Benjamin_Boenisch/breakpilot-core
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
937eca6b775d535008e19e52a9b7a057987f41ff
breakpilot-core/control-pipeline/tests/golden_mc_assignments.yaml
T
Benjamin Admin 937eca6b77
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-consent (push) Successful in 35s
Details
CI / test-python-voice (push) Successful in 35s
Details
CI / test-bqas (push) Successful in 34s
Details
test(pipeline): Phase 6 — Golden Dataset + MC Quality Tests 
- 20 manually verified golden controls with expected MC topics
- Structural quality tests: min 10K MCs, max 300/MC, no orphans
- Doc-check controls tests: 8 doc types covered, no empty questions
- Quality thresholds: 90% accuracy, enforced by regression tests

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-10 21:03:49 +02:00

95 lines
3.1 KiB
YAML
Raw Blame History

# Golden Dataset for MC Assignment Quality
# Manually verified controls with their expected MC topics.
# Used for regression testing after pipeline changes.
# Created: 2026-05-10, verified by manual review (19/20 correct)
golden_controls:
# ── Data Protection ──
- control_id: "DATA-3291-A06"
expected_topic_prefix: "data_retention"
reason: "Speicherfristen für personenbezogene Daten definieren"
- control_id: "SEC-7449-A01"
expected_topic_prefix: "personal_data"
reason: "Fahrzeugnutzungsdaten in Telematikbox (Datenminimierung)"
- control_id: "DATA-3518-A06"
expected_topic_prefix: "data_subject_rights"
reason: "Betroffene über Lösch-Ausnahmen informieren"
- control_id: "GOV-963-A02"
expected_topic_prefix: "consent"
reason: "Zustimmung des Urhebers vor Veröffentlichung einholen"
# ── Security ──
- control_id: "CRYP-1454-A07"
expected_topic_prefix: "encryption"
reason: "RSASSA-PSS in TLS 1.3 verifizieren"
- control_id: "NET-1141-A08"
expected_topic_prefix: "monitoring"
reason: "Sampling-Strategien konfigurieren"
- control_id: "SEC-2244-A05"
expected_topic_prefix: "asset_management"
reason: "Systeminventar kontinuierlich aktualisieren"
- control_id: "AUTH-3468-A06"
expected_topic_prefix: "access_control"
reason: "Rollenkonzept mit abgestuften Zugriffsrechten"
# ── Governance ──
- control_id: "AUTH-2364-A09"
expected_topic_prefix: "supervisory_authority"
reason: "Zusammenarbeit mit Wirtschaftsakteuren dokumentieren"
- control_id: "SEC-5972-A14"
expected_topic_prefix: "third_party_management"
reason: "Cybersicherheitsrichtlinien kritischer Lieferanten prüfen"
- control_id: "SEC-3441-A02"
expected_topic_prefix: "human_resources_security"
reason: "Mitarbeiter vor Nachteil bei Verweigerung schützen"
- control_id: "SEC-3502-A06"
expected_topic_prefix: "awareness"
reason: "Organisationskultur für Sicherheitsverbesserung"
- control_id: "GOV-1748-A04"
expected_topic_prefix: "policy"
reason: "Annahme von Geschenken untersagen"
# ── Regulatory ──
- control_id: "AI-1287-A01"
expected_topic_prefix: "ai_system"
reason: "Akteure des KI-Systems identifizieren"
- control_id: "AI-1732-A11"
expected_topic_prefix: "ai_system"
reason: "Menschliche Kontrolle für KI-Entscheidungen"
- control_id: "COMP-1352-A04"
expected_topic_prefix: "certification"
reason: "Amateurfunkprüfungszeugnis vorlegen"
- control_id: "FIN-1212-A02"
expected_topic_prefix: "financial_reporting"
reason: "Jahresabschluss gemäß EU-Richtlinie aufstellen"
- control_id: "AUTH-1165-A01"
expected_topic_prefix: "data_classification"
reason: "Öffentliche IP-Adressen als Stammdaten klassifizieren"
- control_id: "SEC-7367-A10"
expected_topic_prefix: "audit_logging"
reason: "Banner-Version Rückverfolgung testen"
- control_id: "LAB-034-A03"
expected_topic_prefix: "third_party_management"
reason: "Verträge auf unzulässige Klauseln prüfen"
quality_thresholds:
min_accuracy: 0.90
max_controls_per_mc: 300
min_master_controls: 10000
Reference in New Issue View Git Blame Copy Permalink