fix(compliance): add version to ISO27001 (#2523)

prowler/compliance/aws/iso27001_2013_aws.json

@@ -1,6 +1,6 @@
 {
   "Framework": "ISO27001",
-  "Version": "",
+  "Version": "2013",
   "Provider": "AWS",
   "Description": "ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work.",
   "Requirements": [

prowler/lib/check/compliance_models.py

@@ -106,7 +106,7 @@ class AWS_Well_Architected_Requirements(BaseModel):
 
 
 # ISO27001 Requirements
-class ISO27001_Requirements(BaseModel):
+class ISO27001_2013_Requirements(BaseModel):
     """ISO27001 Requirements"""
 
     Category: str
@@ -127,7 +127,7 @@ class Compliance_Requirement(BaseModel):
             CIS_Requirements,
             ENS_Requirements,
             Generic_Compliance_Requirements,
-            ISO27001_Requirements,
+            ISO27001_2013_Requirements,
             AWS_Well_Architected_Requirements,
         ]
     ]

prowler/lib/outputs/compliance.py

@@ -8,7 +8,7 @@ from prowler.config.config import orange_color, timestamp
 from prowler.lib.check.models import Check_Report
 from prowler.lib.logger import logger
 from prowler.lib.outputs.models import (
-    Check_Output_CSV_AWS_ISO27001,
+    Check_Output_CSV_AWS_ISO27001_2013,
     Check_Output_CSV_AWS_Well_Architected,
     Check_Output_CSV_CIS,
     Check_Output_CSV_ENS_RD2022,
@@ -160,7 +160,11 @@ def fill_compliance(output_options, finding, audit_info, file_descriptors):
 
                 csv_header = generate_csv_fields(Check_Output_CSV_AWS_Well_Architected)
 
-            elif compliance.Framework == "ISO27001" and compliance.Provider == "AWS":
+            elif (
+                compliance.Framework == "ISO27001"
+                and compliance.Version == "2013"
+                and compliance.Provider == "AWS"
+            ):
                 compliance_output = compliance.Framework
                 if compliance.Version != "":
                     compliance_output += "_" + compliance.Version
@@ -174,7 +178,7 @@ def fill_compliance(output_options, finding, audit_info, file_descriptors):
                         requirement_id = requirement.Id
                         requirement.Name
                         for attribute in requirement.Attributes:
-                            compliance_row = Check_Output_CSV_AWS_ISO27001(
+                            compliance_row = Check_Output_CSV_AWS_ISO27001_2013(
                                 Provider=finding.check_metadata.Provider,
                                 Description=compliance.Description,
                                 AccountId=audit_info.audited_account,
@@ -192,7 +196,7 @@ def fill_compliance(output_options, finding, audit_info, file_descriptors):
                                 CheckId=finding.check_metadata.CheckID,
                             )
 
-                csv_header = generate_csv_fields(Check_Output_CSV_AWS_ISO27001)
+                csv_header = generate_csv_fields(Check_Output_CSV_AWS_ISO27001_2013)
 
             else:
                 compliance_output = compliance.Framework

prowler/lib/outputs/file_descriptors.py

@@ -14,7 +14,7 @@ from prowler.lib.outputs.html import add_html_header
 from prowler.lib.outputs.models import (
     Aws_Check_Output_CSV,
     Azure_Check_Output_CSV,
-    Check_Output_CSV_AWS_ISO27001,
+    Check_Output_CSV_AWS_ISO27001_2013,
     Check_Output_CSV_AWS_Well_Architected,
     Check_Output_CSV_CIS,
     Check_Output_CSV_ENS_RD2022,
@@ -164,13 +164,13 @@ def fill_file_descriptors(output_modes, output_directory, output_filename, audit
                         )
                         file_descriptors.update({output_mode: file_descriptor})
 
-                    elif output_mode == "iso27001_aws":
-                        filename = f"{output_directory}/{output_filename}_iso27001_aws{csv_file_suffix}"
+                    elif output_mode == "iso27001_2013_aws":
+                        filename = f"{output_directory}/{output_filename}_iso27001_2013_aws{csv_file_suffix}"
                         file_descriptor = initialize_file_descriptor(
                             filename,
                             output_mode,
                             audit_info,
-                            Check_Output_CSV_AWS_ISO27001,
+                            Check_Output_CSV_AWS_ISO27001_2013,
                         )
                         file_descriptors.update({output_mode: file_descriptor})
 

prowler/lib/outputs/models.py

@@ -588,9 +588,9 @@ class Check_Output_CSV_AWS_Well_Architected(BaseModel):
     CheckId: str
 
 
-class Check_Output_CSV_AWS_ISO27001(BaseModel):
+class Check_Output_CSV_AWS_ISO27001_2013(BaseModel):
     """
-    Check_Output_CSV_AWS_ISO27001 generates a finding's output in CSV AWS ISO27001 Compliance format.
+    Check_Output_CSV_AWS_ISO27001_2013 generates a finding's output in CSV AWS ISO27001 Compliance format.
     """
 
     Provider: str