[27005] adapt the tool to the new version of 27005

[jerolomb]

The tool has to evolve like the norm :

First phase changes:

• In the risk treatment plan, the word “reduction” should be changed to “modification.” (ISO 27005:8.2)
• The algorithm of modification should be reviewed accordingly
• Operational risk should be renamed, in the norm it is now referenced rather to the information risk (ISO 27005:A.13 (and a lot of others implicit references)), I propose to rename it to "strategic risk"

** Bonus **

• Encode new ISO 27002 on the common DB Change from 27002:2013 to :2022 (default deployment) #539

Second phase changes:

• Identify in depth changes needed (event and strategic scenario)
• Implement the changes