1metadata:
 2  id: TEST-LIFECYCLE
 3  type: ControlCatalog
 4  gemara-version: "0.20.0"
 5  version: "1.0.0"
 6  description: Validates lifecycle states on controls and assessment requirements.
 7  author:
 8    id: test
 9    name: Test Author
10    type: Human
11  applicability-groups:
12    - id: production
13      title: Production
14      description: Production environments.
15
16title: Lifecycle Test Catalog
17groups:
18  - id: dp
19    title: Data Protection
20    description: Data protection controls.
21
22controls:
23  - id: TC-001
24    group: dp
25    title: Encrypt Data at Rest
26    objective: Ensure all stored data is encrypted.
27    assessment-requirements:
28      - id: TC-001.AR01
29        text: The system MUST encrypt all data at rest.
30        applicability:
31          - production
32        recommendation: Use AES-256 or equivalent.
33
34  - id: TC-002
35    group: dp
36    title: Encrypt Data at Rest Using DES
37    objective: Ensure all stored data is encrypted using DES.
38    state: Retired
39    assessment-requirements:
40      - id: TC-002.AR01
41        text: The system MUST encrypt all data at rest using DES.
42        applicability:
43          - production
44        state: Retired