3c4f7d900d
Split the monolithic file into three content modules plus a barrel re-export: - compliance-scope-profiling-blocks.ts (489 LOC): blocks 1-7, hidden questions, autofill IDs - compliance-scope-profiling-vvt-blocks.ts (274 LOC): blocks 8-9, SCOPE_QUESTION_BLOCKS aggregate - compliance-scope-profiling-helpers.ts (359 LOC): all prefill/export/progress functions - compliance-scope-profiling.ts (41 LOC): barrel re-export preserving existing import paths All files under the 500 LOC hard cap. No consumer changes needed. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
275 lines
10 KiB
TypeScript
275 lines
10 KiB
TypeScript
import type {
|
|
ScopeQuestionBlock,
|
|
} from './compliance-scope-types'
|
|
import { DEPARTMENT_DATA_CATEGORIES } from './vvt-profiling'
|
|
import {
|
|
BLOCK_1_ORGANISATION,
|
|
BLOCK_2_DATA,
|
|
BLOCK_3_PROCESSING,
|
|
BLOCK_4_TECH,
|
|
BLOCK_5_PROCESSES,
|
|
BLOCK_6_PRODUCT,
|
|
BLOCK_7_AI_SYSTEMS,
|
|
} from './compliance-scope-profiling-blocks'
|
|
|
|
/**
|
|
* Block 8: Verarbeitungstätigkeiten (portiert aus Company Profile Step 6)
|
|
*/
|
|
const BLOCK_8_VVT: ScopeQuestionBlock = {
|
|
id: 'vvt',
|
|
title: 'Verarbeitungstätigkeiten',
|
|
description: 'Übersicht der Datenverarbeitungen nach Art. 30 DSGVO',
|
|
order: 8,
|
|
questions: [
|
|
{
|
|
id: 'vvt_departments',
|
|
type: 'multi',
|
|
question: 'In welchen Abteilungen werden personenbezogene Daten verarbeitet?',
|
|
helpText: 'Wählen Sie alle Abteilungen, in denen Verarbeitungstätigkeiten stattfinden',
|
|
required: true,
|
|
options: [
|
|
{ value: 'personal', label: 'Personal / HR' },
|
|
{ value: 'finanzen', label: 'Finanzen / Buchhaltung' },
|
|
{ value: 'vertrieb', label: 'Vertrieb / Sales' },
|
|
{ value: 'marketing', label: 'Marketing' },
|
|
{ value: 'it', label: 'IT / Administration' },
|
|
{ value: 'recht', label: 'Recht / Compliance' },
|
|
{ value: 'kundenservice', label: 'Kundenservice / Support' },
|
|
{ value: 'produktion', label: 'Produktion / Fertigung' },
|
|
{ value: 'logistik', label: 'Logistik / Versand' },
|
|
{ value: 'einkauf', label: 'Einkauf / Beschaffung' },
|
|
{ value: 'facility', label: 'Facility Management' },
|
|
],
|
|
scoreWeights: { risk: 10, complexity: 10, assurance: 8 },
|
|
},
|
|
{
|
|
id: 'vvt_data_categories',
|
|
type: 'multi',
|
|
question: 'Welche Datenkategorien werden verarbeitet?',
|
|
helpText: 'Wählen Sie alle zutreffenden Kategorien personenbezogener Daten',
|
|
required: true,
|
|
options: [
|
|
{ value: 'stammdaten', label: 'Stammdaten (Name, Geburtsdatum)' },
|
|
{ value: 'kontaktdaten', label: 'Kontaktdaten (E-Mail, Telefon, Adresse)' },
|
|
{ value: 'vertragsdaten', label: 'Vertragsdaten' },
|
|
{ value: 'zahlungsdaten', label: 'Zahlungs-/Bankdaten' },
|
|
{ value: 'beschaeftigtendaten', label: 'Beschäftigtendaten (Gehalt, Arbeitszeiten)' },
|
|
{ value: 'kommunikation', label: 'Kommunikationsdaten (E-Mail, Chat)' },
|
|
{ value: 'nutzungsdaten', label: 'Nutzungs-/Logdaten (IP, Klicks)' },
|
|
{ value: 'standortdaten', label: 'Standortdaten' },
|
|
{ value: 'bilddaten', label: 'Bild-/Videodaten' },
|
|
{ value: 'bewerberdaten', label: 'Bewerberdaten' },
|
|
],
|
|
scoreWeights: { risk: 8, complexity: 7, assurance: 7 },
|
|
},
|
|
{
|
|
id: 'vvt_special_categories',
|
|
type: 'boolean',
|
|
question: 'Verarbeiten Sie besondere Kategorien (Art. 9 DSGVO) in Ihren Tätigkeiten?',
|
|
helpText: 'Gesundheit, Biometrie, Religion, Gewerkschaft — über die bereits in Block 2 erfassten hinaus',
|
|
required: true,
|
|
scoreWeights: { risk: 10, complexity: 5, assurance: 8 },
|
|
},
|
|
{
|
|
id: 'vvt_has_vvt',
|
|
type: 'boolean',
|
|
question: 'Haben Sie bereits ein Verarbeitungsverzeichnis (VVT)?',
|
|
helpText: 'Dokumentation aller Verarbeitungstätigkeiten nach Art. 30 DSGVO',
|
|
required: true,
|
|
scoreWeights: { risk: -5, complexity: 3, assurance: 8 },
|
|
},
|
|
{
|
|
id: 'vvt_external_processors',
|
|
type: 'boolean',
|
|
question: 'Setzen Sie externe Dienstleister als Auftragsverarbeiter ein?',
|
|
helpText: 'Lohnbüro, Hosting-Provider, Cloud-Dienste, externe IT etc.',
|
|
required: true,
|
|
scoreWeights: { risk: 7, complexity: 6, assurance: 7 },
|
|
},
|
|
],
|
|
}
|
|
|
|
/**
|
|
* Block 9: Datenkategorien pro Abteilung
|
|
* Generiert Fragen dynamisch aus DEPARTMENT_DATA_CATEGORIES
|
|
*/
|
|
const BLOCK_9_DATENKATEGORIEN: ScopeQuestionBlock = {
|
|
id: 'datenkategorien_detail',
|
|
title: 'Datenkategorien pro Abteilung',
|
|
description: 'Detaillierte Erfassung der Datenkategorien je Abteilung — basierend auf Ihrer Abteilungswahl in Block 8',
|
|
order: 9,
|
|
questions: [
|
|
{
|
|
id: 'dk_dept_hr',
|
|
type: 'multi',
|
|
question: 'Welche Datenkategorien verarbeitet Ihre Personalabteilung?',
|
|
helpText: 'Waehlen Sie alle zutreffenden Datenkategorien fuer den HR-Bereich',
|
|
required: false,
|
|
options: DEPARTMENT_DATA_CATEGORIES.dept_hr.categories.map(c => ({
|
|
value: c.id,
|
|
label: `${c.label}${c.isArt9 ? ' (Art. 9)' : ''}`,
|
|
})),
|
|
scoreWeights: { risk: 6, complexity: 4, assurance: 5 },
|
|
mapsToVVTQuestion: 'dept_hr_categories',
|
|
},
|
|
{
|
|
id: 'dk_dept_recruiting',
|
|
type: 'multi',
|
|
question: 'Welche Datenkategorien verarbeitet Ihr Recruiting?',
|
|
helpText: 'Waehlen Sie alle zutreffenden Datenkategorien fuer das Bewerbermanagement',
|
|
required: false,
|
|
options: DEPARTMENT_DATA_CATEGORIES.dept_recruiting.categories.map(c => ({
|
|
value: c.id,
|
|
label: `${c.label}${c.isArt9 ? ' (Art. 9)' : ''}`,
|
|
})),
|
|
scoreWeights: { risk: 5, complexity: 3, assurance: 4 },
|
|
mapsToVVTQuestion: 'dept_recruiting_categories',
|
|
},
|
|
{
|
|
id: 'dk_dept_finance',
|
|
type: 'multi',
|
|
question: 'Welche Datenkategorien verarbeitet Ihre Finanzabteilung?',
|
|
helpText: 'Waehlen Sie alle zutreffenden Datenkategorien fuer Finanzen & Buchhaltung',
|
|
required: false,
|
|
options: DEPARTMENT_DATA_CATEGORIES.dept_finance.categories.map(c => ({
|
|
value: c.id,
|
|
label: `${c.label}${c.isArt9 ? ' (Art. 9)' : ''}`,
|
|
})),
|
|
scoreWeights: { risk: 6, complexity: 4, assurance: 5 },
|
|
mapsToVVTQuestion: 'dept_finance_categories',
|
|
},
|
|
{
|
|
id: 'dk_dept_sales',
|
|
type: 'multi',
|
|
question: 'Welche Datenkategorien verarbeitet Ihr Vertrieb?',
|
|
helpText: 'Waehlen Sie alle zutreffenden Datenkategorien fuer Vertrieb & CRM',
|
|
required: false,
|
|
options: DEPARTMENT_DATA_CATEGORIES.dept_sales.categories.map(c => ({
|
|
value: c.id,
|
|
label: `${c.label}${c.isArt9 ? ' (Art. 9)' : ''}`,
|
|
})),
|
|
scoreWeights: { risk: 5, complexity: 4, assurance: 4 },
|
|
mapsToVVTQuestion: 'dept_sales_categories',
|
|
},
|
|
{
|
|
id: 'dk_dept_marketing',
|
|
type: 'multi',
|
|
question: 'Welche Datenkategorien verarbeitet Ihr Marketing?',
|
|
helpText: 'Waehlen Sie alle zutreffenden Datenkategorien fuer Marketing',
|
|
required: false,
|
|
options: DEPARTMENT_DATA_CATEGORIES.dept_marketing.categories.map(c => ({
|
|
value: c.id,
|
|
label: `${c.label}${c.isArt9 ? ' (Art. 9)' : ''}`,
|
|
})),
|
|
scoreWeights: { risk: 6, complexity: 5, assurance: 5 },
|
|
mapsToVVTQuestion: 'dept_marketing_categories',
|
|
},
|
|
{
|
|
id: 'dk_dept_support',
|
|
type: 'multi',
|
|
question: 'Welche Datenkategorien verarbeitet Ihr Kundenservice?',
|
|
helpText: 'Waehlen Sie alle zutreffenden Datenkategorien fuer Support',
|
|
required: false,
|
|
options: DEPARTMENT_DATA_CATEGORIES.dept_support.categories.map(c => ({
|
|
value: c.id,
|
|
label: `${c.label}${c.isArt9 ? ' (Art. 9)' : ''}`,
|
|
})),
|
|
scoreWeights: { risk: 5, complexity: 3, assurance: 4 },
|
|
mapsToVVTQuestion: 'dept_support_categories',
|
|
},
|
|
{
|
|
id: 'dk_dept_it',
|
|
type: 'multi',
|
|
question: 'Welche Datenkategorien verarbeitet Ihre IT-Abteilung?',
|
|
helpText: 'Waehlen Sie alle zutreffenden Datenkategorien fuer IT / Administration',
|
|
required: false,
|
|
options: DEPARTMENT_DATA_CATEGORIES.dept_it.categories.map(c => ({
|
|
value: c.id,
|
|
label: `${c.label}${c.isArt9 ? ' (Art. 9)' : ''}`,
|
|
})),
|
|
scoreWeights: { risk: 7, complexity: 5, assurance: 6 },
|
|
mapsToVVTQuestion: 'dept_it_categories',
|
|
},
|
|
{
|
|
id: 'dk_dept_recht',
|
|
type: 'multi',
|
|
question: 'Welche Datenkategorien verarbeitet Ihre Rechtsabteilung?',
|
|
helpText: 'Waehlen Sie alle zutreffenden Datenkategorien fuer Recht / Compliance',
|
|
required: false,
|
|
options: DEPARTMENT_DATA_CATEGORIES.dept_recht.categories.map(c => ({
|
|
value: c.id,
|
|
label: `${c.label}${c.isArt9 ? ' (Art. 9)' : ''}`,
|
|
})),
|
|
scoreWeights: { risk: 6, complexity: 4, assurance: 6 },
|
|
mapsToVVTQuestion: 'dept_recht_categories',
|
|
},
|
|
{
|
|
id: 'dk_dept_produktion',
|
|
type: 'multi',
|
|
question: 'Welche Datenkategorien verarbeitet Ihre Produktion?',
|
|
helpText: 'Waehlen Sie alle zutreffenden Datenkategorien fuer Produktion / Fertigung',
|
|
required: false,
|
|
options: DEPARTMENT_DATA_CATEGORIES.dept_produktion.categories.map(c => ({
|
|
value: c.id,
|
|
label: `${c.label}${c.isArt9 ? ' (Art. 9)' : ''}`,
|
|
})),
|
|
scoreWeights: { risk: 6, complexity: 4, assurance: 5 },
|
|
mapsToVVTQuestion: 'dept_produktion_categories',
|
|
},
|
|
{
|
|
id: 'dk_dept_logistik',
|
|
type: 'multi',
|
|
question: 'Welche Datenkategorien verarbeitet Ihre Logistik?',
|
|
helpText: 'Waehlen Sie alle zutreffenden Datenkategorien fuer Logistik / Versand',
|
|
required: false,
|
|
options: DEPARTMENT_DATA_CATEGORIES.dept_logistik.categories.map(c => ({
|
|
value: c.id,
|
|
label: `${c.label}${c.isArt9 ? ' (Art. 9)' : ''}`,
|
|
})),
|
|
scoreWeights: { risk: 5, complexity: 3, assurance: 4 },
|
|
mapsToVVTQuestion: 'dept_logistik_categories',
|
|
},
|
|
{
|
|
id: 'dk_dept_einkauf',
|
|
type: 'multi',
|
|
question: 'Welche Datenkategorien verarbeitet Ihr Einkauf?',
|
|
helpText: 'Waehlen Sie alle zutreffenden Datenkategorien fuer Einkauf / Beschaffung',
|
|
required: false,
|
|
options: DEPARTMENT_DATA_CATEGORIES.dept_einkauf.categories.map(c => ({
|
|
value: c.id,
|
|
label: `${c.label}${c.isArt9 ? ' (Art. 9)' : ''}`,
|
|
})),
|
|
scoreWeights: { risk: 4, complexity: 3, assurance: 4 },
|
|
mapsToVVTQuestion: 'dept_einkauf_categories',
|
|
},
|
|
{
|
|
id: 'dk_dept_facility',
|
|
type: 'multi',
|
|
question: 'Welche Datenkategorien verarbeitet Ihr Facility Management?',
|
|
helpText: 'Waehlen Sie alle zutreffenden Datenkategorien fuer Facility Management',
|
|
required: false,
|
|
options: DEPARTMENT_DATA_CATEGORIES.dept_facility.categories.map(c => ({
|
|
value: c.id,
|
|
label: `${c.label}${c.isArt9 ? ' (Art. 9)' : ''}`,
|
|
})),
|
|
scoreWeights: { risk: 5, complexity: 3, assurance: 4 },
|
|
mapsToVVTQuestion: 'dept_facility_categories',
|
|
},
|
|
],
|
|
}
|
|
|
|
/**
|
|
* All question blocks in order
|
|
*/
|
|
export const SCOPE_QUESTION_BLOCKS: ScopeQuestionBlock[] = [
|
|
BLOCK_1_ORGANISATION,
|
|
BLOCK_2_DATA,
|
|
BLOCK_3_PROCESSING,
|
|
BLOCK_4_TECH,
|
|
BLOCK_5_PROCESSES,
|
|
BLOCK_6_PRODUCT,
|
|
BLOCK_7_AI_SYSTEMS,
|
|
BLOCK_8_VVT,
|
|
BLOCK_9_DATENKATEGORIEN,
|
|
]
|