fix(scope): Evaluierung crasht (answerValue→value), Profil-Persistenz, Block-Umbenennungen
Some checks failed
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-go-ai-compliance (push) Failing after 36s
CI / test-python-backend-compliance (push) Successful in 42s
CI / test-python-document-crawler (push) Successful in 27s
CI / test-python-dsms-gateway (push) Successful in 25s
Some checks failed
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-go-ai-compliance (push) Failing after 36s
CI / test-python-backend-compliance (push) Successful in 42s
CI / test-python-document-crawler (push) Successful in 27s
CI / test-python-dsms-gateway (push) Successful in 25s
- compliance-scope-engine: answerValue→value (Property existierte nicht, Crash bei Evaluierung) - company-profile: saveProfileDraft synct jetzt Redux-State (Daten bleiben bei Navigation) - Scope-Bloecke umbenannt: Kunden & Nutzer, Datenverarbeitung, Hosting & Verarbeitung, Website und Services - org_cert_target + data_volume als Hidden Scoring Questions (Duplikate entfernt) - ai_risk_assessment: boolean→single mit Ja/Nein/Noch nicht - 6 neue Abteilungs-Datenkategorien: IT, Recht, Produktion, Logistik, Einkauf, Facility Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
@@ -21,14 +21,16 @@ export const PROFILE_AUTOFILL_QUESTION_IDS = [
|
||||
'org_industry',
|
||||
'org_business_model',
|
||||
'org_has_dsb',
|
||||
'org_cert_target',
|
||||
'data_volume',
|
||||
'prod_type',
|
||||
'prod_webshop',
|
||||
] as const
|
||||
|
||||
const BLOCK_1_ORGANISATION: ScopeQuestionBlock = {
|
||||
id: 'organisation',
|
||||
title: 'Organisation & Reife',
|
||||
description: 'Grundlegende Informationen zu Ihrer Organisation und Compliance-Zielen',
|
||||
title: 'Kunden & Nutzer',
|
||||
description: 'Informationen zu Ihren Kunden und Nutzern',
|
||||
order: 1,
|
||||
questions: [
|
||||
{
|
||||
@@ -46,22 +48,6 @@ const BLOCK_1_ORGANISATION: ScopeQuestionBlock = {
|
||||
],
|
||||
scoreWeights: { risk: 6, complexity: 7, assurance: 6 },
|
||||
},
|
||||
{
|
||||
id: 'org_cert_target',
|
||||
type: 'multi',
|
||||
question: 'Welche Zertifizierungen streben Sie an oder besitzen Sie bereits?',
|
||||
helpText: 'Mehrfachauswahl möglich. Zertifizierungen erhöhen den Assurance-Bedarf',
|
||||
required: false,
|
||||
options: [
|
||||
{ value: 'ISO27001', label: 'ISO 27001 (Informationssicherheit)' },
|
||||
{ value: 'ISO27701', label: 'ISO 27701 (Datenschutz-Erweiterung)' },
|
||||
{ value: 'TISAX', label: 'TISAX (Automotive)' },
|
||||
{ value: 'SOC2', label: 'SOC 2 (US-Standard)' },
|
||||
{ value: 'BSI-Grundschutz', label: 'BSI IT-Grundschutz' },
|
||||
{ value: 'Keine', label: 'Keine Zertifizierung geplant' },
|
||||
],
|
||||
scoreWeights: { risk: 3, complexity: 5, assurance: 10 },
|
||||
},
|
||||
],
|
||||
}
|
||||
|
||||
@@ -70,7 +56,7 @@ const BLOCK_1_ORGANISATION: ScopeQuestionBlock = {
|
||||
*/
|
||||
const BLOCK_2_DATA: ScopeQuestionBlock = {
|
||||
id: 'data',
|
||||
title: 'Daten & Betroffene',
|
||||
title: 'Datenverarbeitung',
|
||||
description: 'Art und Umfang der verarbeiteten personenbezogenen Daten',
|
||||
order: 2,
|
||||
questions: [
|
||||
@@ -131,21 +117,6 @@ const BLOCK_2_DATA: ScopeQuestionBlock = {
|
||||
mapsToVVTQuestion: 'dept_finance',
|
||||
mapsToLFQuestion: 'data-buchhaltung',
|
||||
},
|
||||
{
|
||||
id: 'data_volume',
|
||||
type: 'single',
|
||||
question: 'Wie viele Personendatensätze verarbeiten Sie insgesamt?',
|
||||
helpText: 'Schätzen Sie die Gesamtzahl betroffener Personen',
|
||||
required: true,
|
||||
options: [
|
||||
{ value: '<1000', label: 'Unter 1.000' },
|
||||
{ value: '1000-10000', label: '1.000 bis 10.000' },
|
||||
{ value: '10000-100000', label: '10.000 bis 100.000' },
|
||||
{ value: '100000-1000000', label: '100.000 bis 1 Mio.' },
|
||||
{ value: '>1000000', label: 'Über 1 Mio.' },
|
||||
],
|
||||
scoreWeights: { risk: 7, complexity: 6, assurance: 6 },
|
||||
},
|
||||
],
|
||||
}
|
||||
|
||||
@@ -224,7 +195,7 @@ const BLOCK_3_PROCESSING: ScopeQuestionBlock = {
|
||||
*/
|
||||
const BLOCK_4_TECH: ScopeQuestionBlock = {
|
||||
id: 'tech',
|
||||
title: 'Technik, Hosting & Transfers',
|
||||
title: 'Hosting & Verarbeitung',
|
||||
description: 'Technische Infrastruktur und Datenübermittlung',
|
||||
order: 4,
|
||||
questions: [
|
||||
@@ -354,7 +325,7 @@ const BLOCK_5_PROCESSES: ScopeQuestionBlock = {
|
||||
*/
|
||||
const BLOCK_6_PRODUCT: ScopeQuestionBlock = {
|
||||
id: 'product',
|
||||
title: 'Produktkontext',
|
||||
title: 'Website und Services',
|
||||
description: 'Spezifische Merkmale Ihrer Produkte und Services',
|
||||
order: 6,
|
||||
questions: [
|
||||
@@ -433,6 +404,20 @@ export const HIDDEN_SCORING_QUESTIONS: ScopeProfilingQuestion[] = [
|
||||
required: false,
|
||||
scoreWeights: { risk: 5, complexity: 3, assurance: 6 },
|
||||
},
|
||||
{
|
||||
id: 'org_cert_target',
|
||||
type: 'multi',
|
||||
question: 'Zertifizierungen (aus Profil)',
|
||||
required: false,
|
||||
scoreWeights: { risk: 3, complexity: 5, assurance: 10 },
|
||||
},
|
||||
{
|
||||
id: 'data_volume',
|
||||
type: 'single',
|
||||
question: 'Personendatensaetze (aus Profil)',
|
||||
required: false,
|
||||
scoreWeights: { risk: 7, complexity: 6, assurance: 6 },
|
||||
},
|
||||
{
|
||||
id: 'prod_type',
|
||||
type: 'multi',
|
||||
@@ -494,10 +479,15 @@ const BLOCK_7_AI_SYSTEMS: ScopeQuestionBlock = {
|
||||
},
|
||||
{
|
||||
id: 'ai_risk_assessment',
|
||||
type: 'boolean',
|
||||
type: 'single',
|
||||
question: 'Haben Sie eine KI-Risikobewertung nach EU AI Act durchgeführt?',
|
||||
helpText: 'Risikoeinstufung der KI-Systeme (verboten / hochriskant / begrenzt / minimal)',
|
||||
required: false,
|
||||
options: [
|
||||
{ value: 'yes', label: 'Ja' },
|
||||
{ value: 'no', label: 'Nein' },
|
||||
{ value: 'not_yet', label: 'Noch nicht' },
|
||||
],
|
||||
scoreWeights: { risk: -5, complexity: 3, assurance: 8 },
|
||||
},
|
||||
],
|
||||
@@ -668,6 +658,84 @@ const BLOCK_9_DATENKATEGORIEN: ScopeQuestionBlock = {
|
||||
scoreWeights: { risk: 5, complexity: 3, assurance: 4 },
|
||||
mapsToVVTQuestion: 'dept_support_categories',
|
||||
},
|
||||
{
|
||||
id: 'dk_dept_it',
|
||||
type: 'multi',
|
||||
question: 'Welche Datenkategorien verarbeitet Ihre IT-Abteilung?',
|
||||
helpText: 'Waehlen Sie alle zutreffenden Datenkategorien fuer IT / Administration',
|
||||
required: false,
|
||||
options: DEPARTMENT_DATA_CATEGORIES.dept_it.categories.map(c => ({
|
||||
value: c.id,
|
||||
label: `${c.label}${c.isArt9 ? ' (Art. 9)' : ''}`,
|
||||
})),
|
||||
scoreWeights: { risk: 7, complexity: 5, assurance: 6 },
|
||||
mapsToVVTQuestion: 'dept_it_categories',
|
||||
},
|
||||
{
|
||||
id: 'dk_dept_recht',
|
||||
type: 'multi',
|
||||
question: 'Welche Datenkategorien verarbeitet Ihre Rechtsabteilung?',
|
||||
helpText: 'Waehlen Sie alle zutreffenden Datenkategorien fuer Recht / Compliance',
|
||||
required: false,
|
||||
options: DEPARTMENT_DATA_CATEGORIES.dept_recht.categories.map(c => ({
|
||||
value: c.id,
|
||||
label: `${c.label}${c.isArt9 ? ' (Art. 9)' : ''}`,
|
||||
})),
|
||||
scoreWeights: { risk: 6, complexity: 4, assurance: 6 },
|
||||
mapsToVVTQuestion: 'dept_recht_categories',
|
||||
},
|
||||
{
|
||||
id: 'dk_dept_produktion',
|
||||
type: 'multi',
|
||||
question: 'Welche Datenkategorien verarbeitet Ihre Produktion?',
|
||||
helpText: 'Waehlen Sie alle zutreffenden Datenkategorien fuer Produktion / Fertigung',
|
||||
required: false,
|
||||
options: DEPARTMENT_DATA_CATEGORIES.dept_produktion.categories.map(c => ({
|
||||
value: c.id,
|
||||
label: `${c.label}${c.isArt9 ? ' (Art. 9)' : ''}`,
|
||||
})),
|
||||
scoreWeights: { risk: 6, complexity: 4, assurance: 5 },
|
||||
mapsToVVTQuestion: 'dept_produktion_categories',
|
||||
},
|
||||
{
|
||||
id: 'dk_dept_logistik',
|
||||
type: 'multi',
|
||||
question: 'Welche Datenkategorien verarbeitet Ihre Logistik?',
|
||||
helpText: 'Waehlen Sie alle zutreffenden Datenkategorien fuer Logistik / Versand',
|
||||
required: false,
|
||||
options: DEPARTMENT_DATA_CATEGORIES.dept_logistik.categories.map(c => ({
|
||||
value: c.id,
|
||||
label: `${c.label}${c.isArt9 ? ' (Art. 9)' : ''}`,
|
||||
})),
|
||||
scoreWeights: { risk: 5, complexity: 3, assurance: 4 },
|
||||
mapsToVVTQuestion: 'dept_logistik_categories',
|
||||
},
|
||||
{
|
||||
id: 'dk_dept_einkauf',
|
||||
type: 'multi',
|
||||
question: 'Welche Datenkategorien verarbeitet Ihr Einkauf?',
|
||||
helpText: 'Waehlen Sie alle zutreffenden Datenkategorien fuer Einkauf / Beschaffung',
|
||||
required: false,
|
||||
options: DEPARTMENT_DATA_CATEGORIES.dept_einkauf.categories.map(c => ({
|
||||
value: c.id,
|
||||
label: `${c.label}${c.isArt9 ? ' (Art. 9)' : ''}`,
|
||||
})),
|
||||
scoreWeights: { risk: 4, complexity: 3, assurance: 4 },
|
||||
mapsToVVTQuestion: 'dept_einkauf_categories',
|
||||
},
|
||||
{
|
||||
id: 'dk_dept_facility',
|
||||
type: 'multi',
|
||||
question: 'Welche Datenkategorien verarbeitet Ihr Facility Management?',
|
||||
helpText: 'Waehlen Sie alle zutreffenden Datenkategorien fuer Facility Management',
|
||||
required: false,
|
||||
options: DEPARTMENT_DATA_CATEGORIES.dept_facility.categories.map(c => ({
|
||||
value: c.id,
|
||||
label: `${c.label}${c.isArt9 ? ' (Art. 9)' : ''}`,
|
||||
})),
|
||||
scoreWeights: { risk: 5, complexity: 3, assurance: 4 },
|
||||
mapsToVVTQuestion: 'dept_facility_categories',
|
||||
},
|
||||
],
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user