Benjamin_Boenisch/breakpilot-compliance
1
1
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity

feat(gap): IST-Zustand Assessment — IACE + Normen + Prozesse

Browse Source 
Gap Analysis v2: statt 500 generische Gaps → nur die ECHTEN Lücken.

Backend:
- ProductProfile um 15 IST-Felder erweitert (Normen, Doku, Prozesse, CE)
- assessGapStatus prüft: IACE-Mitigations → Zertifizierungen → Normen → IST-Felder
- norm_mapping.go: 20 Normen → MC-Topic Mapping (ISO 12100, IEC 62443, etc.)
- IACE-Integration: CheckIACECoverage() matcht verified Mitigations gegen MCs

Frontend:
- 2-Step Wizard: Produkt beschreiben → IST-Zustand erfassen
- IstAssessment.tsx: CE-Jahr, Normen-Multiselect, Doku+Prozess Checkboxen
- Step-Navigation mit visuellen Indikatoren

Migration 025 erweitert um IST-Felder.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
2026-05-11 08:33:17 +02:00
parent 285b74382a
commit 8f169cbae3
7 changed files with 473 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ai-compliance-sdk/internal/gap/models.go
+24
View File
@@ -52,6 +52,30 @@ type ProductProfile struct {
// Existing certifications (reduces gap count)
ExistingCertifications []string `json:"existing_certifications" db:"-"` // ISO27001, CE, SOC2
// ── IST-Zustand (was hat der Hersteller bereits?) ──────────────
// Verbindung zu bestehendem IACE Projekt
IACEProjectID *uuid.UUID `json:"iace_project_id" db:"iace_project_id"`
// Angewandte Normen
AppliedNorms []string `json:"applied_norms" db:"-"` // ISO12100, EN61326, EN62368
// Bestehende Dokumentation
HasRiskAssessment bool `json:"has_risk_assessment" db:"has_risk_assessment"`
HasTechnicalFile bool `json:"has_technical_file" db:"has_technical_file"`
HasOperatingManual bool `json:"has_operating_manual" db:"has_operating_manual"`
HasSBOM bool `json:"has_sbom" db:"has_sbom"`
// Bestehende Prozesse
HasVulnManagement bool `json:"has_vuln_management" db:"has_vuln_management"`
HasUpdateMechanism bool `json:"has_update_mechanism" db:"has_update_mechanism"`
HasIncidentResponse bool `json:"has_incident_response" db:"has_incident_response"`
HasSupplyChainMgmt bool `json:"has_supply_chain_mgmt" db:"has_supply_chain_mgmt"`
// CE/Produktsicherheit
CEMarkingSince *string `json:"ce_marking_since" db:"ce_marking_since"`
ProductAge string `json:"product_age" db:"product_age"`
// Metadata
CreatedAt time.Time `json:"created_at" db:"created_at"`
UpdatedAt time.Time `json:"updated_at" db:"updated_at"`