// ============================================================================ // SCORE WEIGHTS PRO FRAGE // ============================================================================ export const QUESTION_SCORE_WEIGHTS: Record< string, { risk: number; complexity: number; assurance: number } > = { // Organisationsprofil (6 Fragen) org_employee_count: { risk: 3, complexity: 5, assurance: 4 }, org_industry: { risk: 6, complexity: 4, assurance: 5 }, org_business_model: { risk: 5, complexity: 3, assurance: 4 }, org_customer_count: { risk: 4, complexity: 6, assurance: 5 }, org_cert_target: { risk: 2, complexity: 8, assurance: 9 }, org_has_dpo: { risk: 7, complexity: 2, assurance: 8 }, // Datenarten (5 Fragen) data_art9: { risk: 10, complexity: 7, assurance: 9 }, data_minors: { risk: 10, complexity: 6, assurance: 9 }, data_volume: { risk: 6, complexity: 7, assurance: 6 }, data_retention_years: { risk: 5, complexity: 4, assurance: 5 }, data_sources: { risk: 4, complexity: 5, assurance: 4 }, // Verarbeitungszwecke (9 Fragen) proc_adm_scoring: { risk: 9, complexity: 7, assurance: 8 }, proc_ai_usage: { risk: 8, complexity: 8, assurance: 8 }, proc_video_surveillance: { risk: 7, complexity: 5, assurance: 7 }, proc_employee_monitoring: { risk: 7, complexity: 5, assurance: 7 }, proc_tracking: { risk: 6, complexity: 4, assurance: 6 }, proc_dsar_process: { risk: 8, complexity: 6, assurance: 8 }, proc_deletion_concept: { risk: 7, complexity: 5, assurance: 7 }, proc_incident_response: { risk: 9, complexity: 6, assurance: 9 }, proc_regular_audits: { risk: 5, complexity: 7, assurance: 8 }, // Technik (7 Fragen) tech_hosting_location: { risk: 7, complexity: 5, assurance: 7 }, tech_third_country: { risk: 8, complexity: 6, assurance: 8 }, tech_encryption_transit: { risk: 8, complexity: 4, assurance: 8 }, tech_encryption_rest: { risk: 8, complexity: 4, assurance: 8 }, tech_access_control: { risk: 7, complexity: 5, assurance: 7 }, tech_logging: { risk: 6, complexity: 5, assurance: 7 }, tech_backup_recovery: { risk: 6, complexity: 5, assurance: 7 }, // Produkt/Features (5 Fragen) prod_webshop: { risk: 5, complexity: 4, assurance: 5 }, prod_data_broker: { risk: 9, complexity: 7, assurance: 8 }, prod_api_external: { risk: 6, complexity: 5, assurance: 6 }, prod_consent_management: { risk: 7, complexity: 5, assurance: 8 }, prod_data_portability: { risk: 4, complexity: 5, assurance: 5 }, // Compliance Reife (3 Fragen) comp_training: { risk: 5, complexity: 4, assurance: 7 }, comp_vendor_management: { risk: 6, complexity: 6, assurance: 7 }, comp_documentation_level: { risk: 6, complexity: 7, assurance: 8 }, } // ============================================================================ // ANSWER MULTIPLIERS FÜR SINGLE-CHOICE FRAGEN // ============================================================================ export const ANSWER_MULTIPLIERS: Record> = { org_employee_count: { '1-9': 0.1, '10-49': 0.3, '50-249': 0.5, '250-999': 0.7, '1000+': 1.0, }, org_industry: { tech: 0.4, finance: 0.8, healthcare: 0.9, public: 0.7, retail: 0.5, education: 0.6, other: 0.3, }, org_business_model: { b2b: 0.4, b2c: 0.7, b2b2c: 0.6, internal: 0.3, }, org_customer_count: { '0-100': 0.1, '100-1000': 0.2, '1000-10000': 0.4, '10000-100000': 0.7, '100000+': 1.0, }, data_volume: { '<1000': 0.1, '1000-10000': 0.2, '10000-100000': 0.4, '100000-1000000': 0.7, '>1000000': 1.0, }, data_retention_years: { '<1': 0.2, '1-3': 0.4, '3-5': 0.6, '5-10': 0.8, '>10': 1.0, }, tech_hosting_location: { eu: 0.2, eu_us_adequacy: 0.4, us_adequacy: 0.6, drittland: 1.0, }, tech_access_control: { none: 1.0, basic: 0.6, rbac: 0.3, advanced: 0.1, }, tech_logging: { none: 1.0, basic: 0.6, comprehensive: 0.2, }, tech_backup_recovery: { none: 1.0, basic: 0.5, tested: 0.2, }, comp_documentation_level: { none: 1.0, basic: 0.6, structured: 0.3, comprehensive: 0.1, }, }