๐ป Hack23 AB โ Asset Register
๐ก๏ธ Comprehensive Asset Management Through Systematic Documentation
๐ฏ Enterprise-grade Asset Inventory Demonstrating Cybersecurity Excellence
๐ Document Owner: CEO | ๐ Version: 2.4 | ๐
Last Updated: 2026-06-02 (UTC)
๐ Review Cycle: Annual | โฐ Next Review: 2027-06-02
Hack23 AB's asset register demonstrates how comprehensive asset management directly enables both security excellence and business transparency. Our systematic asset documentation serves as both operational necessity and client demonstration of our cybersecurity consulting methodologies.
Scope: Company identities, SaaS/platform accounts, cloud accounts, domains, and intellectual property. Supplier posture and SLAs are authoritative in SUPPLIER.md. Open source transparency governance in Open Source Policy.
Overview โข
Identities โข
SaaS โข
AWS โข
Domains โข
IP โข
Risk โข
Changelog
- ๐ค Identity โข ๐ MFA โข ๐ ๏ธ Platforms โข ๐ Notes
- ๐งฉ Service โข ๐ข Account/Org โข ๐ฆ Plan โข โ
Status
- โ๏ธ Cloud โข ๐ GitHub โข ๐ฆ Banking โข ๐งพ Accounting โข ๐ณ Payments
- ๐ Search/SEO โข โถ๏ธ YouTube โข ๐ฆ Product Hunt โข ๐ต TikTok โข โ๏ธ X
- ๐ Domain โข ยฉ๏ธ Intellectual Property โข ๐ผ LinkedIn
%%{
init: { 'theme': 'base', 'themeVariables': { 'primaryColor': '#1565C0', 'lineColor': '#1565C0' } }
}%%
mindmap
root((Hack23 Assets))
Identities
Google MFA
GitHub: pethers MFA
AWS Identity Center MFA
SaaS & Platforms
Accounting: Bokio
Banking: SEB
Dev: GitHub Org
Payments: Stripe
Marketing: YouTube ยท ProductHunt ยท X ยท TikTok
Search: GSC ยท Bing Webmaster
AWS Org (Control Tower)
Audit: 810580475124
Log Archive: 241765033212
hack23master: 172017021075
Permission Sets: Admin ยท PowerUser ยท ReadOnly ยท ServiceCatalog
Domains
hack23.com
blacktrigram.com
ciacompliancemanager.com
riksdagsmonitor.com
euparliamentmonitor.com
IP & Repos
Black Trigram
CIA Compliance Manager
Citizen Intelligence Agency
European Parliament MCP Server
EU Parliament Monitor
Game Template
Hack23 Homepage
Lambda in Private VPC
Riksdagsmonitor
Sonar CloudFormation Plugin
| #๏ธโฃ ID | ๐ค Person | โ๏ธ Email | ๐ ๏ธ Platforms | ๐ MFA | ๐ Notes | ๐ท๏ธ Types |
|---|
| U-001 | James Pether Sรถrling | pether.sorling@gmail.com | ๐ Google โข ๐ GitHub (pethers) โข โ๏ธ AWS SSO | Enabled | Google account is the hub for SaaS sign-ins listed below |  |
| #๏ธโฃ ID | ๐งฉ Service | ๐ค Account/Handle | โ
Status | ๐ MFA/2FA | ๐ Notes | ๐ท๏ธ Types |
|---|
| G-001 | ๐งพ Bokio | Google login | Active โ
| N/A (IdP) | Connected via Google |  |
| G-002 | ๐ณ Stripe | Google login | Active โ
| N/A (IdP) | Connected via Google |  |
| G-003 | ๐ Google Search Console | pether.sorling@gmail.com | Active โ
| Google MFA | Site verification |  |
| G-004 | ๐ Bing Webmaster Tools | pether.sorling@gmail.com | Active โ
| Google MFA | Site verification |  |
| G-005 | โถ๏ธ YouTube | @ via Google | Active โ
| Google MFA | Connected |  |
| G-006 | ๐ฆ Product Hunt | Google login | Active โ
| N/A (IdP) | Connected |  |
| G-007 | ๐ต TikTok | Google login | Active โ
| N/A (IdP) | Connected |  |
| G-008 | โ๏ธ X (Twitter) | Google login | Active โ
| N/A (IdP) | Connected |  |
| G-009 | ๐ผ LinkedIn (CEO) | https://www.linkedin.com/in/jamessorling/ | Active โ
| Platform MFA | Professional profile |  |
| G-010 | ๐ผ LinkedIn (Company) | https://www.linkedin.com/company/hack23/ | Active โ
| Platform MFA | Company page |  |
| #๏ธโฃ ID | ๐ Account | ๐ MFA | ๐ Connected Apps | ๐ Notes | ๐ท๏ธ Types |
|---|
| GH-001 | pethers | Enabled | โ | Used across Hack23 org projects |  |
| GH-INT-001 | Integration: SonarSource (SonarCloud) | N/A | โ | SAST (static analysis) |  |
| GH-INT-002 | Integration: FOSSA | N/A | โ | Open source compliance (license/security) |  |
See SUPPLIER.md for detailed posture (costs, SLAs, risks).
| #๏ธโฃ ID | โ๏ธ Service | ๐ข Account/Org | ๐ฆ Plan/Status | ๐ค Owner | ๐ MFA | ๐ Notes | ๐ท๏ธ Classification |
|---|
| S-001 | โ๏ธ AWS | Hack23 (Control Tower) | Active โ
| CEO | Enforced via AWS Identity Center | Mission critical |  |
| S-002 | ๐ GitHub | hack23 (org) | Active โ
| CEO | Required | Version control, CI/CD |  |
| S-003 | ๐ฆ SEB | Corporate Banking | Active โ
| CEO | Bank MFA | Payments/payroll |  |
| S-004 | ๐งพ Bokio | Company workspace | Active โ
| CEO | IdP (Google) | Accounting |  |
| S-005 | ๐ถ Suno | Subscription | Active โ
| CEO | Platform MFA | Marketing content |  |
| S-006 | ๐๏ธ ElevenLabs | Subscription | Active โ
| CEO | Platform MFA | Audio/voice |  |
| S-007 | ๐ค OpenAI | API | Active โ
| CEO | API / Account MFA | AI services |  |
| S-008 | ๐ณ Stripe | Platform | Active โ
| CEO | Platform MFA | Payments |  |
| S-009 | ๐ Google Search Console | pether.sorling@gmail.com | Active (Free) โ
| CEO | Google MFA | SEO verification & metrics |  |
| S-010 | ๐ Bing Webmaster Tools | pether.sorling@gmail.com | Active (Free) โ
| CEO | Google MFA | SEO coverage for Bing |  |
| S-011 | โถ๏ธ YouTube | Channel via Google | Active (Free) โ
| CEO | Google MFA | Marketing channel |  |
| S-012 | ๐ฆ Product Hunt | hack23 | Active (Free) โ
| CEO | IdP (Google) | Launch listings |  |
| S-013 | ๐ต TikTok | hack23 | Active (Free) โ
| CEO | IdP (Google) | Social marketing |  |
| S-014 | โ๏ธ X (Twitter) | hack23 | Active (Free) โ
| CEO | IdP (Google) | Social updates |  |
| S-015 | ๐ผ LinkedIn (CEO) | jamessorling | Active (Free) โ
| CEO | Platform MFA | Executive profile |  |
| S-016 | ๐ผ LinkedIn (Company) | Hack23 AB | Active (Free) โ
| CEO | Platform MFA | Company page |  |
| S-017 | ๐ก๏ธ SonarSource (SonarCloud) | GitHub org integration | Active (Free/public) โ
| CEO | GitHub OAuth | SAST for public repos only |  |
| S-018 | โ๏ธ FOSSA | GitHub org integration | Active (Free/public) โ
| CEO | GitHub OAuth | OSS license/security for public repos |  |
Supplier: AWS (accounts via AWS Organizations). Control Tower is used for governance/security and SSO; IAM Identity Center with MFA enforced.
Note: AWS WorkMail uses MFA through Identity Center.
| #๏ธโฃ ID | ๐ท๏ธ Account Name | ๐ Account ID | โ๏ธ Root Email | ๐ฏ Purpose | ๐ท๏ธ Types |
|---|
| AWS-001 | Audit | 810580475124 | audit@hack23.com | Security/audit (CT Log/Audit pattern) |  |
| AWS-002 | Log archive | 241765033212 | log-archive@hack23.com | Central immutable logs |  |
| AWS-003 | hack23master | 172017021075 | pether.sorling@gmail.com | Primary workload/management |  |
| #๏ธโฃ ID | ๐ก๏ธ Permission Set | ๐ Scope | ๐ Keys |
|---|
| PS-001 | AWSAdministratorAccess | Audit, hack23master | Access keys in use (as provided) |
| PS-002 | AWSPowerUserAccess | Audit, hack23master | Access keys in use (as provided) |
| PS-003 | AWSReadOnlyAccess | Audit, hack23master | Access keys in use (as provided) |
| PS-004 | AWSServiceCatalogAdminFullAccess | hack23master | Access keys in use (as provided) |
| PS-005 | AWSServiceCatalogEndUserAccess | hack23master | Access keys in use (as provided) |
flowchart LR
A["Control Tower Org"]
AU["Audit\n810580475124\naudit@hack23.com"]
LA["Log Archive\n241765033212\nlog-archive@hack23.com"]
HM["hack23master\n172017021075\npether.sorling@gmail.com"]
A --> AU
A --> LA
A --> HM
subgraph "Permission Sets"
PS1["AWSAdministratorAccess"]
PS2["AWSPowerUserAccess"]
PS3["AWSReadOnlyAccess"]
PS4["AWSServiceCatalogAdminFullAccess"]
PS5["AWSServiceCatalogEndUserAccess"]
end
AU --- PS1
AU --- PS2
AU --- PS3
HM --- PS1
HM --- PS2
HM --- PS3
HM --- PS4
HM --- PS5
classDef ct fill:#FFC107,stroke:#FFA000,stroke-width:2px,color:#000000;
classDef acct fill:#1565C0,stroke:#1565C0,color:#0d47a1;
class A ct;
class AU,LA,HM acct;
- DNS provider: Amazon Route 53 (hosted zones in AWS)
- DNSSEC: Enabled for all domains (DS records published at registrar)
| Security Check | Tool | hack23.com | blacktrigram.com | ciacompliancemanager.com | riksdagsmonitor.com | euparliamentmonitor.com |
|---|
| DNSSEC | DNSViz | โ
Signed | โ
Signed | โ
Signed | โ
Signed | โ
Signed |
| SPF | MXToolbox | โ
Valid | โ
Valid | โ
Valid | โ
Valid | โ
Valid |
| DKIM | MXToolbox | โ
Valid | โ
Valid | N/A | N/A | N/A |
| DMARC | MXToolbox | โ
Valid | โ
Valid | โ
Valid | โ
Valid | โ
Valid |
| CAA | DNS Lookup | โ
Set | โ
Set | โ
Set | โ
Set | โ
Set |
| HTTPS | SSL Labs | โ
A+ | โ
A+ | โ
A+ | โ
A+ | โ
A+ |
| Service | Purpose | Data Classification | Status |
|---|
| WAF | Web application firewall for hack23.com/blacktrigram.com |  | โ
Active |
| Security Hub | Centralized security findings and compliance |  | โ
Active |
| Detective | Security investigation and threat hunting |  | โ
Active |
| Inspector | Vulnerability assessment for EC2/Lambda/containers |  | โ
Active |
| GuardDuty | Threat detection across accounts |  | โ
Active |
| Config | Compliance rules and resource tracking |  | โ
Active |
| Macie | Sensitive data discovery in S3 |  | โ
Active |
| CloudTrail | API audit logging across all accounts |  | โ
Active |
| Service | Purpose | Data Classification | Status |
|---|
| RDS | PostgreSQL for CIA application |  | โ
Active |
| Route 53 | DNS management with DNSSEC |  | โ
Active |
| WorkMail | Corporate email (james@hack23.com) |  | โ
Active |
| KMS | Encryption key management |  | โ
Active |
| S3 | Static website hosting, backups, logs |  | โ
Active |
| VPC | Network isolation for Lambda/RDS |  | โ
Active |
| Glacier | Long-term backup storage |  | โ
Active |
| CloudFront | CDN for hack23.com, blacktrigram.com, riksdagsmonitor.com, euparliamentmonitor.com, and ciacompliancemanager.com (5 distributions, 19.6M requests/mo combined) |  | โ
Active |
| Lambda | Serverless functions for APIs |  | โ
Active |
| Control Tower | Multi-account governance |  | โ
Active |
| Identity Center | SSO and permission management |  | โ
Active |
| Service | Purpose | Data Classification | Status |
|---|
| Cost Explorer | Cost analysis and optimization |  | โ
Active |
| CloudWatch Events | Event-driven automation |  | โ
Active |
| CloudWatch | Metrics, logs, and alarms |  | โ
Active |
| Data Transfer | Cross-region and internet transfer | N/A | โ
Active |
| Service | Purpose | Data Classification | Status |
|---|
| Resilience Hub | Application resilience assessment and policy gating |  | โ
Active |
| Fault Injection Service | Chaos experiments to validate failover/recovery |  | โ
Active |
| AWS Backup | Centralized backup plans, cross-region copies, immutable vaults |  | โ
Active |
| Backup Audit Manager | Backup compliance controls and reporting |  | โ
Active |
| Service | Purpose | Data Classification | Timeline |
|---|
| API Gateway | REST/GraphQL APIs for Black Trigram |  | Q2 2025 |
| DynamoDB | NoSQL for game state and user data |  | Q2 2025 |
| Cognito | User authentication for products |  | Q3 2025 |
| ECS/Fargate | Container hosting for microservices |  | Q3 2025 |
graph TB
subgraph Detection["๐ Detection Layer"]
GD[GuardDuty<br/>Threat Detection]
DT[Detective<br/>Investigation]
MC[Macie<br/>Data Discovery]
end
subgraph Protection["๐ก๏ธ Protection Layer"]
WAF[WAF<br/>Web Protection]
IN[Inspector<br/>Vulnerability Scan]
KMS[KMS<br/>Encryption]
end
subgraph Compliance["๐ Compliance Layer"]
SH[Security Hub<br/>Posture Management]
CFG[Config<br/>Compliance Rules]
CT[CloudTrail<br/>Audit Logs]
end
subgraph Infrastructure["๐๏ธ Infrastructure"]
CT_ORG[Control Tower<br/>Governance]
IDC[Identity Center<br/>SSO]
VPC[VPC<br/>Network Isolation]
end
GD --> SH
DT --> SH
MC --> SH
IN --> SH
CFG --> SH
CT --> S3[S3<br/>Log Storage]
CT --> GL[Glacier<br/>Archive]
style Detection fill:#4CAF50
style Protection fill:#1565C0
style Compliance fill:#FF9800
style Infrastructure fill:#D32F2F
| #๏ธโฃ ID | ๐ Domain | ๐ข Owner | โ
Status | ๐ Notes | ๐ท๏ธ Types | ๐ Evidence |
|---|
| D-001 | hack23.com | Hack23 AB | Active โ
| DNS: Route 53 โข DNSSEC: ON |  | DNSSEC โข Email โข SSL |
| D-002 | blacktrigram.com | Hack23 AB | Active โ
| DNS: Route 53 โข DNSSEC: ON |  | DNSSEC โข Email โข SSL |
| D-003 | ciacompliancemanager.com | Hack23 AB | Active โ
| DNS: Route 53 โข DNSSEC: ON |  | DNSSEC โข SSL |
| D-004 | riksdagsmonitor.com | Hack23 AB | Active โ
| DNS: Route 53 โข DNSSEC: ON |  | DNSSEC โข SSL |
| D-005 | euparliamentmonitor.com | Hack23 AB | Active โ
| DNS: Route 53 โข DNSSEC: ON |  | DNSSEC โข SSL |
Statement: All copyrights remain with the CEO and sole owner of Hack23.com.
Live security posture badges for all Hack23 intellectual property assets:
| Project | OpenSSF Scorecard | License | CI Status | Additional Evidence |
|---|
| Black Trigram |  |  |  |  |
| CIA Compliance Manager |  |  |  |  |
| Citizen Intelligence Agency |  |  |  |  |
| European Parliament MCP Server |  |  |  |  |
| EU Parliament Monitor |  |  |  |  |
| Game Template |  |  |  | Template repo |
| Hack23 Homepage |  |  |  | Corporate website |
| Lambda in Private VPC |  |  |  | AWS Reference Architecture |
| Riksdagsmonitor |  |  |  |  |
| Sonar CloudFormation Plugin โ ๏ธ |  |  |  |  |
All intellectual property created by or for Hack23 AB is managed systematically to ensure legal protection, proper licensing, and secure disposal when necessary.
| IPR Category | Handling Requirements | Protection Measures | Disposal Method |
|---|
| Source Code | Apache-2.0 license, copyright notices | GitHub private/public repos, code review, commit signing | Secure repository deletion with backup retention |
| Documentation | Creative Commons BY-SA 4.0 for public docs | Version control, review process | Standard file deletion after retention period |
| Trademarks | Brand guidelines, usage restrictions | Registered where applicable, monitoring | Transfer or abandonment per legal counsel |
| Trade Secrets | Need-to-know access, NDA requirements | Encryption, access controls, audit logging | Secure deletion per Data Classification Policy |
| Patents | Prior art documentation, invention disclosures | Legal filing if commercially valuable | Abandonment after evaluation |
- Copyright Notices: All source files include SPDX headers with copyright attribution
- License Compliance: FOSSA scanning ensures dependency license compatibility (see Open Source Policy)
- Access Control: IPR classified per Classification Framework with appropriate access restrictions
- Secure Disposal: High/Very High confidentiality IPR requires secure deletion with verification
| Third-Party IPR | Usage Rights | Compliance Verification | Review Frequency |
|---|
| Open Source Dependencies | Per dependency license | FOSSA automated scanning | Every commit |
| Cloud Service IP | AWS Customer Agreement terms | Terms review during renewals | Annual |
| SaaS Platform Tools | Per service agreement | Terms acceptance documented | Semi-Annual |
| Stock Media | Royalty-free or licensed | License verification in Asset Register | Annual |
This section implements ISO 27001 A.5.11 (Return of assets) and A.6.5 (Responsibilities after termination), ensuring systematic asset recovery and access revocation.
| Asset Category | Return/Revocation Actions | Verification | Responsibility |
|---|
| Physical Devices | Mobile devices, laptops returned to CEO | Physical receipt + device wipe log | Departing individual + CEO |
| Cloud Access | AWS Identity Center access revoked | IAM logs reviewed | CEO |
| Repository Access | GitHub organization membership removed | Audit log confirmation | CEO |
| Email Access | WorkMail account disabled | Email forwarding configured if needed | CEO |
| SaaS Access | Google Workspace suspension | Admin console log | CEO |
| Asset Category | Return/Revocation Actions | Verification | Responsibility |
|---|
| Credentials | All passwords reset, MFA devices deregistered | Authentication logs reviewed | CEO |
| VPN/Network | VPN certificates revoked, firewall rules updated | Connection logs verified empty | CEO |
| Documentation | Company confidential documents returned/deleted | Confirmation statement signed | Departing individual |
| IP/Trade Secrets | Reminder of confidentiality obligations | Acknowledgment signed | Departing individual |
| Action | Completion Criteria | Documentation |
|---|
| Final backup verification | Confirm departing individual data archived per retention policy | Backup log entry |
| Security review | Review access logs for anomalous activity | Security review memo |
| NDA reminder | Send reminder of ongoing confidentiality obligations | Certified email |
| Exit interview | Document knowledge transfer and lessons learned | Exit interview notes |
Based on Classification Framework:
| Asset Classification | Return Priority | Access Revocation SLA | Verification Method |
|---|
 | ๐ด Critical - Immediate | 4 hours | Manual verification + automated scanning |
 | ๐ High - Same day | 24 hours | Automated log review |
 | ๐ก Medium - Within 3 days | 72 hours | Automated log review |
 | ๐ข Standard - Within 7 days | 7 days | Quarterly access review |
The following documentation is maintained for each termination:
- Asset Return Receipt: Physical confirmation of device returns
- Access Revocation Log: Timestamped log of all access removals
- Data Archival Certificate: Confirmation of data retention compliance
- Confidentiality Reminder: Acknowledgment of ongoing obligations
- Final Security Review: Post-termination security assessment
%%{
init: { 'theme': 'base', 'themeVariables': { 'primaryColor': '#4CAF50', 'lineColor': '#4CAF50' } }
}%%
mindmap
root((Controls))
Identities
MFA on Google, GitHub, AWS
Quarterly app reviews
Passkeys where supported
Single IdP strategy Google
AWS Security 27 Services
8 security services active
GuardDuty threat detection
Security Hub centralized
Macie data discovery
WAF application protection
Inspector vulnerability scans
Detective investigation
Config compliance rules
CloudTrail full audit
Infrastructure Controls
Control Tower governance
Identity Center SSO
KMS encryption everything
VPC network isolation
Route 53 DNSSEC
S3 versioning enabled
Glacier immutable backups
WorkMail secure email
SaaS Management
Google IdP central
18 integrated services
Quarterly access audits
Export procedures ready
Alternative suppliers mapped
Domains & DNS
Route 53 hosted zones
DNSSEC all 5 domains
Registrar locks active
Auto-renewal configured
Expiry alerts CloudWatch
IP Protection
10 active repositories
Open source licensing
Copyright CEO owned
FOSSA compliance scan
SonarCloud quality gate
MCP directory listings
%%{
init: { 'theme': 'base', 'themeVariables': { 'primaryColor': '#FF9800', 'lineColor': '#FF9800' } }
}%%
mindmap
root((SWOT Analysis))
Strengths
27 AWS services deployed
8 dedicated security tools
Control Tower multi-account
100% MFA coverage
DNSSEC all domains
CloudTrail complete audit
KMS encryption at rest
Automated threat detection
10 IP assets documented
Weaknesses
Single person dependency
Access keys still active
No break glass procedure
Limited DR testing
Manual security reviews
18 SaaS dependencies
Google IdP single point
Opportunities
Automate with AWS APIs
Implement SCPs
SSO token rotation
Lambda automation
GitHub Actions CI/CD
API Gateway monetization
DynamoDB scaling
Cognito user management
Threats
Supply chain attacks
Zero day vulnerabilities
AWS service outages
Sophisticated phishing
NIS2 compliance changes
Third party breaches
Domain hijacking
IP theft attempts
%%{
init: { 'theme': 'base', 'themeVariables': { 'primaryColor': '#1565C0', 'lineColor': '#1565C0' } }
}%%
mindmap
root((Asset Coverage))
AWS 27 Services
Security 8
WAF, GuardDuty, Detective
Inspector, Macie, Security Hub
Config, CloudTrail
Infrastructure 11
RDS, Route 53, WorkMail
KMS, S3, VPC, Glacier
CloudFront, Lambda
Control Tower, Identity Center
Monitoring 4
CloudWatch, Events
Cost Explorer, Data Transfer
Planned 4
API Gateway, DynamoDB
Cognito, ECS Fargate
SaaS 18 Services
Critical 4
GitHub, SEB, Stripe, Bokio
Marketing 10
YouTube, TikTok, X
Product Hunt, LinkedIn
Google Search Console
Bing Webmaster
Content 2
Suno, ElevenLabs
Security 2
SonarCloud, FOSSA
Domains 5
hack23.com
blacktrigram.com
ciacompliancemanager.com
riksdagsmonitor.com
euparliamentmonitor.com
IP Assets 10
Black Trigram game
CIA Compliance Manager
Citizen Intelligence Agency
European Parliament MCP Server
EU Parliament Monitor
Game Template
Hack23 Homepage
Lambda in Private VPC
Riksdagsmonitor
Sonar CloudFormation Plugin
%%{
init: { 'theme': 'base', 'themeVariables': { 'primaryColor': '#D32F2F', 'lineColor': '#D32F2F' } }
}%%
mindmap
root((Risk Priorities))
Critical Risks
Single point of failure CEO
AWS root account security
Access key exposure
Domain hijacking
IP theft exposure
High Risks
GitHub supply chain
Google IdP dependency
Data breach potential
Compliance gaps NIS2
WorkMail compromise
Medium Risks
Cost overruns AWS
Service degradation
Third party failures
Documentation gaps
Backup restore failures
Low Risks
Content generation delays
Social media issues
Free tier limits
Marketing tool failures
Analytics disruption
graph LR
subgraph "๐ Identity & Access"
ID1[Google MFA]
ID2[GitHub MFA]
ID3[AWS SSO MFA]
ID4[18 SaaS via Google]
end
subgraph "๐ก๏ธ AWS Security Stack"
SEC1[8 Security Services]
SEC2[CloudTrail Audit]
SEC3[Control Tower]
SEC4[KMS Encryption]
end
subgraph "๐ Web & Domains"
WEB1[hack23.com]
WEB2[blacktrigram.com]
WEB3[Route 53 DNSSEC]
WEB4[CloudFront CDN]
WEB5[ciacompliancemanager.com]
WEB6[riksdagsmonitor.com]
WEB7[euparliamentmonitor.com]
end
subgraph "๐ผ Business Systems"
BUS1[SEB Banking]
BUS2[Bokio Accounting]
BUS3[Stripe Payments]
BUS4[WorkMail Email]
end
subgraph "๐ Development"
DEV1[GitHub Repos]
DEV2[10 IP Assets]
DEV3[Lambda Functions]
DEV4[CI/CD Pipeline]
end
ID1 --> ID4
SEC1 --> SEC2
SEC3 --> SEC4
WEB3 --> WEB1
WEB3 --> WEB2
WEB3 --> WEB5
WEB3 --> WEB6
WEB3 --> WEB7
style ID1 fill:#4CAF50
style SEC1 fill:#1565C0
style WEB1 fill:#FFC107
style BUS1 fill:#FF9800
style DEV1 fill:#7B1FA2
| Date (UTC) | Change |
|---|
| 2026-06-02 | v2.4: Updated CloudFront to reflect 5 distributions (19.6M requests/mo combined); Added euparliamentmonitor.com to DNS security evidence table; Updated IP asset count to 10 active repos; Added MCP directory listings to controls mindmap; Updated traffic metrics |
| 2026-03-05 | v2.3: Added euparliamentmonitor.com domain (D-005); Updated EU Parliament Monitor website URL; Updated all mindmaps and security posture diagrams to reflect 5 domains and 10 IP assets |
| 2026-02-26 | v2.2: Added European Parliament MCP Server, EU Parliament Monitor (euparliamentmonitor), and Riksdagsmonitor to IP assets; Updated mindmaps and security evidence tables; Total 10 IP assets registered |
| 2026-01-25 | v2.0: Added domains D-003 (ciacompliancemanager.com) and D-004 (riksdagsmonitor.com); Added Game Template to IP; Added comprehensive domain security evidence links (DNSSEC, SPF/DKIM/DMARC, SSL); Marked Sonar CloudFormation Plugin as archived; Updated for ISMS-PUBLIC publication |
| 2025-11-05 | Added ยง 5.1 IPR Handling and ยง 5.2 Asset Return/Termination procedures (ISO 27001 A.5.11, A.5.32, A.6.5) |
| 2025-08-14 | Stripe status confirmed active (removed 'planned'); Insurance (Trygg Hansa) planned start 2025-09-01 |
| 2025-08-12 | Initial complete register created from provided inputs |
| Date | Finding | Action | Status |
|---|
| 2025-08-14 | 27 AWS services documented | Complete service inventory | โ
Completed |
| 2025-08-14 | 8 security services active | Enterprise-grade security posture | โ
Active |
| 2025-08-14 | 18 SaaS services integrated | Documented dependencies | โ
Completed |
| 2026-02-26 | 10 IP assets registered | Added European Parliament MCP Server, EU Parliament Monitor, Riksdagsmonitor | โ
Active |
| 2026-01-25 | 7 IP assets registered | Added Game Template; Copyright protection confirmed (see Open Source Policy) | โ
Active |
| 2025-08-14 | 2 domains with DNSSEC | Enhanced DNS security | โ
Completed |
| 2026-01-25 | 4 domains with DNSSEC | Added ciacompliancemanager.com and riksdagsmonitor.com | โ
Completed |
| 2026-03-05 | 5 domains with DNSSEC | Added euparliamentmonitor.com (D-005) | โ
Completed |
| 2025-08-14 | Access keys in use | Plan migration to SSO tokens | โณ In Progress |
| 2025-08-14 | No SCPs configured | Implement organizational policies | ๐ด Not Started |
| 2025-08-14 | No break-glass procedure | Document emergency access | ๐ด Not Started |
๐ Document Control:
โ
Approved by: James Pether Sรถrling, CEO
๐ค Distribution: CEO, Insurance Company, Legal Counsel
๐ท๏ธ Classification: 
๐
Effective Date: 2026-06-02
โฐ Next Review: 2027-09-02
๐ฏ Framework Compliance:
