'use client' /** * Compliance & Audit Framework Dashboard * * Tabs: * - Uebersicht: Dashboard mit Score, Stats, Quick Actions * - Architektur: Systemarchitektur und Datenfluss * - Roadmap: Implementierungsfortschritt und Backlog * - Technisch: API-Dokumentation und Datenmodell * - Audit: Export und Audit-Historie * - Dokumentation: Handbuecher und Guides */ import { useState, useEffect } from 'react' import Link from 'next/link' import AdminLayout from '@/components/admin/AdminLayout' import LanguageSwitch from '@/components/compliance/LanguageSwitch' import LLMProviderToggle from '@/components/compliance/LLMProviderToggle' import { Language } from '@/lib/compliance-i18n' // Types interface DashboardData { compliance_score: number total_regulations: number total_requirements: number total_controls: number controls_by_status: Record controls_by_domain: Record> total_evidence: number evidence_by_status: Record total_risks: number risks_by_level: Record } interface AIStatus { provider: string model: string is_available: boolean is_mock: boolean } interface Regulation { id: string code: string name: string full_name: string regulation_type: string effective_date: string | null description: string requirement_count: number } // Tab definitions type TabId = 'executive' | 'uebersicht' | 'architektur' | 'roadmap' | 'technisch' | 'audit' | 'dokumentation' const tabs: { id: TabId; name: string; icon: JSX.Element }[] = [ { id: 'executive', name: 'Executive', icon: ( ), }, { id: 'uebersicht', name: 'Uebersicht', icon: ( ), }, { id: 'architektur', name: 'Architektur', icon: ( ), }, { id: 'roadmap', name: 'Roadmap', icon: ( ), }, { id: 'technisch', name: 'Technisch', icon: ( ), }, { id: 'audit', name: 'Audit', icon: ( ), }, { id: 'dokumentation', name: 'Dokumentation', icon: ( ), }, ] const DOMAIN_LABELS: Record = { gov: 'Governance', priv: 'Datenschutz', iam: 'Identity & Access', crypto: 'Kryptografie', sdlc: 'Secure Dev', ops: 'Operations', ai: 'KI-spezifisch', cra: 'Supply Chain', aud: 'Audit', } const STATUS_COLORS: Record = { pass: 'bg-green-500', partial: 'bg-yellow-500', fail: 'bg-red-500', planned: 'bg-slate-400', 'n/a': 'bg-slate-300', } // Backlog items for Roadmap - Updated 2026-01-17 const BACKLOG_ITEMS = [ { id: 1, title: 'EU-Lex Live-Fetch (19 Regulations)', priority: 'high', status: 'completed', category: 'Integration' }, { id: 2, title: 'BSI-TR-03161 PDF Parser (3 PDFs)', priority: 'high', status: 'completed', category: 'Data Import' }, { id: 3, title: 'AI-Interpretation fuer Requirements', priority: 'high', status: 'completed', category: 'AI' }, { id: 4, title: 'Auto-Mapping Controls zu Requirements (474)', priority: 'high', status: 'completed', category: 'Automation' }, { id: 5, title: 'Service-Modul-Registry (30 Module)', priority: 'high', status: 'completed', category: 'Architecture' }, { id: 6, title: 'Audit Trail fuer alle Aenderungen', priority: 'high', status: 'completed', category: 'Audit' }, { id: 7, title: 'Automatische Evidence-Sammlung aus CI/CD', priority: 'high', status: 'planned', category: 'Automation' }, { id: 8, title: 'Control-Review Workflow mit Benachrichtigungen', priority: 'medium', status: 'planned', category: 'Workflow' }, { id: 9, title: 'Risk Treatment Plan Tracking', priority: 'medium', status: 'planned', category: 'Risk Management' }, { id: 10, title: 'Compliance Score Trend-Analyse', priority: 'low', status: 'planned', category: 'Analytics' }, { id: 11, title: 'SBOM Integration fuer CRA Compliance', priority: 'medium', status: 'planned', category: 'Integration' }, { id: 12, title: 'Multi-Mandanten Compliance Trennung', priority: 'medium', status: 'planned', category: 'Architecture' }, { id: 13, title: 'Compliance Report PDF Generator', priority: 'medium', status: 'planned', category: 'Export' }, ] // Executive Dashboard Types interface ExecutiveDashboardData { traffic_light_status: 'green' | 'yellow' | 'red' overall_score: number score_trend: { date: string; score: number; label: string }[] previous_score: number | null score_change: number | null total_regulations: number total_requirements: number total_controls: number open_risks: number top_risks: { id: string risk_id: string title: string risk_level: string owner: string | null status: string category: string impact: number likelihood: number }[] upcoming_deadlines: { id: string title: string deadline: string days_remaining: number type: string status: string owner: string | null }[] team_workload: { name: string pending_tasks: number in_progress_tasks: number completed_tasks: number total_tasks: number completion_rate: number }[] last_updated: string } // Main Component export default function CompliancePage() { const [activeTab, setActiveTab] = useState('executive') const [dashboard, setDashboard] = useState(null) const [regulations, setRegulations] = useState([]) const [aiStatus, setAiStatus] = useState(null) const [loading, setLoading] = useState(true) const [seeding, setSeeding] = useState(false) const [error, setError] = useState(null) const [language, setLanguage] = useState('de') const BACKEND_URL = process.env.NEXT_PUBLIC_BACKEND_URL || 'http://localhost:8000' useEffect(() => { loadData() }, []) const loadData = async () => { setLoading(true) setError(null) try { const [dashboardRes, regulationsRes, aiStatusRes] = await Promise.all([ fetch(`${BACKEND_URL}/api/v1/compliance/dashboard`), fetch(`${BACKEND_URL}/api/v1/compliance/regulations`), fetch(`${BACKEND_URL}/api/v1/compliance/ai/status`), ]) if (dashboardRes.ok) { setDashboard(await dashboardRes.json()) } if (regulationsRes.ok) { const data = await regulationsRes.json() setRegulations(data.regulations || []) } if (aiStatusRes.ok) { setAiStatus(await aiStatusRes.json()) } } catch (err) { console.error('Failed to load compliance data:', err) setError('Verbindung zum Backend fehlgeschlagen') } finally { setLoading(false) } } const seedDatabase = async () => { setSeeding(true) try { const res = await fetch(`${BACKEND_URL}/api/v1/compliance/seed`, { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ force: false }), }) if (res.ok) { const result = await res.json() alert(`Datenbank erfolgreich initialisiert!\n\nRegulations: ${result.counts.regulations}\nControls: ${result.counts.controls}\nRequirements: ${result.counts.requirements}\nMappings: ${result.counts.mappings}`) loadData() } else { const error = await res.text() alert(`Fehler beim Seeding: ${error}`) } } catch (err) { console.error('Seeding failed:', err) alert('Fehler beim Initialisieren der Datenbank') } finally { setSeeding(false) } } return ( {/* Error Banner */} {error && (
{error}
)} {/* Action Bar */}
Scraper oeffnen Audit Workspace
{/* Seed Button if no data */} {!loading && (dashboard?.total_controls || 0) === 0 && (

Keine Compliance-Daten vorhanden

Initialisieren Sie die Datenbank mit den Seed-Daten.

)} {/* Tab Navigation */}
{/* Tab Content */} {activeTab === 'executive' && ( )} {activeTab === 'uebersicht' && ( )} {activeTab === 'architektur' && } {activeTab === 'roadmap' && } {activeTab === 'technisch' && } {activeTab === 'audit' && } {activeTab === 'dokumentation' && } ) } // ============================================================================ // Uebersicht Tab // ============================================================================ function UebersichtTab({ dashboard, regulations, aiStatus, loading, onRefresh, }: { dashboard: DashboardData | null regulations: Regulation[] aiStatus: AIStatus | null loading: boolean onRefresh: () => void }) { if (loading) { return (
) } const score = dashboard?.compliance_score || 0 const scoreColor = score >= 80 ? 'text-green-600' : score >= 60 ? 'text-yellow-600' : 'text-red-600' return (
{/* AI Status Banner */} {aiStatus && (
πŸ€–
AI-Compliance-Assistent {aiStatus.is_available ? 'aktiv' : 'nicht verfuegbar'}
{aiStatus.is_mock ? ( Mock-Modus (kein API-Key konfiguriert) ) : ( <>Provider: {aiStatus.provider} | Modell: {aiStatus.model} )}
{aiStatus.is_available && !aiStatus.is_mock ? 'Online' : aiStatus.is_mock ? 'Mock' : 'Offline'}
)} {/* Score and Stats Row */}
{/* Score Card */}

Compliance Score

{score.toFixed(0)}%
= 80 ? 'bg-green-500' : score >= 60 ? 'bg-yellow-500' : 'bg-red-500'}`} style={{ width: `${score}%` }} />

{dashboard?.controls_by_status?.pass || 0} von {dashboard?.total_controls || 0} Controls bestanden

{/* Stats Cards */}

Verordnungen

{dashboard?.total_regulations || 0}

{dashboard?.total_requirements || 0} Anforderungen

Controls

{dashboard?.total_controls || 0}

{dashboard?.controls_by_status?.pass || 0} bestanden

Nachweise

{dashboard?.total_evidence || 0}

{dashboard?.evidence_by_status?.valid || 0} aktiv

Risiken

{dashboard?.total_risks || 0}

{(dashboard?.risks_by_level?.high || 0) + (dashboard?.risks_by_level?.critical || 0)} kritisch

{/* Domain Chart and Quick Actions */}
{/* Domain Chart */}

Controls nach Domain

{Object.entries(dashboard?.controls_by_domain || {}).map(([domain, stats]) => { const total = stats.total || 0 const pass = stats.pass || 0 const partial = stats.partial || 0 const passPercent = total > 0 ? ((pass + partial * 0.5) / total) * 100 : 0 return (
{DOMAIN_LABELS[domain] || domain.toUpperCase()} {pass}/{total} ({passPercent.toFixed(0)}%)
) })}
{/* Quick Actions */}

Schnellaktionen

Controls

Evidence

Risiken

Scraper

Export

Audit Workspace

Service Module Registry

{/* Regulations Table */}

Verordnungen & Standards

{regulations.slice(0, 10).map((reg) => ( ))}
Code Name Typ Anforderungen
{reg.code}

{reg.name}

 {reg.regulation_type === 'eu_regulation' ? 'EU-VO' : reg.regulation_type === 'eu_directive' ? 'EU-RL' : reg.regulation_type === 'bsi_standard' ? 'BSI' : reg.regulation_type === 'de_law' ? 'DE' : reg.regulation_type} {reg.requirement_count}
) } // ============================================================================ // Executive Tab (Phase 3 - Sprint 1) // ============================================================================ import dynamic from 'next/dynamic' // Dynamically import Recharts components to avoid SSR issues const ComplianceTrendChart = dynamic( () => import('@/components/compliance/charts/ComplianceTrendChart'), { ssr: false, loading: () =>
} ) function ExecutiveTab({ loading, onRefresh, }: { loading: boolean onRefresh: () => void }) { const [executiveData, setExecutiveData] = useState(null) const [execLoading, setExecLoading] = useState(true) const [error, setError] = useState(null) const BACKEND_URL = process.env.NEXT_PUBLIC_BACKEND_URL || 'http://localhost:8000' useEffect(() => { loadExecutiveData() }, []) const loadExecutiveData = async () => { setExecLoading(true) setError(null) try { const res = await fetch(`${BACKEND_URL}/api/v1/compliance/dashboard/executive`) if (res.ok) { setExecutiveData(await res.json()) } else { setError('Executive Dashboard konnte nicht geladen werden') } } catch (err) { console.error('Failed to load executive dashboard:', err) setError('Verbindung zum Backend fehlgeschlagen') } finally { setExecLoading(false) } } if (execLoading) { return (
) } if (error || !executiveData) { return (

{error || 'Keine Daten verfuegbar'}

) } const { traffic_light_status, overall_score, score_trend, score_change, top_risks, upcoming_deadlines, team_workload } = executiveData const trafficLightColors = { green: { bg: 'bg-green-500', ring: 'ring-green-200', text: 'text-green-700', label: 'Gut' }, yellow: { bg: 'bg-yellow-500', ring: 'ring-yellow-200', text: 'text-yellow-700', label: 'Achtung' }, red: { bg: 'bg-red-500', ring: 'ring-red-200', text: 'text-red-700', label: 'Kritisch' }, } const tlConfig = trafficLightColors[traffic_light_status] return (
{/* Header Row: Traffic Light + Key Metrics */}
{/* Traffic Light Status */}
{overall_score.toFixed(0)}%

{tlConfig.label}

Erfuellungsgrad

{score_change !== null && (

= 0 ? 'text-green-600' : 'text-red-600'}`}> {score_change >= 0 ? '↑' : '↓'} {Math.abs(score_change).toFixed(1)}% zum Vormonat

)}
{/* Metric Cards */}

Verordnungen

{executiveData.total_regulations}

{executiveData.total_requirements} Anforderungen

Massnahmen

{executiveData.total_controls}

Technische Controls

Offene Risiken

{executiveData.open_risks}

Unmitigiert

{/* Charts Row */}
{/* Trend Chart */}

Compliance-Trend (12 Monate)

{/* Top Risks */}

Top 5 Risiken

{top_risks.length === 0 ? (

Keine offenen Risiken

) : (
{top_risks.map((risk) => { const riskColors = { critical: 'bg-red-100 text-red-700 border-red-200', high: 'bg-orange-100 text-orange-700 border-orange-200', medium: 'bg-yellow-100 text-yellow-700 border-yellow-200', low: 'bg-green-100 text-green-700 border-green-200', } return (
{risk.risk_level.toUpperCase()}

{risk.title}

{risk.owner || 'Kein Owner'}

{risk.risk_id}
) })}
)}
{/* Bottom Row: Deadlines + Workload */}
{/* Upcoming Deadlines */}

Naechste Fristen

{upcoming_deadlines.length === 0 ? (

Keine anstehenden Fristen

) : (
{upcoming_deadlines.slice(0, 5).map((deadline) => { const statusColors = { overdue: 'bg-red-100 text-red-700', at_risk: 'bg-yellow-100 text-yellow-700', on_track: 'bg-green-100 text-green-700', } return (
{deadline.days_remaining < 0 ? `${Math.abs(deadline.days_remaining)}d ueberfaellig` : deadline.days_remaining === 0 ? 'Heute' : `${deadline.days_remaining}d`}

{deadline.title}

{new Date(deadline.deadline).toLocaleDateString('de-DE')}

) })}
)}
{/* Team Workload */}

Team-Auslastung

{team_workload.length === 0 ? (

Keine Daten verfuegbar

) : (
{team_workload.slice(0, 5).map((member) => (
{member.name} {member.completed_tasks}/{member.total_tasks} ({member.completion_rate.toFixed(0)}%)
))}
)}
{/* Last Updated */}
Zuletzt aktualisiert: {new Date(executiveData.last_updated).toLocaleString('de-DE')}
) } // ============================================================================ // Architektur Tab // ============================================================================ function ArchitekturTab() { return (

Systemarchitektur

Das Compliance & Audit Framework ist modular aufgebaut und integriert sich nahtlos in die bestehende Breakpilot-Infrastruktur.

{/* Architecture Diagram */} 
{`
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚                        COMPLIANCE FRAMEWORK                              β”‚
β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€
β”‚                                                                          β”‚
β”‚   β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”    β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”    β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”                β”‚
β”‚   β”‚   Next.js   β”‚    β”‚   FastAPI   β”‚    β”‚  PostgreSQL β”‚                β”‚
β”‚   β”‚  Frontend   │───▢│   Backend   │───▢│   Database  β”‚                β”‚
β”‚   β”‚  (Port 3000)β”‚    β”‚  (Port 8000)β”‚    β”‚  (Port 5432)β”‚                β”‚
β”‚   β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜    β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜    β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜                β”‚
β”‚         β”‚                  β”‚                   β”‚                        β”‚
β”‚         β”‚                  β”‚                   β”‚                        β”‚
β”‚   β”Œβ”€β”€β”€β”€β”€β–Όβ”€β”€β”€β”€β”€β”      β”Œβ”€β”€β”€β”€β”€β–Όβ”€β”€β”€β”€β”€β”      β”Œβ”€β”€β”€β”€β”€β–Όβ”€β”€β”€β”€β”€β”                  β”‚
β”‚   β”‚  Admin UI β”‚      β”‚ Compliance β”‚      β”‚  7 Tables β”‚                  β”‚
β”‚   β”‚  /admin/  β”‚      β”‚   Module   β”‚      β”‚ compliance_β”‚                  β”‚
β”‚   β”‚compliance/β”‚      β”‚ /backend/  β”‚      β”‚ regulationsβ”‚                  β”‚
β”‚   β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜      β”‚compliance/ β”‚      β”‚ _controls  β”‚                  β”‚
β”‚                      β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜      β”‚ _evidence  β”‚                  β”‚
β”‚                                         β”‚ _risks     β”‚                  β”‚
β”‚                                         β”‚ ...        β”‚                  β”‚
β”‚                                         β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜                  β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
          `}
{/* Component Details */}

Frontend (Next.js)

  • - Dashboard mit Compliance Score
  • - Control Catalogue mit Filtern
  • - Evidence Upload & Management
  • - Risk Matrix Visualisierung
  • - Audit Export Wizard

Backend (FastAPI)

  • - REST API Endpoints
  • - Repository Pattern
  • - Pydantic Schemas
  • - Seeder Service
  • - Export Generator

Datenbank (PostgreSQL)

  • - compliance_regulations
  • - compliance_requirements
  • - compliance_controls
  • - compliance_control_mappings
  • - compliance_evidence
  • - compliance_risks
  • - compliance_audit_exports
{/* Data Flow */}

Datenfluss

1

Regulations & Requirements

EU-Verordnungen, BSI-Standards werden als Seed-Daten geladen

2

Controls & Mappings

Technische Controls werden Requirements zugeordnet

3

Evidence Collection

Nachweise werden manuell oder automatisiert erfasst

4

Audit Export

ZIP-Pakete fuer externe Pruefer generieren

) } // ============================================================================ // Roadmap Tab // ============================================================================ function RoadmapTab() { const completedCount = BACKLOG_ITEMS.filter(i => i.status === 'completed').length const inProgressCount = BACKLOG_ITEMS.filter(i => i.status === 'in_progress').length const plannedCount = BACKLOG_ITEMS.filter(i => i.status === 'planned').length return (
{/* Progress Overview */}

Abgeschlossen

{completedCount}

In Bearbeitung

{inProgressCount}

Geplant

{plannedCount}

{/* Implemented Features */}

Implementierte Features (v2.0 - Stand: 2026-01-17)

{[ '558 Requirements aus 19 Regulations extrahiert', '44 Controls in 9 Domains mit Auto-Mapping', '474 Control-Mappings automatisch generiert', '30 Service-Module in Registry kartiert', 'AI-Interpretation fuer alle Requirements', 'EU-Lex Scraper fuer Live-Regulation-Fetch', 'BSI-TR-03161 PDF Parser (alle 3 Teile)', 'Evidence Management mit File Upload', 'Risk Matrix (5x5 Likelihood x Impact)', 'Audit Export Wizard (ZIP Generator)', 'Compliance Score Berechnung', 'Dashboard mit Echtzeit-Statistiken', ].map((feature, idx) => (
{feature}
))}
{/* Backlog */}

Backlog

{BACKLOG_ITEMS.map((item) => ( ))}
Titel Kategorie Prioritaet Status
{item.title} {item.category} {item.priority} {item.status === 'completed' ? 'Fertig' : item.status === 'in_progress' ? 'In Arbeit' : 'Geplant'}
) } // ============================================================================ // Technisch Tab // ============================================================================ function TechnischTab() { return (
{/* API Endpoints */}

API Endpoints

{[ { method: 'GET', path: '/api/v1/compliance/regulations', desc: 'Liste aller Verordnungen' }, { method: 'GET', path: '/api/v1/compliance/controls', desc: 'Control Catalogue' }, { method: 'PUT', path: '/api/v1/compliance/controls/{id}/review', desc: 'Control Review' }, { method: 'GET', path: '/api/v1/compliance/evidence', desc: 'Evidence Liste' }, { method: 'POST', path: '/api/v1/compliance/evidence/upload', desc: 'Evidence Upload' }, { method: 'GET', path: '/api/v1/compliance/risks', desc: 'Risk Register' }, { method: 'GET', path: '/api/v1/compliance/risks/matrix', desc: 'Risk Matrix' }, { method: 'GET', path: '/api/v1/compliance/dashboard', desc: 'Dashboard Stats' }, { method: 'POST', path: '/api/v1/compliance/export', desc: 'Audit Export erstellen' }, { method: 'POST', path: '/api/v1/compliance/seed', desc: 'Datenbank seeden' }, ].map((ep, idx) => (
{ep.method} {ep.path} {ep.desc}
))}
{/* Database Schema */}

Datenmodell

{[ { table: 'compliance_regulations', fields: 'id, code, name, regulation_type, source_url, effective_date' }, { table: 'compliance_requirements', fields: 'id, regulation_id, article, title, description, is_applicable' }, { table: 'compliance_controls', fields: 'id, control_id, domain, title, status, is_automated, owner' }, { table: 'compliance_control_mappings', fields: 'id, requirement_id, control_id, coverage_level' }, { table: 'compliance_evidence', fields: 'id, control_id, evidence_type, title, artifact_path, status' }, { table: 'compliance_risks', fields: 'id, risk_id, title, likelihood, impact, inherent_risk, status' }, { table: 'compliance_audit_exports', fields: 'id, export_type, status, file_path, file_hash' }, ].map((t, idx) => (

{t.table}

{t.fields}

))}
{/* Enums */}

Enums

ControlDomainEnum

{['gov', 'priv', 'iam', 'crypto', 'sdlc', 'ops', 'ai', 'cra', 'aud'].map((d) => ( {d} ))}

ControlStatusEnum

{['pass', 'partial', 'fail', 'planned', 'n/a'].map((s) => ( {s} ))}

RiskLevelEnum

{['low', 'medium', 'high', 'critical'].map((l) => ( {l} ))}
) } // ============================================================================ // Audit Tab // ============================================================================ function AuditTab() { return (

Audit Export

Export Wizard oeffnen

Erstellen Sie ZIP-Pakete mit allen relevanten Compliance-Daten fuer externe Pruefer.

Vollstaendiger Export

Alle Daten inkl. Regulations, Controls, Evidence, Risks

Nur Controls

Control Catalogue mit Mappings

Nur Evidence

Evidence-Dateien und Metadaten

{/* Export Format */}

Export Format

{`
audit_export_2026-01-16/
β”œβ”€β”€ index.html                    # Navigations-Uebersicht
β”œβ”€β”€ summary.json                  # Maschinenlesbare Zusammenfassung
β”œβ”€β”€ regulations/
β”‚   β”œβ”€β”€ gdpr.json
β”‚   β”œβ”€β”€ aiact.json
β”‚   └── ...
β”œβ”€β”€ controls/
β”‚   β”œβ”€β”€ control_catalogue.json
β”‚   └── control_catalogue.xlsx
β”œβ”€β”€ evidence/
β”‚   β”œβ”€β”€ scan_reports/
β”‚   β”œβ”€β”€ policies/
β”‚   └── configs/
β”œβ”€β”€ risks/
β”‚   └── risk_register.json
└── README.md                     # Erklaerung fuer Pruefer
          `}
{/* Audit Quick Links */}

Control Reviews

Controls ueberpruefen und Status aktualisieren

Evidence Management

Nachweise hochladen und verwalten

) } // ============================================================================ // Dokumentation Tab // ============================================================================ function DokumentationTab() { return (
{/* Quick Start Guide */}

Quick Start Guide

1

Datenbank initialisieren

Klicken Sie auf "Datenbank initialisieren" im Dashboard, um die Seed-Daten zu laden.

2

Controls reviewen

Gehen Sie zum Control Catalogue und bewerten Sie den Status jedes Controls.

3

Evidence hochladen

Laden Sie Nachweise (Scan-Reports, Policies, Screenshots) fuer Ihre Controls hoch.

4

Risiken bewerten

Dokumentieren Sie identifizierte Risiken in der Risk Matrix.

5

Audit Export

Generieren Sie ein ZIP-Paket fuer externe Pruefer.

{/* Regulatory Framework */}

Abgedeckte Verordnungen

EU-Verordnungen & Richtlinien

  • - DSGVO (Datenschutz-Grundverordnung)
  • - AI Act (KI-Verordnung)
  • - CRA (Cyber Resilience Act)
  • - NIS2 (Netzwerk- und Informationssicherheit)
  • - DSA (Digital Services Act)
  • - Data Act (Datenverordnung)
  • - DGA (Data Governance Act)
  • - ePrivacy-Richtlinie

Deutsche Standards

  • - BSI-TR-03161-1 (Mobile Anwendungen Teil 1)
  • - BSI-TR-03161-2 (Mobile Anwendungen Teil 2)
  • - BSI-TR-03161-3 (Mobile Anwendungen Teil 3)
  • - TDDDG (Telekommunikation-Digitale-Dienste-Datenschutz)
{/* Control Domains */}

Control Domains

{Object.entries(DOMAIN_LABELS).map(([key, label]) => (
{key}

{label}

))}
{/* Links */}
) }