fix(compliance): align rule reference and framework mappings

[m-khan-97]

Summary

• Update the rules reference from 39 to 44 scanner rules.
• Add the newer AZ-IDN-005 to AZ-IDN-009 and AZ-PQC-001 to AZ-PQC-003 rules to the reference table.
• Align stale rule-reference framework IDs with the scanner rule constants.
• Add missing framework mappings for AZ-KV-003, AZ-NET-012, and AZ-CMP-003 so every scanner rule is represented across CIS, NIST CSF, ISO 27001, and SOC 2.

Why

The scanner now contains 44 rules, but the rule reference and compliance framework JSON files had drifted. This could undercount compliance coverage and make the documentation disagree with the rule metadata shipped by the scanner.

Validation

• python3 -m json.tool on all compliance framework JSON files
• Audit script confirmed all 44 scanner rules are documented and represented in every framework JSON
• python3 -m pytest tests/test_rules_storage.py tests/test_rules_network.py tests/test_rules_identity.py tests/test_rules_database.py tests/test_rules_keyvault.py tests/test_pqc_rules.py -q passed with 22 passed
• GitHub Actions passed: OpenShield CI, CodeQL Python, and CodeQL JavaScript/TypeScript

Note: after installing the missing local Python packages, full python3 -m pytest -q is still blocked locally because api.app initializes the Flask app and database migrations at import time, and this shell does not have DATABASE_URL configured.

[m-khan-97]

CI is green. This PR is ready for review and keeps scope limited to compliance/documentation drift.

@Vishnu2707 could you please review when you get a chance?