024-02-10</td>
<td><button class="btn btn-interactive" onclick="viewDetails('SW-SEC-008')">Dettagli</button></td>
</tr>
<tr>
<td>SW-DB-003</td>
<td>Oracle Database</td>
<td>Oracle Corp.</td>
<td>19c Enterprise</td>
<td>4 CPU</td>
<td>DBA Team</td>
<td>HW-SRV-012</td>
<td><span class="cell-critical">Critico</span></td>
<td><span class="status-badge status-relevant">SI</span></td>
<td class="cell-calculated">89</td>
<td>2024-01-28</td>
<td><button class="btn btn-interactive" onclick="viewDetails('SW-DB-003')">Dettagli</button></td>
</tr>
<tr>
<td>SW-CRM-001</td>
<td>Salesforce CRM</td>
<td>Salesforce</td>
<td>Enterprise Ed.</td>
<td>80 Users</td>
<td>Sales Manager</td>
<td>Cloud SaaS</td>
<td><span class="cell-high">Alto</span></td>
<td><span class="status-badge status-relevant">SI</span></td>
<td class="cell-calculated">68</td>
<td>Auto-update</td>
<td><button class="btn btn-interactive" onclick="viewDetails('SW-CRM-001')">Dettagli</button></td>
</tr>
<tr>
<td>SW-OFF-001</td>
<td>Microsoft 365</td>
<td>Microsoft</td>
<td>E3 Plan</td>
<td>200 Users</td>
<td>IT Manager</td>
<td>Cloud SaaS</td>
<td><span class="cell-medium">Medio</span></td>
<td><span class="status-badge status-relevant">SI</span></td>
<td class="cell-calculated">55</td>
<td>Auto-update</td>
<td><button class="btn btn-interactive" onclick="viewDetails('SW-OFF-001')">Dettagli</button></td>
</tr>
</tbody>
</table>
</div>
</div>
<!-- Cloud Services Section -->
<div class="section" id="section-cloud">
<div class="section-header">
<div class="section-title">
Servizi Cloud (ID.AM-02)
<span class="help-icon">?
<div class="tooltip">
<div class="tooltip-title">HELP DELLA SEZIONE</div>
Inventario servizi cloud IaaS, PaaS e SaaS. Per ogni servizio cloud sono richiesti: provider, localizzazione dati, SLA, certificazioni, contratti Art.28 GDPR e piano di exit. Valutazione rilevanza NIS2 obbligatoria.
</div>
</span>
</div>
</div>
<div class="table-container">
<table>
<thead>
<tr>
<th>Codice</th>
<th>Servizio</th>
<th>Tipo</th>
<th>Provider</th>
<th>Localizzazione Dati</th>
<th>SLA Uptime</th>
<th>Certificazioni</th>
<th>Art.28 GDPR</th>
<th>Criticità</th>
<th>Rilevanza NIS2</th>
<th>Punteggio</th>
<th>Azioni</th>
</tr>
</thead>
<tbody>
<tr>
<td>CLD-IAAS-001</td>
<td>VM Production Environment</td>
<td>IaaS</td>
<td>AWS EC2</td>
<td>EU-West-1 (Irlanda)</td>
<td>99.99%</td>
<td>ISO 27001, SOC 2</td>
<td>SI</td>
<td><span class="cell-critical">Critico</span></td>
<td><span class="status-badge status-relevant">SI</span></td>
<td class="cell-calculated">87</td>
<td><button class="btn btn-interactive" onclick="viewDetails('CLD-IAAS-001')">Dettagli</button></td>
</tr>
<tr>
<td>CLD-PAAS-003</td>
<td>Azure SQL Database</td>
<td>PaaS</td>
<td>Microsoft Azure</td>
<td>West Europe (Paesi Bassi)</td>
<td>99.99%</td>
<td>ISO 27001, SOC 2</td>
<td>SI</td>
<td><span class="cell-critical">Critico</span></td>
<td><span class="status-badge status-relevant">SI</span></td>
<td class="cell-calculated">85</td>
<td><button class="btn btn-interactive" onclick="viewDetails('CLD-PAAS-003')">Dettagli</button></td>
</tr>
<tr>
<td>CLD-SAAS-005</td>
<td>Backup as a Service</td>
<td>SaaS</td>
<td>Veeam Cloud Connect</td>
<td>Milano, Italia</td>
<td>99.9%</td>
<td>ISO 27001</td>
<td>SI</td>
<td><span class="cell-high">Alto</span></td>
<td><span class="status-badge status-relevant">SI</span></td>
<td class="cell-calculated">75</td>
<td><button class="btn btn-interactive" onclick="viewDetails('CLD-SAAS-005')">Dettagli</button></td>
</tr>
<tr>
<td>CLD-SAAS-012</td>
<td>Collaboration Platform</td>
<td>SaaS</td>
<td>Slack</td>
<td>EU Region</td>
<td>99.99%</td>
<td>SOC 2, ISO 27001</td>
<td>SI</td>
<td><span class="cell-medium">Medio</span></td>
<td><span class="status-badge status-relevant">SI</span></td>
<td class="cell-calculated">48</td>
<td><button class="btn btn-interactive" onclick="viewDetails('CLD-SAAS-012')">Dettagli</button></td>
</tr>
</tbody>
</table>
</div>
</div>
<!-- Network Diagrams Section -->
<div class="section" id="section-network">
<div class="section-header">
<div class="section-title">
Diagrammi Rete e Flussi Dati (ID.AM-03)
<span class="essential-badge">SOLO SOGGETTI ESSENZIALI</span>
<span class="help-icon">?
<div class="tooltip">
<div class="tooltip-title">HELP DELLA SEZIONE</div>
Obbligatorio per soggetti essenziali: topologia fisica e logica, segmentazione rete, flussi dati critici, architettura sicurezza. Aggiornamento obbligatorio entro 5 giorni da ogni modifica infrastrutturale. Revisione trimestrale e approvazione CISO.
</div>
</span>
</div>
</div>
<div class="info-box">
<div class="info-box-title">Documenti Obbligatori per Soggetti Essenziali</div>
<div class="info-box-content">
Tutti i diagrammi devono essere aggiornati entro 5 giorni da ogni modifica infrastrutturale. Revisione trimestrale obbligatoria con approvazione CISO. Classificazione: Riservato.
</div>
</div>
<div class="table-container">
<table>
<thead>
<tr>
<th>Tipo Diagramma</th>
<th>Versione</th>
<th>Data Ultima Modifica</th>
<th>Responsabile</th>
<th>Approvazione CISO</th>
<th>Prossima Revisione</th>
<th>Documento</th>
</tr>
</thead>
<tbody>
<tr>
<td>Topologia Fisica</td>
<td>v3.2</td>
<td>2024-02-15</td>
<td>Network Manager</td>
<td>2024-02-16</td>
<td>2024-05-15</td>
<td><a href="doc-network-physical.html" target="_blank" class="doc-link">Visualizza PDF</a></td>
</tr>
<tr>
<td>Topologia Logica</td>
<td>v3.1</td>
<td>2024-02-10</td>
<td>Network Manager</td>
<td>2024-02-11</td>
<td>2024-05-10</td>
<td><a href="doc-network-logical.html" target="_blank" class="doc-link">Visualizza PDF</a></td>
</tr>
<tr>
<td>Flussi Dati Critici</td>
<td>v2.8</td>
<td>2024-01-20</td>
<td>CISO</td>
<td>2024-01-20</td>
<td>2024-04-20</td>
<td><a href="doc-data-flows.html" target="_blank" class="doc-link">Visualizza PDF</a></td>
</tr>
<tr>
<td>Architettura Sicurezza</td>
<td>v4.0</td>
<td>2024-02-01</td>
<td>CISO</td>
<td>2024-02-01</td>
<td>2024-05-01</td>
<td><a href="doc-security-arch.html" target="_blank" class="doc-link">Visualizza PDF</a></td>
</tr>
</tbody>
</table>
</div>
</div>
<!-- Services Catalog Section -->
<div class="section" id="section-services">
<div class="section-header">
<div class="section-title">
Catalogo Servizi Erogati (ID.AM-04)
<span class="help-icon">?
<div class="tooltip">
<div class="tooltip-title">HELP DELLA SEZIONE</div>
Elenco completo dei servizi erogati dall'organizzazione con classificazione criticità (Essenziale/Importante/Standard), sistemi IT di supporto, RTO/RPO, SLA e valutazione rilevanza NIS2. Collegamento con inventario asset e mappa fornitori.
</div>
</span>
</div>
</div>
<div class="table-container">
<table>
<thead>
<tr>
<th>Codice</th>
<th>Nome Servizio</th>
<th>Tipologia</th>
<th>Utenti/Clienti</th>
<th>Criticità Servizio</th>
<th>Sistemi IT Supporto</th>
<th>RTO</th>
<th>RPO</th>
<th>Rilevanza NIS2</th>
<th>Punteggio</th>
<th>Responsabile</th>
<th>Azioni</th>
</tr>
</thead>
<tbody>
<tr>
<td>SVC-001</td>
<td>Piattaforma ERP Cloud</td>
<td>B2B</td>
<td>1.200 clienti</td>
<td><span class="cell-critical">Essenziale</span></td>
<td>HW-SRV-001, SW-ERP-001, CLD-IAAS-001</td>
<td>4h</td>
<td>1h</td>
<td><span class="status-badge status-relevant">SI</span></td>
<td class="cell-calculated">94</td>
<td>Service Manager</td>
<td><button class="btn btn-interactive" onclick="viewDetails('SVC-001')">Dettagli</button></td>
</tr>
<tr>
<td>SVC-002</td>
<td>Hosting Applicazioni Gestionali</td>
<td>B2B</td>
<td>850 clienti</td>
<td><span class="cell-critical">Essenziale</span></td>
<td>HW-SRV-023, CLD-IAAS-001</td>
<td>8h</td>
<td>4h</td>
<td><span class="status-badge status-relevant">SI</span></td>
<td class="cell-calculated">88</td>
<td>Hosting Manager</td>
<td><button class="btn btn-interactive" onclick="viewDetails('SVC-002')">Dettagli</button></td>
</tr>
<tr>
<td>SVC-003</td>
<td>Backup e Disaster Recovery</td>
<td>B2B</td>
<td>600 clienti</td>
<td><span class="cell-high">Importante</span></td>
<td>CLD-SAAS-005, HW-SRV-045</td>
<td>24h</td>
<td>24h</td>
<td><span class="status-badge status-relevant">SI</span></td>
<td class="cell-calculated">76</td>
<td>Backup Manager</td>
<td><button class="btn btn-interactive" onclick="viewDetails('SVC-003')">Dettagli</button></td>
</tr>
<tr>
<td>SVC-004</td>
<td>Supporto Tecnico</td>
<td>B2B/B2C</td>
<td>Tutti i clienti</td>
<td><span class="cell-high">Importante</span></td>
<td>SW-CRM-001, SW-OFF-001</td>
<td>24h</td>
<td>N/A</td>
<td><span class="status-badge status-relevant">SI</span></td>
<td class="cell-calculated">62</td>
<td>Support Manager</td>
<td><button class="btn btn-interactive" onclick="viewDetails('SVC-004')">Dettagli</button></td>
</tr>
<tr>
<td>SVC-005</td>
<td>Sviluppo Software Custom</td>
<td>B2B</td>
<td>120 progetti/anno</td>
<td>Standard</td>
<td>SW-DEV-Tools</td>
<td>N/A</td>
<td>N/A</td>
<td><span class="status-badge status-not-relevant">NO</span></td>
<td>35</td>
<td>Dev Manager</td>
<td><button class="btn btn-interactive" onclick="viewDetails('SVC-005')">Dettagli</button></td>
</tr>
</tbody>
</table>
</div>
</div>
<!-- Relevant Systems Section -->
<div class="section" id="section-relevant">
<div class="section-header">
<div class="section-title">
Sistemi Rilevanti NIS2 (GV.OC-04)
<span class="help-icon">?
<div class="tooltip">
<div class="tooltip-title">HELP DELLA SEZIONE</div>
Elenco formale dei sistemi classificati come rilevanti (punteggio ≥40) secondo griglia di valutazione NIS2. Richiede approvazione formale Direzione/CdA. Per ogni sistema rilevante sono definite misure di sicurezza aggiuntive proporzionali al livello di criticità.
</div>
</span>
</div>
<div class="section-actions">
<button class="btn btn-interactive" onclick="window.open('doc-relevant-systems.html', '_blank')">Documento Formale</button>
<button class="btn btn-interactive btn-primary" onclick="recalculateScores()">Ricalcola Punteggi</button>
</div>
</div>
<div class="info-box">
<div class="info-box-title">Documento Formale GV.OC-04</div>
<div class="info-box-content">
L'elenco dei sistemi rilevanti deve essere approvato formalmente da Direzione/CdA e revisionato semestralmente. Soglia rilevanza: punteggio ≥40. Sistemi critici (≥80) richiedono misure di sicurezza massime.
</div>
</div>
<div class="stats-row">
<div class="stat-card">
<div class="stat-label">Sistemi Critici (≥80)</div>
<div class="stat-value">12</div>
</div>
<div class="stat-card">
<div class="stat-label">Sistemi Alto (60-79)</div>
<div class="stat-value">15</div>
</div>
<div class="stat-card">
<div class="stat-label">Sistemi Medio (40-59)</div>
<div class="stat-value">11</div>
</div>
<div class="stat-card">
<div class="stat-label">Totale Rilevanti</div>
<div class="stat-value">38</div>
</div>
</div>
<div class="table-container">
<table>
<thead>
<tr>
<th>Codice</th>
<th>Nome Sistema/Servizio</th>
<th>Tipo</th>
<th>Punteggio
<span class="help-icon">?
<div class="tooltip">
<div class="tooltip-title">CALCOLO</div>
Dettaglio calcolo punteggio:<br>
1. Criticità Operativa (0-25)<br>
2. Impatto Interruzione (0-25)<br>
3. Dati Trattati (0-20)<br>
4. Dipendenze (0-15)<br>
5. Esposizione (0-10)<br>
6. Obblighi Normativi (0-5)<br>
TOTALE: Somma criteri (max 100)
</div>
</span>
</th>
<th>Livello</th>
<th>Servizi Business</th>
<th>RTO/RPO</th>
<th>Monitoraggio</th>
<th>Backup</th>
<th>Ultima Valutazione</th>
<th>Prossima Revisione</th>
<th>Azioni</th>
</tr>
</thead>
<tbody>
<tr>
<td>SW-ERP-001</td>
<td>SAP ERP</td>
<td>Software</td>
<td class="cell-calculated">95
<span class="help-icon">?
<div class="tooltip">
<div class="tooltip-title">CALCOLO</div>
Criticità Operativa: 25<br>
Impatto Interruzione: 25<br>
Dati Trattati: 15<br>
Dipendenze: 15<br>
Esposizione: 10<br>
Obblighi Normativi: 5<br>
<strong>TOTALE: 95</strong>
</div>
</span>
</td>
<td><span class="cell-critical">CRITICO</span></td>
<td>SVC-001</td>
<td>4h / 1h</td>
<td>24/7</td>
<td>Giornaliero</td>
<td>2024-02-01</td>
<td>2024-05-01</td>
<td><button class="btn btn-interactive" onclick="viewDetails('SW-ERP-001')">Dettagli</button></td>
</tr>
<tr>
<td>SW-SEC-008</td>
<td>Splunk SIEM</td>
<td>Software</td>
<td class="cell-calculated">92</td>
<td><span class="cell-critical">CRITICO</span></td>
<td>Tutti</td>
<td>4h / 4h</td>
<td>24/7</td>
<td>Giornaliero</td>
<td>2024-02-05</td>
<td>2024-05-05</td>
<td><button class="btn btn-interactive" onclick="viewDetails('SW-SEC-008')">Dettagli</button></td>
</tr>
<tr>
<td>HW-SRV-001</td>
<td>ERP-PROD-01</td>
<td>Hardware</td>
<td class="cell-calculated">91</td>
<td><span class="cell-critical">CRITICO</span></td>
<td>SVC-001</td>
<td>4h / 1h</td>
<td>24/7</td>
<td>Giornaliero</td>
<td>2024-02-01</td>
<td>2024-05-01</td>
<td><button class="btn btn-interactive" onclick="viewDetails('HW-SRV-001')">Dettagli</button></td>
</tr>
<tr>
<td>SVC-001</td>
<td>Piattaforma ERP Cloud</td>
<td>Servizio</td>
<td class="cell-calculated">94</td>
<td><span class="cell-critical">CRITICO</span></td>
<td>Core Business</td>
<td>4h / 1h</td>
<td>24/7</td>
<td>Giornaliero</td>
<td>2024-02-10</td>
<td>2024-05-10</td>
<td><button class="btn btn-interactive" onclick="viewDetails('SVC-001')">Dettagli</button></td>
</tr>
<tr>
<td>HW-NET-015</td>
<td>FW-PERIMETRALE-01</td>
<td>Hardware</td>
<td class="cell-calculated">88</td>
<td><span class="cell-critical">CRITICO</span></td>
<td>Tutti</td>
<td>1h / N/A</td>
<td>24/7</td>
<td>Giornaliero</td>
<td>2024-01-20</td>
<td>2024-04-20</td>
<td><button class="btn btn-interactive" onclick="viewDetails('HW-NET-015')">Dettagli</button></td>
</tr>
</tbody>
</table>
</div>
</div>
<!-- Scoring Grid Section -->
<div class="section" id="section-scoring">
<div class="section-header">
<div class="section-title">
Griglia di Valutazione Rilevanza NIS2
<span class="help-icon">?
<div class="tooltip">
<div class="tooltip-title">HELP DELLA SEZIONE</div>
Metodologia di scoring 0-100 punti per classificare sistemi come rilevanti NIS2. Valutazione basata su 6 criteri: Criticità Operativa (0-25), Impatto Interruzione (0-25), Dati Trattati (0-20), Dipendenze (0-15), Esposizione (0-10), Obblighi Normativi (0-5). Soglia rilevanza: ≥40 punti.
</div>
</span>
</div>
</div>
<div class="info-box">
<div class="info-box-title">Classificazione Rilevanza</div>
<div class="info-box-content">
<strong>80-100 punti:</strong> CRITICO - Priorità Massima |
<strong>60-79 punti:</strong> ALTO - Priorità Alta |
<strong>40-59 punti:</strong> MEDIO - Rilevante |
<strong>20-39 punti:</strong> BASSO - Monitoraggio |
<strong>0-19 punti:</strong> TRASCURABILE
</div>
</div>
<div class="scoring-grid">
<!-- Criterio 1 -->
<div class="scoring-card">
<div class="scoring-card-header">
CRITERIO 1: Criticità Operativa
<span class="scoring-card-points">0-25</span>
</div>
<div class="scoring-card-content">
Valuta quanto il sistema è essenziale per l'erogazione dei servizi core business.
</div>
<div class="scoring-levels">
<div class="scoring-level">
<span class="scoring-level-name">Critico</span>
<span class="scoring-level-points">25</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">Molto Alto</span>
<span class="scoring-level-points">20</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">Alto</span>
<span class="scoring-level-points">15</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">Medio</span>
<span class="scoring-level-points">10</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">Basso</span>
<span class="scoring-level-points">5</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">Trascurabile</span>
<span class="scoring-level-points">0</span>
</div>
</div>
</div>
<!-- Criterio 2 -->
<div class="scoring-card">
<div class="scoring-card-header">
CRITERIO 2: Impatto Interruzione
<span class="scoring-card-points">0-25</span>
</div>
<div class="scoring-card-content">
Valuta le conseguenze di un'interruzione in termini di durata e utenti impattati.
</div>
<div class="scoring-levels">
<div class="scoring-level">
<span class="scoring-level-name">&gt;24h + &gt;70% utenti</span>
<span class="scoring-level-points">25</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">8-24h + 50-70% utenti</span>
<span class="scoring-level-points">20</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">4-8h + 30-50% utenti</span>
<span class="scoring-level-points">15</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">1-4h + 10-30% utenti</span>
<span class="scoring-level-points">10</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">&lt;1h + &lt;10% utenti</span>
<span class="scoring-level-points">5</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">Nessun impatto</span>
<span class="scoring-level-points">0</span>
</div>
</div>
</div>
<!-- Criterio 3 -->
<div class="scoring-card">
<div class="scoring-card-header">
CRITERIO 3: Dati Trattati
<span class="scoring-card-points">0-20</span>
</div>
<div class="scoring-card-content">
Valuta la sensibilità e criticità dei dati gestiti dal sistema.
</div>
<div class="scoring-levels">
<div class="scoring-level">
<span class="scoring-level-name">Dati Sensibili Art.9 GDPR</span>
<span class="scoring-level-points">20</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">Dati Personali larga scala</span>
<span class="scoring-level-points">15</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">Dati Personali + Finanziari</span>
<span class="scoring-level-points">10</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">Dati Aziendali Riservati</span>
<span class="scoring-level-points">5</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">Dati Pubblici</span>
<span class="scoring-level-points">0</span>
</div>
</div>
</div>
<!-- Criterio 4 -->
<div class="scoring-card">
<div class="scoring-card-header">
CRITERIO 4: Dipendenze
<span class="scoring-card-points">0-15</span>
</div>
<div class="scoring-card-content">
Valuta quanti altri sistemi critici dipendono da questo sistema.
</div>
<div class="scoring-levels">
<div class="scoring-level">
<span class="scoring-level-name">≥5 sistemi critici</span>
<span class="scoring-level-points">15</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">3-4 sistemi critici</span>
<span class="scoring-level-points">12</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">2 sistemi critici</span>
<span class="scoring-level-points">9</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">1 sistema critico</span>
<span class="scoring-level-points">6</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">1-2 sistemi non critici</span>
<span class="scoring-level-points">3</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">Nessuna dipendenza</span>
<span class="scoring-level-points">0</span>
</div>
</div>
</div>
<!-- Criterio 5 -->
<div class="scoring-card">
<div class="scoring-card-header">
CRITERIO 5: Esposizione
<span class="scoring-card-points">0-10</span>
</div>
<div class="scoring-card-content">
Valuta la superficie di attacco e l'esposizione del sistema.
</div>
<div class="scoring-levels">
<div class="scoring-level">
<span class="scoring-level-name">Internet pubblico senza MFA</span>
<span class="scoring-level-points">10</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">Internet con MFA</span>
<span class="scoring-level-points">8</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">Reti partner/fornitori</span>
<span class="scoring-level-points">6</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">Rete aziendale intranet</span>
<span class="scoring-level-points">4</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">Rete gestione isolata</span>
<span class="scoring-level-points">2</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">Completamente isolato</span>
<span class="scoring-level-points">0</span>
</div>
</div>
</div>
<!-- Criterio 6 -->
<div class="scoring-card">
<div class="scoring-card-header">
CRITERIO 6: Obblighi Normativi
<span class="scoring-card-points">0-5</span>
</div>
<div class="scoring-card-content">
Valuta se il sistema è soggetto a obblighi specifici normativi o contrattuali.
</div>
<div class="scoring-levels">
<div class="scoring-level">
<span class="scoring-level-name">Richiesto da NIS2</span>
<span class="scoring-level-points">5</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">Certificazioni obbligatorie</span>
<span class="scoring-level-points">4</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">Obblighi SLA stringenti</span>
<span class="scoring-level-points">3</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">Audit esterni regolari</span>
<span class="scoring-level-points">2</span>
</div>
<div class="scoring-level">
<span class="scoring-level-name">Nessun obbligo</span>
<span class="scoring-level-points">0</span>
</div>
</div>
</div>
</div>
<!-- Esempio Valutazione -->
<div style="margin-top: 32px;">
<div class="section-header">
<div class="section-title">Esempio di Valutazione Completa</div>
</div>
<div class="info-box">
<div class="info-box-title">Sistema: Piattaforma ERP Cloud per Clienti</div>
<div class="info-box-content">
<div style="margin-top: 12px;">
<table style="width: 100%; font-size: 13px;">
<tr>
<td style="padding: 8px; border: 1px solid var(--border-color);">Criterio 1 - Criticità Operativa</td>
<td style="padding: 8px; border: 1px solid var(--border-color);">Sistema assolutamente essenziale, core business</td>
<td style="padding: 8px; border: 1px solid var(--border-color); font-weight: 600; color: var(--accent-primary);">25</td>
</tr>
<tr>
<td style="padding: 8px; border: 1px solid var(--border-color);">Criterio 2 - Impatto Interruzione</td>
<td style="padding: 8px; border: 1px solid var(--border-color);">Interruzione &gt;8h impatta 80% clienti</td>
<td style="padding: 8px; border: 1px solid var(--border-color); font-weight: 600; color: var(--accent-primary);">25</td>
</tr>
<tr>
<td style="padding: 8px; border: 1px solid var(--border-color);">Criterio 3 - Dati Trattati</td>
<td style="padding: 8px; border: 1px solid var(--border-color);">Dati personali comuni &gt;50.000 interessati + dati finanziari</td>
<td style="padding: 8px; border: 1px solid var(--border-color); font-weight: 600; color: var(--accent-primary);">15</td>
</tr>
<tr>
<td style="padding: 8px; border: 1px solid var(--border-color);">Criterio 4 - Dipendenze</td>
<td style="padding: 8px; border: 1px solid var(--border-color);">6 sistemi critici dipendono da questo</td>
<td style="padding: 8px; border: 1px solid var(--border-color); font-weight: 600; color: var(--accent-primary);">15</td>
</tr>
<tr>
<td style="padding: 8px; border: 1px solid var(--border-color);">Criterio 5 - Esposizione</td>
<td style="padding: 8px; border: 1px solid var(--border-color);">Accessibile da internet con MFA</td>
<td style="padding: 8px; border: 1px solid var(--border-color); font-weight: 600; color: var(--accent-primary);">8</td>
</tr>
<tr>
<td style="padding: 8px; border: 1px solid var(--border-color);">Criterio 6 - Obblighi Normativi</td>
<td style="padding: 8px; border: 1px solid var(--border-color);">SLA contrattuale 99.5% + audit annuale</td>
<td style="padding: 8px; border: 1px solid var(--border-color); font-weight: 600; color: var(--accent-primary);">3</td>
</tr>
<tr style="background-color: var(--calc-highlight);">
<td style="padding: 12px; border: 1px solid var(--border-color); font-weight: 700;">TOTALE</td>
<td style="padding: 12px; border: 1px solid var(--border-color);"></td>
<td style="padding: 12px; border: 1px solid var(--border-color); font-weight: 700; font-size: 18px; color: var(--danger);">91
<span class="help-icon">?
<div class="tooltip">
<div class="tooltip-title">CALCOLO</div>
TOTALE = 25 + 25 + 15 + 15 + 8 + 3 = 91<br>
Classificazione: CRITICO (80-100)<br>
Rilevanza NIS2: SI
</div>
</span>
</td>
</tr>
<tr>
<td colspan="3" style="padding: 12px; border: 1px solid var(--border-color); background-color: rgba(248, 81, 73, 0.1);">
<strong style="color: var(--danger);">Classificazione: CRITICO</strong> - Sistema Rilevante NIS2 con priorità massima
</td>
</tr>
</table>
</div>
</div>
</div>
</div>
<!-- Misure per Sistemi Rilevanti -->
<div style="margin-top: 32px;">
<div class="section-header">
<div class="section-title">Misure Aggiuntive per Sistemi Rilevanti</div>
</div>
<div class="table-container">
<table>
<thead>
<tr>
<th>Livello Criticità</th>
<th>Punteggio</th>
<th>Misure Obbligatorie</th>
</tr>
</thead>
<tbody>
<tr>
<td><span class="cell-critical">CRITICO</span></td>
<td>80-100</td>
<td>
Monitoraggio 24/7 con alert real-time | Backup giornaliero + test mensile |
Patch critiche entro 48h | MFA obbligatoria tutti gli accessi |
Log retention 24 mesi | Audit semestrale | Ridondanza attiva (HA/failover) |
Segmentazione rete dedicata | DR testato trimestralmente
</td>
</tr>
<tr>
<td><span class="cell-high">ALTO</span></td>
<td>60-79</td>
<td>
Monitoraggio continuo con alert | Backup giornaliero + test trimestrale |
Patch critiche entro 72h | MFA obbligatoria accessi privilegiati |
Log retention 18 mesi | Audit annuale | DR testato semestralmente
</td>
</tr>
<tr>
<td><span class="cell-medium">MEDIO</span></td>
<td>40-59</td>
<td>
Monitoraggio standard | Backup settimanale + test semestrale |
Patch critiche entro 7 giorni | MFA raccomandato |
Log retention 12 mesi | Audit biennale | DR testato annualmente
</td>
</tr>
</tbody>
</table>
</div>
</div>
<!-- Processo di Revisione -->
<div style="margin-top: 32px;">
<div class="section-header">
<div class="section-title">Processo di Revisione Periodica</div>
</div>
<div class="info-box">
<div class="info-box-title">Frequenza Revisione</div>
<div class="info-box-content">
<strong>Trimestrale:</strong> Revisione sistemi critici (punteggio ≥80) |
<strong>Semestrale:</strong> Revisione tutti i sistemi rilevanti |
<strong>Annuale:</strong> Rivalutazione completa con griglia aggiornata |
<strong>Straordinaria:</strong> Cambio significativo, nuovi sistemi, incidenti, modifiche architetturali
</div>
</div>
<div class="table-container">
<table>
<thead>
<tr>
<th>Trigger Rivalutazione</th>
<th>Descrizione</th>
<th>Azione Richiesta</th>
</tr>
</thead>
<tbody>
<tr>
<td>Nuovo sistema implementato</td>
<td>Deployment di nuovo sistema IT o servizio</td>
<td>Valutazione completa entro 15 giorni</td>
</tr>
<tr>
<td>Modifica significativa</td>
<td>Cambio architettura, funzionalità, utenti</td>
<td>Rivalutazione entro 30 giorni</td>
</tr>
<tr>
<td>Incidente di sicurezza</td>
<td>Incidente grave su sistema rilevante</td>
<td>Rivalutazione immediata post-incident</td>
</tr>
<tr>
<td>Cambio normativo</td>
<td>Nuove normative o requisiti NIS2</td>
<td>Rivalutazione tutti i sistemi entro 60 giorni</td>
</tr>
<tr>
<td>Feedback audit</td>
<td>Raccomandazioni da audit interno/esterno</td>
<td>Rivalutazione sistemi indicati entro 45 giorni</td>
</tr>
</tbody>
</table>
</div>
</div>
<!-- KPI Inventario -->
<div style="margin-top: 32px;">
<div class="section-header">
<div class="section-title">KPI Gestione Inventario</div>
</div>
<div class="table-container">
<table>
<thead>
<tr>
<th>Codice KPI</th>
<th>Descrizione</th>
<th>Formula</th>
<th>Target</th>
<th>Valore Attuale</th>
<th>Status</th>
</tr>
</thead>
<tbody>
<tr>
<td>INV-KPI-01</td>
<td>Copertura inventario</td>
<td class="cell-calculated">Asset censiti / Asset totali stimati × 100
<span class="help-icon">?
<div class="tooltip">
<div class="tooltip-title">CALCOLO</div>
Numeratore: Asset presenti in inventario<br>
Denominatore: Asset totali stimati (da discovery + stime)<br>
Formula: (247 / 251) × 100 = 98.4%
</div>
</span>
</td>
<td>≥98%</td>
<td class="cell-calculated">98.5%</td>
<td><span class="status-badge status-operational">OK</span></td>
</tr>
<tr>
<td>INV-KPI-02</td>
<td>Accuratezza dati</td>
<td class="cell-calculated">Asset con dati completi / Totale asset × 100
<span class="help-icon">?
<div class="tooltip">
<div class="tooltip-title">CALCOLO</div>
Numeratore: Asset con tutti i metadati obbligatori compilati<br>
Denominatore: Totale asset in inventario<br>
Formula: (238 / 247) × 100 = 96.4%
</div>
</span>
</td>
<td>≥95%</td>
<td class="cell-calculated">96.2%</td>
<td><span class="status-badge status-operational">OK</span></td>
</tr>
<tr>
<td>INV-KPI-03</td>
<td>Aggiornamento</td>
<td class="cell-calculated">Asset aggiornati ultimi 90gg / Totale × 100
<span class="help-icon">?
<div class="tooltip">
<div class="tooltip-title">CALCOLO</div>
Numeratore: Asset con data ultimo aggiornamento &lt; 90 giorni<br>
Denominatore: Totale asset in inventario<br>
Formula: (247 / 247) × 100 = 100%
</div>
</span>
</td>
<td>100%</td>
<td class="cell-calculated">100%</td>
<td><span class="status-badge status-operational">OK</span></td>
</tr>
<tr>
<td>INV-KPI-04</td>
<td>Sistemi rilevanti protetti</td>
<td class="cell-calculated">Sistemi rilevanti con tutte misure / Totale rilevanti × 100
<span class="help-icon">?
<div class="tooltip">
<div class="tooltip-title">CALCOLO</div>
Numeratore: Sistemi rilevanti con misure complete implementate<br>
Denominatore: Totale sistemi rilevanti<br>
Formula: (38 / 38) × 100 = 100%
</div>
</span>
</td>
<td>100%</td>
<td class="cell-calculated">100%</td>
<td><span class="status-badge status-operational">OK</span></td>
</tr>
<tr>
<td>INV-KPI-05</td>
<td>Valutazione rilevanza aggiornata</td>
<td class="cell-calculated">Sistemi con punteggio &lt;6 mesi / Totale × 100
<span class="help-icon">?
<div class="tooltip">
<div class="tooltip-title">CALCOLO</div>
Numeratore: Sistemi con valutazione rilevanza &lt; 6 mesi<br>
Denominatore: Totale sistemi in inventario<br>
Formula: (247 / 247) × 100 = 100%
</div>
</span>
</td>
<td>100%</td>
<td class="cell-calculated">100%</td>
<td><span class="status-badge status-operational">OK</span></td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
</div>
<script>
// Tab switching
function showTab(tabName) {
// Hide all sections
const sections = document.querySelectorAll('.section');
sections.forEach(section => section.classList.remove('active'));
// Remove active class from all tabs
const tabs = document.querySelectorAll('.tab');
tabs.forEach(tab => tab.classList.remove('active'));
// Show selected section
const targetSection = document.getElementById('section-' + tabName);
if (targetSection) {
targetSection.classList.add('active');
}
// Add active class to clicked tab
event.target.classList.add('active');
}
// View details function
function viewDetails(assetCode) {
alert('Apertura dettagli per asset: ' + assetCode + '\n\nQuesta funzione aprirà una pagina di dettaglio completa dell\'asset con tutti i metadati, storico modifiche, vulnerabilità, dipendenze e collegamenti ai rischi.');
}
// Export data function
function exportData() {
alert('Esportazione inventario in formato:\n- CSV\n- Excel\n- JSON\n- PDF Report');
}
// Add asset function
function addAsset() {
alert('Apertura form per inserimento nuovo asset.\n\nIl form includerà:\n- Tutti i metadati obbligatori\n- Calcolo automatico punteggio rilevanza\n- Validazione campi\n- Workflow approvazione');
}
// Recalculate scores function
function recalculateScores() {
if (confirm('Ricalcolare i punteggi di rilevanza per tutti i sistemi?\n\nQuesta operazione:\n- Ricalcolerà i punteggi secondo la griglia attuale\n- Aggiornerà la classificazione\n- Genererà un report delle variazioni\n- Richiederà approvazione per sistemi che cambiano stato')) {
alert('Ricalcolo in corso...\n\nSaranno processati 247 asset.\nTempo stimato: 2-3 minuti.');
}
}
</script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink