155 lines
8.6 KiB
PHP
155 lines
8.6 KiB
PHP
<?php
|
|
// --- Data ---
|
|
// In a real application, this would come from a database.
|
|
$frameworks = [
|
|
'nis2' => [
|
|
'name' => 'NIS2 Directive',
|
|
'description' => 'An EU-wide legislation on cybersecurity. It provides legal measures to boost the overall level of cybersecurity in the EU.',
|
|
'controls' => [
|
|
['id' => 'C001', 'title' => 'Risk Assessment and Security Policies', 'description' => 'Conduct regular risk assessments and establish clear information security policies.'],
|
|
['id' => 'C002', 'title' => 'Incident Handling', 'description' => 'Establish procedures to detect, handle, and report cybersecurity incidents.'],
|
|
['id' => 'C003', 'title' => 'Business Continuity Management', 'description' => 'Develop plans for business continuity and crisis management to ensure operational resilience.'],
|
|
['id' => 'C004', 'title' => 'Supply Chain Security', 'description' => 'Address security in the supply chain, including relationships with suppliers and service providers.'],
|
|
['id' => 'C005', 'title' => 'Cryptography and Encryption', 'description' => 'Use of cryptography and encryption to protect data at rest and in transit.'],
|
|
]
|
|
],
|
|
'dora' => [
|
|
'name' => 'DORA',
|
|
'description' => 'The Digital Operational Resilience Act is an EU regulation that creates a binding, comprehensive information and communication technology (ICT) risk management framework for the EU financial sector.',
|
|
'controls' => [
|
|
['id' => 'D001', 'title' => 'ICT Risk Management Framework', 'description' => 'Implement a comprehensive ICT risk management framework with clear strategies and policies.'],
|
|
['id' => 'D002', 'title' => 'ICT-Related Incident Reporting', 'description' => 'Establish a process for classifying and reporting major ICT-related incidents to authorities.'],
|
|
['id' => 'D003', 'title' => 'Digital Operational Resilience Testing', 'description' => 'Conduct regular resilience testing, including threat-led penetration testing (TLPT).'],
|
|
['id' => 'D004', 'title' => 'Third-Party Risk Management', 'description' => 'Manage risks associated with third-party ICT service providers, including cloud services.'],
|
|
]
|
|
],
|
|
'iso27001' => [
|
|
'name' => 'ISO 27001',
|
|
'description' => 'An international standard on how to manage information security. It details requirements for establishing, implementing, maintaining and continually improving an Information Security Management System (ISMS).',
|
|
'controls' => [
|
|
['id' => 'A.5.1', 'title' => 'Policies for information security', 'description' => 'A set of policies for information security shall be defined, approved by management, published and communicated.'],
|
|
['id' => 'A.6.1', 'title' => 'Information security roles and responsibilities', 'description' => 'All information security responsibilities shall be defined and allocated.'],
|
|
['id' => 'A.7.2', 'title' => 'Information security awareness, education and training', 'description' => 'All employees of the organization and, where relevant, contractors shall receive appropriate awareness education and training.'],
|
|
['id' => 'A.8.1', 'title' => 'Management of assets', 'description' => 'Assets associated with information and information processing facilities shall be identified and an inventory of these assets shall be drawn up and maintained.'],
|
|
['id' => 'A.12.1', 'title' => 'Protection against malware', 'description' => 'Controls for protection against malware shall be implemented and combined with user awareness.'],
|
|
]
|
|
]
|
|
];
|
|
|
|
// --- Logic ---
|
|
$framework_id = $_GET['id'] ?? '';
|
|
$framework = $frameworks[$framework_id] ?? null;
|
|
|
|
// If framework not found, redirect to home
|
|
if (!$framework) {
|
|
header('Location: /');
|
|
exit;
|
|
}
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html lang="en">
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<title><?php echo htmlspecialchars($framework['name']); ?> - ComplianceOS</title>
|
|
<meta name="description" content="Controls and requirements for <?php echo htmlspecialchars($framework['name']); ?>.">
|
|
|
|
<!-- Google Fonts -->
|
|
<link rel="preconnect" href="https://fonts.googleapis.com">
|
|
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
|
|
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap" rel="stylesheet">
|
|
|
|
<!-- Bootstrap CSS -->
|
|
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
|
|
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.3/font/bootstrap-icons.min.css">
|
|
|
|
<!-- Custom CSS -->
|
|
<link rel="stylesheet" href="assets/css/custom.css?v=<?php echo time(); ?>">
|
|
</head>
|
|
<body>
|
|
|
|
<nav class="navbar navbar-expand-lg navbar-light sticky-top">
|
|
<div class="container">
|
|
<a class="navbar-brand fw-bold" href="/"><i class="bi bi-shield-check"></i> ComplianceOS</a>
|
|
<button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav" aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation">
|
|
<span class="navbar-toggler-icon"></span>
|
|
</button>
|
|
<div class="collapse navbar-collapse" id="navbarNav">
|
|
<ul class="navbar-nav ms-auto">
|
|
<li class="nav-item">
|
|
<a class="nav-link" href="/">Frameworks</a>
|
|
</li>
|
|
<li class="nav-item">
|
|
<a class="nav-link" href="vision_demo.php">Vision Demo</a>
|
|
</li>
|
|
<li class="nav-item">
|
|
<a class="nav-link" href="#">Dashboard</a>
|
|
</li>
|
|
<li class="nav-item">
|
|
<a class="nav-link" href="pricing.php">Pricing</a>
|
|
</li>
|
|
<li class="nav-item">
|
|
<li class="nav-item">
|
|
<a class="nav-link" href="contact.php">Contact</a>
|
|
</li>
|
|
<li class="nav-item">
|
|
<a class="nav-link" href="login.php">Login</a>
|
|
</li>
|
|
<li class="nav-item">
|
|
<a class="nav-link" href="register.php">Register</a>
|
|
</li>
|
|
</li>
|
|
</ul>
|
|
</div>
|
|
</div>
|
|
</nav>
|
|
|
|
<header class="hero text-center">
|
|
<div class="container">
|
|
<h1 class="display-4 fw-bold"><?php echo htmlspecialchars($framework['name']); ?></h1>
|
|
<p class="lead"><?php echo htmlspecialchars($framework['description']); ?></p>
|
|
</div>
|
|
</header>
|
|
|
|
<main class="container my-5">
|
|
<div class="d-flex justify-content-between align-items-center mb-4">
|
|
<h2 class="h3">Control Requirements</h2>
|
|
<a href="#" class="btn btn-primary"><i class="bi bi-plus-circle"></i> Add New Control</a>
|
|
</div>
|
|
|
|
<div class="list-group">
|
|
<?php foreach ($framework['controls'] as $control): ?>
|
|
<div class="list-group-item list-group-item-action flex-column align-items-start">
|
|
<div class="d-flex w-100 justify-content-between">
|
|
<h5 class="mb-1 fw-bold"><?php echo htmlspecialchars($control['id']); ?>: <?php echo htmlspecialchars($control['title']); ?></h5>
|
|
<small class="text-muted">Status: Not Assessed</small>
|
|
</div>
|
|
<p class="mb-1"><?php echo htmlspecialchars($control['description']); ?></p>
|
|
<div class="mt-2">
|
|
<a href="#" class="btn btn-sm btn-outline-secondary">View Details</a>
|
|
<a href="#" class="btn btn-sm btn-outline-secondary">Assess Control</a>
|
|
</div>
|
|
</div>
|
|
<?php endforeach; ?>
|
|
</div>
|
|
</main>
|
|
|
|
<footer class="footer mt-auto py-3">
|
|
<div class="container text-center">
|
|
<span class="text-muted">© <?php echo date("Y"); ?> ComplianceOS. All Rights Reserved.</span>
|
|
<div class="mt-2">
|
|
<small class="text-muted">
|
|
PHP: <?php echo phpversion(); ?> | Current time: <?php echo date('Y-m-d H:i:s'); ?> | <a href="/healthz">Health Check</a>
|
|
</small>
|
|
</div>
|
|
</div>
|
|
</footer>
|
|
|
|
<!-- Bootstrap JS -->
|
|
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script>
|
|
<!-- Custom JS -->
|
|
<script src="assets/js/main.js?v=<?php echo time(); ?>"></script>
|
|
|
|
</body>
|
|
</html>
|