senaduka/old-riskletpy
1
0
Fork 0
Code Issues 5 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

merged crown jewels

Browse Source
This commit is contained in:
Amir
2025-09-17 15:24:34 +02:00
parent 923ce23009
commit f07636b175
9 changed files with 251 additions and 232 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
backend/accounts/tests/test_tasks.py
View File

@@ -27,8 +27,6 @@ class CeleryTaskTests(TestCase):
product_portfolio="Diverse",
supplier_base="International",
it_infrastructure=["Cloud", "On-Premise"],
intellectual_property=["Patents", "Trademarks"],
sensitive_data=["PII", "Financial Data"],
integration_level="Highly Integrated"
)
self.risk = Risk.objects.create(risk_id="1", risk_name="Test Risk", category="Category1", primary_impact="High")

2
backend/accounts/tests/test_utils.py
View File

@@ -32,8 +32,6 @@ class EmailTests(TestCase):
product_portfolio="Diverse",
supplier_base="International",
it_infrastructure=["Cloud", "On-Premise"],
intellectual_property=["Patents", "Trademarks"],
sensitive_data=["PII", "Financial Data"],
integration_level="Highly Integrated"
)
self.document = Document.objects.create(organization=self.organization)

31
backend/core/forms.py
View File

@@ -9,14 +9,12 @@ class OrganizationForm(forms.ModelForm):
'compliance_frameworks', 'industry_sector', 'it_dependency', 'data_sensitivity',
'network_infrastructure', 'remote_workforce_percentage', 'third_party_vendor_access',
'internal_software_development', 'geographic_scope', 'customer_base', 'customer_type',
'product_portfolio', 'supplier_base', 'it_infrastructure', 'intellectual_property',
'sensitive_data','sensitive_data_types', 'integration_level', 'ip_value', 'change_rate', 'threat_actors', 'expert_analysis'
'product_portfolio', 'supplier_base', 'it_infrastructure',
'sensitive_data_types', 'integration_level', 'change_rate', 'threat_actors', 'expert_analysis'
]
widgets = {
'compliance_frameworks': forms.CheckboxSelectMultiple(),
'it_infrastructure': forms.CheckboxSelectMultiple(),
'intellectual_property': forms.CheckboxSelectMultiple(),
'sensitive_data': forms.CheckboxSelectMultiple(),
'threat_actors': forms.CheckboxSelectMultiple(),
'sensitive_data_types': forms.CheckboxSelectMultiple(),
}
@@ -38,13 +36,24 @@ class OrganizationForm(forms.ModelForm):
if sector == 'other' and sector_other:
cleaned_data['industry_sector'] = sector_other
# Handle sensitive_data_types
types = cleaned_data.get('sensitive_data_types') or []
other_type = self.data.get('sensitive_data_types_other', '').strip()
if 'other' in types and other_type:
types = [t for t in types if t != 'other']
types.append(other_type)
cleaned_data['sensitive_data_types'] = types
# Handle Sensitive Data Types & Business Impact
sensitive_data_types = {}
data_types = [
('personal', 'personal_applicable', 'personal_impact'),
('financial', 'financial_applicable', 'financial_impact'),
('ip', 'ip_applicable', 'ip_impact'),
('operational', 'operational_applicable', 'operational_impact'),
('government', 'government_applicable', 'government_impact'),
('none', 'none_applicable', None)
]
for key, applicable_name, impact_name in data_types:
applicable = self.data.get(applicable_name) == 'on'
entry = {'applicable': applicable}
if impact_name:
impact = self.data.get(impact_name)
entry['impact'] = int(impact) if impact and impact.isdigit() else None
sensitive_data_types[key] = entry
cleaned_data['sensitive_data_types'] = sensitive_data_types
return cleaned_data

25
backend/core/migrations/0026_remove_organization_intellectual_property_and_more.py Normal file
View File

@@ -0,0 +1,25 @@
# Generated by Django 5.1.3 on 2025-09-17 10:33
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
('core', '0025_alter_document_status'),
]
operations = [
migrations.RemoveField(
model_name='organization',
name='intellectual_property',
),
migrations.RemoveField(
model_name='organization',
name='ip_value',
),
migrations.RemoveField(
model_name='organization',
name='sensitive_data',
),
]

5
backend/core/models.py
View File

@@ -62,14 +62,11 @@ class Organization(models.Model):
product_portfolio = models.CharField(max_length=20, null=True, blank=True, help_text="How diversified is your product/service portfolio?")
supplier_base = models.CharField(max_length=20, null=True, blank=True, help_text="What is your supplier base structure?")
it_infrastructure = models.JSONField(null=True, blank=True, help_text="What is your primary IT infrastructure model?") # Stores selected IT infrastructure types as a list
intellectual_property = models.JSONField(null=True, blank=True, help_text="How does your organization protect and manage intellectual property?") # Stores selected IP protection types as a list
sensitive_data = models.JSONField(null=True, blank=True, help_text="What type of sensitive data does your organization handle?") # Stores selected sensitive data types as a list
integration_level = models.CharField(max_length=20, null=True, blank=True, help_text="How integrated are your critical business systems?")
network_infrastructure = models.CharField(max_length=20, null=True, blank=True, help_text="What best describes your organization's network infrastructure model?")
ip_value = models.CharField(max_length=20, null=True, blank=True, help_text="Intellectual Property (IP) Value: Select best description of IP's importance to the business model.")
change_rate = models.CharField(max_length=20, null=True, blank=True, help_text="How frequently does your organization undergo significant technology or business changes?")
threat_actors = models.JSONField(null=True, blank=True, help_text="Which types of threat actors are most relevant to your organization (e.g., cybercriminals, insiders, nation-states)?")
sensitive_data_types = models.JSONField(null=True, blank=True, help_text="What type of sensitive data does your organization handle?")
sensitive_data_types = models.JSONField(null=True, blank=True, help_text="Stores applicable status and business impact rating (1-5) for each sensitive data type. Example: {'personal': {'applicable': True, 'impact': 4}, ...}")
risks = models.ManyToManyField('Risk', related_name='organizations', blank=True)
expert_analysis = models.BooleanField(null=True, blank=True)

51
backend/core/static/js/formHandling.js
View File

@@ -156,6 +156,9 @@ function showQuestion(questionId) {
const question = document.getElementById(questionId);
question.classList.remove('d-none');
progressBar();
if (questionId == 'q7') {
setupSensitiveDataValidator();
}
}
function setButtonVisiblity(buttonId, visible) {
@@ -229,4 +232,50 @@ function progressBar() {
basicBarWrap.classList.add('d-none');
advancedBarWrap.classList.add('d-none');
}
}
}
function setupSensitiveDataValidator() {
const dataTypes = [
{checkbox: 'personal_applicable', radios: 'personal_impact'},
{checkbox: 'financial_applicable', radios: 'financial_impact'},
{checkbox: 'ip_applicable', radios: 'ip_impact'},
{checkbox: 'operational_applicable', radios: 'operational_impact'},
{checkbox: 'government_applicable', radios: 'government_impact'}
];
function updateRadios(type) {
const cb = document.getElementById(type.checkbox);
const radios = document.querySelectorAll(`input[name="${type.radios}"]`);
const noneCb = document.getElementById('none_applicable');
if (noneCb && noneCb.checked) {
radios.forEach(radio => {
radio.disabled = true;
radio.checked = false;
});
return;
}
radios.forEach(radio => {
radio.disabled = !cb.checked;
if (!cb.checked) radio.checked = false;
});
}
dataTypes.forEach(type => {
const cb = document.getElementById(type.checkbox);
if (cb) {
cb.addEventListener('change', () => updateRadios(type));
updateRadios(type);
}
});
const noneCb = document.getElementById('none_applicable');
if (noneCb) {
noneCb.addEventListener('change', function() {
if (noneCb.checked) {
['personal_applicable','financial_applicable','ip_applicable','operational_applicable','government_applicable'].forEach(id => {
const cb = document.getElementById(id);
if (cb) cb.checked = false;
});
}
dataTypes.forEach(type => updateRadios(type));
});
}
}

347
backend/core/templates/signup.html
View File

@@ -474,78 +474,136 @@
<!-- Sensitive Data Level -->
<div class="mb-3 question basic-section" id="q7">
<label class="form-label mt-3">
Sensitive Data Handled:
Sensitive Data Types & Business Impact in Case of Loss or Compromise
<br>
<small class="form-text text-muted">
Select all applicable categories - Core risk driver
For each data type, mark if applicable and rate the business impact (1 - Very Low, 5 - Critical).
</small>
</label>
<hr>
<div class="pb-3">
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data" id="data-customer-pii" value="customer-pii">
<label class="form-check-label" for="data-customer-pii">
<i class="fa-solid fa-id-card"></i> Customer Personally Identifiable Information (PII - e.g., names, addresses, email)
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data" id="data-employee-pii" value="employee-pii">
<label class="form-check-label" for="data-employee-pii">
<i class="fa-solid fa-user-tie"></i> Employee Personally Identifiable Information (PII)
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data" id="data-phi" value="phi">
<label class="form-check-label" for="data-phi">
<i class="fa-solid fa-notes-medical"></i> Protected Health Information (PHI)
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data" id="data-pci" value="pci">
<label class="form-check-label" for="data-pci">
<i class="fa-solid fa-credit-card"></i> Payment Card Industry Data (PCI-DSS Scope)
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data" id="data-financial" value="financial">
<label class="form-check-label" for="data-financial">
<i class="fa-solid fa-file-invoice-dollar"></i> Confidential Financial Information (Non-PCI)
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data" id="data-ip" value="ip">
<label class="form-check-label" for="data-ip">
<i class="fa-solid fa-lightbulb"></i> Intellectual Property / Trade Secrets / R&amp;D Data
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data" id="data-strategy" value="strategy">
<label class="form-check-label" for="data-strategy">
<i class="fa-solid fa-chess-king"></i> Sensitive Business Strategy / M&amp;A Data
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data" id="data-gov" value="government">
<label class="form-check-label" for="data-gov">
<i class="fa-solid fa-user-shield"></i> Government Classified / Controlled Unclassified Information (CUI)
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data" id="data-ot" value="ot">
<label class="form-check-label" for="data-ot">
<i class="fa-solid fa-microchip"></i> Critical Operational Technology (OT) Data
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data" id="data-none" value="none">
<label class="form-check-label" for="data-none">
<i class="fa-solid fa-circle-xmark"></i> None / Minimal Sensitive Data Handled
</label>
</div>
</div>
<small class="form-text text-muted py-3">Assesses the potential impact of data breaches and
determines
required security controls.</small>
<table class="table table-bordered align-middle">
<thead>
<tr>
<th>Data Type</th>
<th style="width:10px">Applicable?</th>
<th>Business Impact</th>
</tr>
</thead>
<tbody>
<tr>
<td>Personal Data (PII, PHI, etc.)</td>
<td>
<input type="checkbox" name="personal_applicable" id="personal_applicable">
</td>
<td>
<div class="btn-group" role="group" aria-label="Business Impact">
<input type="radio" class="btn-check" name="personal_impact" id="personal_impact_1" value="1">
<label class="btn btn-outline-success btn-sm" for="personal_impact_1">1</label>
<input type="radio" class="btn-check" name="personal_impact" id="personal_impact_2" value="2">
<label class="btn btn-outline-success btn-sm" for="personal_impact_2">2</label>
<input type="radio" class="btn-check" name="personal_impact" id="personal_impact_3" value="3">
<label class="btn btn-outline-success btn-sm" for="personal_impact_3">3</label>
<input type="radio" class="btn-check" name="personal_impact" id="personal_impact_4" value="4">
<label class="btn btn-outline-success btn-sm" for="personal_impact_4">4</label>
<input type="radio" class="btn-check" name="personal_impact" id="personal_impact_5" value="5">
<label class="btn btn-outline-success btn-sm" for="personal_impact_5">5</label>
</div>
</td>
</tr>
<tr>
<td>Financial Data (PCI, records)</td>
<td>
<input type="checkbox" name="financial_applicable" id="financial_applicable">
</td>
<td>
<div class="btn-group" role="group" aria-label="Business Impact">
<input type="radio" class="btn-check" name="financial_impact" id="financial_impact_1" value="1">
<label class="btn btn-outline-success btn-sm" for="financial_impact_1">1</label>
<input type="radio" class="btn-check" name="financial_impact" id="financial_impact_2" value="2">
<label class="btn btn-outline-success btn-sm" for="financial_impact_2">2</label>
<input type="radio" class="btn-check" name="financial_impact" id="financial_impact_3" value="3">
<label class="btn btn-outline-success btn-sm" for="financial_impact_3">3</label>
<input type="radio" class="btn-check" name="financial_impact" id="financial_impact_4" value="4">
<label class="btn btn-outline-success btn-sm" for="financial_impact_4">4</label>
<input type="radio" class="btn-check" name="financial_impact" id="financial_impact_5" value="5">
<label class="btn btn-outline-success btn-sm" for="financial_impact_5">5</label>
</div>
</td>
</tr>
<tr>
<td>Intellectual Property / Strategic Data</td>
<td>
<input type="checkbox" name="ip_applicable" id="ip_applicable">
</td>
<td>
<div class="btn-group" role="group" aria-label="Business Impact">
<input type="radio" class="btn-check" name="ip_impact" id="ip_impact_1" value="1">
<label class="btn btn-outline-success btn-sm" for="ip_impact_1">1</label>
<input type="radio" class="btn-check" name="ip_impact" id="ip_impact_2" value="2">
<label class="btn btn-outline-success btn-sm" for="ip_impact_2">2</label>
<input type="radio" class="btn-check" name="ip_impact" id="ip_impact_3" value="3">
<label class="btn btn-outline-success btn-sm" for="ip_impact_3">3</label>
<input type="radio" class="btn-check" name="ip_impact" id="ip_impact_4" value="4">
<label class="btn btn-outline-success btn-sm" for="ip_impact_4">4</label>
<input type="radio" class="btn-check" name="ip_impact" id="ip_impact_5" value="5">
<label class="btn btn-outline-success btn-sm" for="ip_impact_5">5</label>
</div>
</td>
</tr>
<tr>
<td>Critical Operational Data</td>
<td>
<input type="checkbox" name="operational_applicable" id="operational_applicable">
</td>
<td>
<div class="btn-group" role="group" aria-label="Business Impact">
<input type="radio" class="btn-check" name="operational_impact" id="operational_impact_1" value="1">
<label class="btn btn-outline-success btn-sm" for="operational_impact_1">1</label>
<input type="radio" class="btn-check" name="operational_impact" id="operational_impact_2" value="2">
<label class="btn btn-outline-success btn-sm" for="operational_impact_2">2</label>
<input type="radio" class="btn-check" name="operational_impact" id="operational_impact_3" value="3">
<label class="btn btn-outline-success btn-sm" for="operational_impact_3">3</label>
<input type="radio" class="btn-check" name="operational_impact" id="operational_impact_4" value="4">
<label class="btn btn-outline-success btn-sm" for="operational_impact_4">4</label>
<input type="radio" class="btn-check" name="operational_impact" id="operational_impact_5" value="5">
<label class="btn btn-outline-success btn-sm" for="operational_impact_5">5</label>
</div>
</td>
</tr>
<tr>
<td>Government/Controlled Data</td>
<td>
<input type="checkbox" name="government_applicable" id="government_applicable">
</td>
<td>
<div class="btn-group" role="group" aria-label="Business Impact">
<input type="radio" class="btn-check" name="government_impact" id="government_impact_1" value="1">
<label class="btn btn-outline-success btn-sm" for="government_impact_1">1</label>
<input type="radio" class="btn-check" name="government_impact" id="government_impact_2" value="2">
<label class="btn btn-outline-success btn-sm" for="government_impact_2">2</label>
<input type="radio" class="btn-check" name="government_impact" id="government_impact_3" value="3">
<label class="btn btn-outline-success btn-sm" for="government_impact_3">3</label>
<input type="radio" class="btn-check" name="government_impact" id="government_impact_4" value="4">
<label class="btn btn-outline-success btn-sm" for="government_impact_4">4</label>
<input type="radio" class="btn-check" name="government_impact" id="government_impact_5" value="5">
<label class="btn btn-outline-success btn-sm" for="government_impact_5">5</label>
</div>
</td>
</tr>
<tr>
<td>None / Minimal Sensitive Data</td>
<td>
<input type="checkbox" name="none_applicable" id="none_applicable">
</td>
<td>
N/A
</td>
</tr>
</tbody>
</table>
<small class="form-text text-muted py-3">
Use the scale to indicate how critical each applicable data type is for your business.
</small>
</div>
<!-- Overall Sensitivity Level of Data Processed -->
@@ -589,49 +647,8 @@
</small>
</div>
<!-- Intellectual Property (IP) Value -->
<div class="mb-3 question basic-section" id="q9">
<label class="form-label mt-3">
Intellectual Property (IP) Value:
<br>
<small class="form-text text-muted">
Select best description of IP's importance to the business model
</small>
</label>
<hr>
<div class="pb-3">
<div class="form-check">
<input class="form-check-input" type="radio" name="ip_value" id="ip-value-low" value="low" required>
<label class="form-check-label" for="ip-value-low">
<i class="fa-regular fa-circle"></i> Low: IP is not a significant differentiator or revenue driver.
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="radio" name="ip_value" id="ip-value-medium" value="medium">
<label class="form-check-label" for="ip-value-medium">
<i class="fa-solid fa-lightbulb"></i> Medium: IP provides some competitive advantage or supports core products.
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="radio" name="ip_value" id="ip-value-high" value="high">
<label class="form-check-label" for="ip-value-high">
<i class="fa-solid fa-chess-king"></i> High: IP is a primary source of competitive advantage and revenue.
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="radio" name="ip_value" id="ip-value-critical" value="critical">
<label class="form-check-label" for="ip-value-critical">
<i class="fa-solid fa-gem"></i> Critical: Business model is fundamentally based on unique, high-value IP.
</label>
</div>
</div>
<small class="form-text text-muted py-3">
Indicates the strategic importance of intellectual property to your organization.
</small>
</div>
<!-- Remote Workforce Percentage -->
<div class="mb-3 question basic-section" id="q10">
<div class="mb-3 question basic-section" id="q9">
<label class="form-label mt-3">What percentage of your workforce operates remotely?</label>
<hr>
<div class="pb-3">
@@ -665,7 +682,7 @@
</div>
<!-- Third-Party Vendor Access -->
<div class="mb-3 question basic-section" id="q11">
<div class="mb-3 question basic-section" id="q10">
<label class="form-label mt-3">How many third-party vendors have access to your systems?</label>
<hr>
<div class="pb-3">
@@ -699,7 +716,7 @@
</div>
<!-- Internal Software Development -->
<div class="mb-3 question basic-section" id="q12">
<div class="mb-3 question basic-section" id="q11">
<label class="form-label mt-3">
Internal Software Development for Critical Applications:
<br>
@@ -727,7 +744,7 @@
</div>
<!-- IT Infrastructure Model -->
<div class="mb-3 question basic-section" id="q13">
<div class="mb-3 question basic-section" id="q12">
<label class="form-label mt-3">What is your primary IT infrastructure model?</label>
<hr>
<div class="pb-3">
@@ -767,7 +784,7 @@
<!-- Network Infrastructure Model -->
<div class="mb-3 question basic-section" id="q14">
<div class="mb-3 question basic-section" id="q13">
<label class="form-label mt-3">
Network Infrastructure Model:
<br>
@@ -814,7 +831,7 @@
</div>
<!-- Geographic Operational Scope -->
<div class="mb-3 question basic-section" id="q15">
<div class="mb-3 question basic-section" id="q14">
<label class="form-label mt-3">
Geographic Operational Scope:
<br>
@@ -854,7 +871,7 @@
</div>
<!--Customer Base Distribution -->
<div class="mb-3 question basic-section" id="q16">
<div class="mb-3 question basic-section" id="q15">
<label class="form-label mt-3">
Customer Base Distribution:
<br>
@@ -888,7 +905,7 @@
<!-- Primary Customer Type -->
<div class="mb-3 question basic-section" id="q17">
<div class="mb-3 question basic-section" id="q16">
<label class="form-label mt-3">
Primary Customer Type:
<br>
@@ -934,7 +951,7 @@
<!-- Product/Service Portfolio -->
<div class="mb-3 question basic-section" id="q18">
<div class="mb-3 question basic-section" id="q17">
<label class="form-label mt-3">
Product/Service Portfolio Diversity:
<br>
@@ -968,7 +985,7 @@
</div>
<!-- Supplier Base Structure -->
<div class="mb-3 question basic-section" id="q19">
<div class="mb-3 question basic-section" id="q18">
<label class="form-label mt-3">
Dependency on Critical Suppliers:
<br>
@@ -1000,94 +1017,8 @@
<small class="form-text text-muted py-3">Assesses third-party cybersecurity risks.</small>
</div>
<!-- Intellectual Property Protection -->
<div class="mb-3 question basic-section" id="q20">
<label class="form-label mt-3">How does your organization protect and manage intellectual
property?</label>
<hr>
<div class="pb-3">
<div class="form-check">
<input class="form-check-input" type="checkbox" name="intellectual_property" id="ip-patents" value="patents">
<label class="form-check-label" for="ip-patents">
<i class="fa-solid fa-certificate"></i> Patents owned
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="intellectual_property" id="ip-licensed" value="licensed-ip">
<label class="form-check-label" for="ip-licensed">
<i class="fa-solid fa-file-contract"></i> Licensed IP from others
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="intellectual_property" id="ip-trade-secrets" value="trade-secrets">
<label class="form-check-label" for="ip-trade-secrets">
<i class="fa-solid fa-user-secret"></i> Trade secrets
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="intellectual_property" id="ip-joint" value="joint-ip">
<label class="form-check-label" for="ip-joint">
<i class="fa-solid fa-people-arrows"></i> Joint IP ownership
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="intellectual_property" id="ip-none" value="no-ip">
<label class="form-check-label" for="ip-none">
<i class="fa-solid fa-circle-xmark"></i> No significant IP
</label>
</div>
</div>
<small class="form-text text-muted py-3">Evaluates cybersecurity needs based on IP
ownership.</small>
</div>
<!-- Sensitive Data -->
<div class="mb-3 question basic-section" id="q21">
<label class="form-label mt-3">What type of sensitive data does your organization handle?</label>
<hr>
<div class="pb-3">
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data_types" id="data-personal" value="personal">
<label class="form-check-label" for="data-personal">
<i class="fa-solid fa-id-card"></i> Personal customer data
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data_types" id="data-financial-q22" value="financial">
<label class="form-check-label" for="data-financial-q22">
<i class="fa-solid fa-file-invoice-dollar"></i> Financial records
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data_types" id="data-healthcare" value="healthcare">
<label class="form-check-label" for="data-healthcare">
<i class="fa-solid fa-notes-medical"></i> Healthcare information
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data_types" id="data-ip-q22" value="ip-property">
<label class="form-check-label" for="data-ip-q22">
<i class="fa-solid fa-lightbulb"></i> Intellectual property
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data_types" id="data-gov-q22" value="government">
<label class="form-check-label" for="data-gov-q22">
<i class="fa-solid fa-user-shield"></i> Government data
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data_types" id="data-payment" value="payment">
<label class="form-check-label" for="data-payment">
<i class="fa-solid fa-credit-card"></i> Payment card data
</label>
</div>
</div>
<small class="form-text text-muted py-3">Identifies compliance frameworks.</small>
</div>
<!-- Critical Business Systems -->
<div class="mb-3 question basic-section" id="q22">
<div class="mb-3 question basic-section" id="q19">
<label class="form-label mt-3">
Integration of Critical Business Systems:
<br>
@@ -1126,7 +1057,7 @@
</div>
<!-- Rate of Technology / Business Change -->
<div class="mb-3 question basic-section" id="q23">
<div class="mb-3 question basic-section" id="q20">
<label class="form-label mt-3">
Rate of Technology / Business Change:
<br>
@@ -1161,7 +1092,7 @@
</div>
<!-- Relevant Threat Actors -->
<div class="mb-3 question basic-section" id="q24">
<div class="mb-3 question basic-section" id="q21">
<label class="form-label mt-3">
Relevant Threat Actors:
<br>
@@ -1214,7 +1145,7 @@
</div>
<!-- Expert Analysis -->
<div class="mb-3 question basic-section" id="q25">
<div class="mb-3 question basic-section" id="q22">
<label class="form-label mt-3">
Do u want to perform an expert analysis of your cybersecurity posture?
<br>

10
backend/core/tests/test_utils.py
View File

@@ -33,8 +33,14 @@ class UtilsTests(TestCase):
product_portfolio="Diverse",
supplier_base="International",
it_infrastructure=["Cloud", "On-Premise"],
intellectual_property=["Patents", "Trademarks"],
sensitive_data=["PII", "Financial Data"],
sensitive_data_types={
"personal": {"applicable": True, "impact": 4},
"financial": {"applicable": True, "impact": 3},
"ip": {"applicable": False, "impact": None},
"operational": {"applicable": True, "impact": 5},
"government": {"applicable": False, "impact": None},
"none": {"applicable": False}
},
integration_level="Highly Integrated"
)

10
backend/core/tests/test_views.py
View File

@@ -35,8 +35,14 @@ class DocumentViewTest(TestCase):
product_portfolio="Diverse",
supplier_base="International",
it_infrastructure=["Cloud", "On-Premise"],
intellectual_property=["Patents", "Trademarks"],
sensitive_data=["PII", "Financial Data"],
sensitive_data_types={
"personal": {"applicable": True, "impact": 4},
"financial": {"applicable": True, "impact": 3},
"ip": {"applicable": False, "impact": None},
"operational": {"applicable": True, "impact": 5},
"government": {"applicable": False, "impact": None},
"none": {"applicable": False}
},
integration_level="Highly Integrated"
)