7a09086930
All checks were successful
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-go-ai-compliance (push) Successful in 34s
CI / test-python-backend-compliance (push) Successful in 28s
CI / test-python-document-crawler (push) Successful in 24s
CI / test-python-dsms-gateway (push) Successful in 17s
Implements the 4-level GCI scoring model (Module -> Risk-Weighted -> Regulation Area -> Final GCI) with DSGVO, NIS2, ISO 27001, and EU AI Act integration. Backend: - 9 Go files: engine, models, weights, validity, NIS2 roles/scoring, ISO mapping/gap-analysis, mock data - GCI handlers with 13 API endpoints under /sdk/v1/gci/ - Routes registered in main.go Frontend: - TypeScript types, API client, Next.js API proxy - Dashboard page with 6 tabs (Overview, Breakdown, NIS2, ISO 27001, Matrix, Audit Trail) - Sidebar navigation entry Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
79 lines
2.0 KiB
Go
79 lines
2.0 KiB
Go
package gci
|
|
|
|
// WeightProfile defines regulation weights for different compliance profiles
|
|
type WeightProfile struct {
|
|
ID string `json:"id"`
|
|
Name string `json:"name"`
|
|
Description string `json:"description"`
|
|
Weights map[string]float64 `json:"weights"` // regulation_id -> weight (0.0-1.0)
|
|
}
|
|
|
|
// Default weight profiles
|
|
var DefaultProfiles = map[string]WeightProfile{
|
|
"default": {
|
|
ID: "default",
|
|
Name: "Standard",
|
|
Description: "Ausgewogenes Profil fuer allgemeine Compliance",
|
|
Weights: map[string]float64{
|
|
"dsgvo": 0.30,
|
|
"nis2": 0.25,
|
|
"iso27001": 0.25,
|
|
"ai_act": 0.20,
|
|
},
|
|
},
|
|
"nis2_relevant": {
|
|
ID: "nis2_relevant",
|
|
Name: "NIS2-relevant",
|
|
Description: "Fuer Betreiber kritischer Infrastrukturen",
|
|
Weights: map[string]float64{
|
|
"dsgvo": 0.25,
|
|
"nis2": 0.35,
|
|
"iso27001": 0.25,
|
|
"ai_act": 0.15,
|
|
},
|
|
},
|
|
"ki_nutzer": {
|
|
ID: "ki_nutzer",
|
|
Name: "KI-Nutzer",
|
|
Description: "Fuer Organisationen mit KI-Einsatz",
|
|
Weights: map[string]float64{
|
|
"dsgvo": 0.25,
|
|
"nis2": 0.25,
|
|
"iso27001": 0.20,
|
|
"ai_act": 0.30,
|
|
},
|
|
},
|
|
}
|
|
|
|
// ModuleRiskWeights defines risk criticality per module type
|
|
var ModuleRiskWeights = map[string]float64{
|
|
"incident_response": 3.0,
|
|
"management_awareness": 3.0,
|
|
"data_protection": 2.5,
|
|
"it_security": 2.5,
|
|
"supply_chain": 2.0,
|
|
"risk_assessment": 2.0,
|
|
"access_control": 2.0,
|
|
"business_continuity": 2.0,
|
|
"employee_training": 1.5,
|
|
"documentation": 1.5,
|
|
"physical_security": 1.0,
|
|
"general": 1.0,
|
|
}
|
|
|
|
// GetProfile returns a weight profile by ID, defaulting to "default"
|
|
func GetProfile(profileID string) WeightProfile {
|
|
if p, ok := DefaultProfiles[profileID]; ok {
|
|
return p
|
|
}
|
|
return DefaultProfiles["default"]
|
|
}
|
|
|
|
// GetModuleRiskWeight returns the risk weight for a module category
|
|
func GetModuleRiskWeight(category string) float64 {
|
|
if w, ok := ModuleRiskWeights[category]; ok {
|
|
return w
|
|
}
|
|
return 1.0
|
|
}
|