ey-catalyst

Runtime error

App Files Files Community

ey-catalyst / dashboard_analytics.py

Yaswanth-Bolla

Updated api

4af0351 9 months ago

raw

history blame contribute delete

19.2 kB

	# dashboard_analytics.py
	from fastapi import APIRouter, HTTPException
	from pydantic import BaseModel
	from typing import List, Optional, Dict, Any
	import os
	import openai
	import json
	from datetime import datetime, timedelta
	import random

	# Environment Variables
	GROQ_API_KEY = os.environ.get("GROQ_API_KEY")
	if GROQ_API_KEY:
	GROQ_API_KEY = GROQ_API_KEY.strip()# Model Setup
	def generate_response(system_prompt: str, user_message: str):
	if not GROQ_API_KEY:
	raise Exception("GROQ_API_KEY environment variable is not set")

	client = openai.OpenAI(api_key=GROQ_API_KEY, base_url="https://api.groq.com/openai/v1")
	try:
	response = client.chat.completions.create(
	model="llama3-8b-8192",
	messages=[
	{"role": "system", "content": system_prompt},
	{"role": "user", "content": user_message}
	],
	temperature=0.4
	)
	return response.choices[0].message.content
	except Exception as e:
	raise Exception(f"GROQ API connection failed: {str(e)}")

	# Request Models
	class DashboardAnalyticsRequest(BaseModel):
	organization_name: Optional[str] = "Organization"
	industry: Optional[str] = "Technology"
	departments: Optional[List[str]] = ["IT", "HR", "Finance", "Operations"]
	time_period: Optional[str] = "last_30_days"

	class AssessmentSummaryRequest(BaseModel):
	assessment_types: List[str]
	organization_context: Optional[str] = ""

	# Response Models
	class KPIMetrics(BaseModel):
	totalRisks: int
	totalThreats: int
	criticalRisks: int
	departments: int
	kpi_justification: str

	class AssessmentSummary(BaseModel):
	assessmentType: str
	completed: int
	inProgress: int
	pending: int
	keyFindings: List[str]
	progress_justification: str

	class RecentActivity(BaseModel):
	action: str
	user: str
	timestamp: str
	meta: str

	class DashboardKPIResponse(BaseModel):
	success: bool
	kpis: KPIMetrics
	message: str

	class AssessmentSummariesResponse(BaseModel):
	success: bool
	summaries: List[AssessmentSummary]
	message: str

	class RecentActivitiesResponse(BaseModel):
	success: bool
	activities: List[RecentActivity]
	message: str

	# Dashboard Analytics Router
	dashboard_router = APIRouter()

	@dashboard_router.post("/api/dashboard/generate-kpis", response_model=DashboardKPIResponse)
	def generate_dashboard_kpis(request: DashboardAnalyticsRequest):
	"""
	Generate realistic KPI metrics for the main dashboard based on organization context
	"""
	system_prompt = """
	You are an expert risk analytics specialist. Your task is to generate realistic KPI metrics for an organization's risk management dashboard.

	Based on the organization context, generate appropriate metrics that reflect:
	1. Total number of identified risks with industry benchmarking justification
	2. Total number of distinct threats with threat landscape analysis
	3. Number of critical risks (high likelihood and high impact) with risk profile justification
	4. Number of departments involved in risk management with organizational structure analysis

	Consider:
	- Organization size and industry standards
	- Typical risk profiles for different industries
	- Realistic proportions between total risks and critical risks
	- Department involvement based on organization structure
	- Industry benchmarks and statistical data
	- Regulatory requirements and compliance factors
	- Technology adoption and digital transformation impacts
	- Geographic and market-specific risk factors

	Provide specific justifications that reference:
	- Industry risk statistics and benchmarks
	- Regulatory requirements for the sector
	- Common risk patterns in similar organizations
	- Technology and operational risk factors
	- Market conditions and business environment
	- Organizational maturity and risk management capabilities

	Respond strictly in this JSON format:
	{
	"kpis": {
	"totalRisks": 125,
	"totalThreats": 45,
	"criticalRisks": 12,
	"departments": 6,
	"kpi_justification": "Detailed explanation of why these metrics are appropriate for this organization, including industry benchmarks, risk factors, and organizational characteristics"
	},
	"rationale": "Brief explanation of the metrics provided"
	}
	"""

	user_message = f"""
	Generate KPI metrics for the following organization:

	Organization: {request.organization_name}
	Industry: {request.industry}
	Departments: {', '.join(request.departments)}
	Time Period: {request.time_period}

	Please provide realistic metrics that align with this organization's profile and industry standards.
	"""

	try:
	result = generate_response(system_prompt, user_message)

	# Extract JSON from the response
	json_start = result.find('{')
	json_end = result.rfind('}') + 1

	if json_start != -1 and json_end > json_start:
	json_str = result[json_start:json_end]
	kpi_data = json.loads(json_str)

	kpis = KPIMetrics(**kpi_data.get("kpis", {}))

	return DashboardKPIResponse(
	success=True,
	kpis=kpis,
	message="Successfully generated dashboard KPI metrics"
	)
	else:
	raise ValueError("No valid JSON found in response")

	except (json.JSONDecodeError, ValueError) as e:
	# Fallback response with industry-appropriate metrics
	base_multiplier = len(request.departments) * 10

	if request.industry.lower() in ["technology", "financial services", "healthcare"]:
	risk_multiplier = 1.5
	elif request.industry.lower() in ["manufacturing", "retail"]:
	risk_multiplier = 1.2
	else:
	risk_multiplier = 1.0

	total_risks = int(base_multiplier * risk_multiplier)
	total_threats = int(total_risks * 0.3)
	critical_risks = int(total_risks * 0.08)
	departments = len(request.departments)

	fallback_kpis = KPIMetrics(
	totalRisks=total_risks,
	totalThreats=total_threats,
	criticalRisks=critical_risks,
	departments=departments,
	kpi_justification=f"Generated for {request.industry} industry with {departments} departments. Risk counts based on industry standards where organizations typically identify 10-15 risks per department. Critical risk ratio of {critical_risks/total_risks:.1%} aligns with industry benchmarks."
	)

	return DashboardKPIResponse(
	success=True,
	kpis=fallback_kpis,
	message="Generated fallback KPI metrics"
	)

	except Exception as e:
	raise HTTPException(status_code=500, detail=f"Error generating KPIs: {str(e)}")

	@dashboard_router.post("/api/dashboard/generate-assessment-summaries", response_model=AssessmentSummariesResponse)
	def generate_assessment_summaries(request: AssessmentSummaryRequest):
	"""
	Generate assessment summaries with realistic progress and key findings
	"""
	system_prompt = """
	You are an expert risk assessment analyst. Your task is to generate realistic assessment summaries for different types of risk assessments.

	For each assessment type, provide:
	1. Number of completed assessments with completion rate justification
	2. Number of assessments in progress with resource allocation reasoning
	3. Number of pending assessments with prioritization justification
	4. Key findings relevant to that assessment type with industry context

	Consider:
	- Realistic distribution of assessment states based on organizational capacity
	- Assessment-specific findings and insights with industry relevance
	- Current risk landscape and common issues with statistical backing
	- Actionable and meaningful key findings with regulatory context
	- Resource constraints and assessment complexity factors
	- Industry benchmarks for assessment completion rates
	- Regulatory requirements and compliance timelines
	- Organizational maturity and risk management capabilities

	Provide specific justifications that reference:
	- Industry standards for assessment completion rates
	- Common findings patterns in similar organizations
	- Regulatory requirements and compliance deadlines
	- Resource allocation best practices
	- Risk assessment methodologies and frameworks
	- Technology and operational assessment challenges

	Respond strictly in this JSON format:
	{
	"summaries": [
	{
	"assessmentType": "Assessment Type Name",
	"completed": 12,
	"inProgress": 3,
	"pending": 2,
	"keyFindings": [
	"Finding 1 with industry context",
	"Finding 2 with regulatory reference"
	],
	"progress_justification": "Explanation of why this progress distribution is realistic for this assessment type, including resource constraints, complexity factors, and industry benchmarks"
	}
	]
	}
	"""

	user_message = f"""
	Generate assessment summaries for the following assessment types:

	Assessment Types: {', '.join(request.assessment_types)}
	Organization Context: {request.organization_context}

	Please provide realistic progress numbers and meaningful key findings for each assessment type.
	"""

	try:
	result = generate_response(system_prompt, user_message)

	# Extract JSON from the response
	json_start = result.find('{')
	json_end = result.rfind('}') + 1

	if json_start != -1 and json_end > json_start:
	json_str = result[json_start:json_end]
	summary_data = json.loads(json_str)

	summaries = [AssessmentSummary(**summary) for summary in summary_data.get("summaries", [])]

	return AssessmentSummariesResponse(
	success=True,
	summaries=summaries,
	message="Successfully generated assessment summaries"
	)
	else:
	raise ValueError("No valid JSON found in response")

	except (json.JSONDecodeError, ValueError) as e:
	# Fallback response with default summaries
	fallback_summaries = []

	for assessment_type in request.assessment_types:
	# Generate realistic numbers
	total_assessments = random.randint(15, 25)
	completed = random.randint(int(total_assessments * 0.6), int(total_assessments * 0.8))
	in_progress = random.randint(2, 5)
	pending = total_assessments - completed - in_progress

	# Generate assessment-specific findings
	if "critical process" in assessment_type.lower():
	key_findings = [
	"85% of critical processes meet documentation standards per ISO 22301",
	"2-3 processes require immediate review due to regulatory changes",
	"Backup procedures need enhancement based on RTO/RPO analysis"
	]
	progress_justification = f"Critical process assessments typically take 2-3 weeks each. Current progress reflects standard organizational capacity and regulatory compliance timelines."
	elif "threat" in assessment_type.lower():
	key_findings = [
	"Phishing remains top threat (42% of incidents per SANS report)",
	"Insider threat controls need strengthening per NIST framework",
	"Third-party risks increased 35% due to digital transformation"
	]
	progress_justification = f"Threat assessments require specialized expertise and threat intelligence analysis. Progress aligns with industry standards for comprehensive threat evaluation."
	elif "site" in assessment_type.lower():
	key_findings = [
	"Physical security controls meet 90% of ASIS guidelines",
	"Some locations need access control upgrades per corporate policy",
	"Emergency procedures comply with local regulatory requirements"
	]
	progress_justification = f"Site assessments depend on geographic distribution and local compliance requirements. Current progress reflects travel constraints and coordination complexity."
	else:
	key_findings = [
	f"{assessment_type} controls are generally effective per industry standards",
	"Some areas need improvement based on regulatory updates",
	"Regular monitoring recommended per risk management framework"
	]
	progress_justification = f"Assessment progress reflects standard organizational capacity and complexity of {assessment_type} evaluation requirements."

	summary = AssessmentSummary(
	assessmentType=assessment_type,
	completed=completed,
	inProgress=in_progress,
	pending=pending,
	keyFindings=key_findings[:2], # Limit to 2 findings
	progress_justification=progress_justification
	)
	fallback_summaries.append(summary)

	return AssessmentSummariesResponse(
	success=True,
	summaries=fallback_summaries,
	message="Generated fallback assessment summaries"
	)

	except Exception as e:
	raise HTTPException(status_code=500, detail=f"Error generating assessment summaries: {str(e)}")

	@dashboard_router.get("/api/dashboard/generate-recent-activities", response_model=RecentActivitiesResponse)
	def generate_recent_activities(days: int = 7, limit: int = 10):
	"""
	Generate realistic recent activities for the dashboard activity feed
	"""
	try:
	# Generate sample activities with realistic timestamps
	activity_types = [
	("Risk escalated", "Risk: Data Breach"),
	("Threat added", "Threat: Ransomware"),
	("Assessment completed", "Critical Process RA"),
	("Risk mitigated", "Risk: System Failure"),
	("Threat updated", "Threat: Phishing Attack"),
	("Assessment started", "Site Assessment"),
	("Risk reviewed", "Risk: Supply Chain"),
	("Control implemented", "Multi-factor Authentication"),
	("Vulnerability identified", "Network Security Gap"),
	("Training completed", "Security Awareness")
	]

	users = ["Jane Doe", "John Smith", "Alice Johnson", "Bob Wilson", "Carol Brown", "David Lee"]

	activities = []

	for i in range(min(limit, len(activity_types))):
	# Generate timestamp within the last 'days' days
	days_ago = random.randint(0, days)
	hours_ago = random.randint(0, 23)
	minutes_ago = random.randint(0, 59)

	timestamp = datetime.now() - timedelta(days=days_ago, hours=hours_ago, minutes=minutes_ago)

	action, meta = activity_types[i]
	user = random.choice(users)

	activity = RecentActivity(
	action=action,
	user=user,
	timestamp=timestamp.isoformat() + "Z",
	meta=meta
	)
	activities.append(activity)

	# Sort by timestamp (most recent first)
	activities.sort(key=lambda x: x.timestamp, reverse=True)

	return RecentActivitiesResponse(
	success=True,
	activities=activities,
	message=f"Successfully generated {len(activities)} recent activities"
	)

	except Exception as e:
	raise HTTPException(status_code=500, detail=f"Error generating recent activities: {str(e)}")

	@dashboard_router.post("/api/dashboard/generate-risk-insights")
	def generate_risk_insights(organization_context: str = "", focus_areas: List[str] = []):
	"""
	Generate strategic risk insights and recommendations for executive dashboard
	"""
	system_prompt = """
	You are a senior risk management consultant. Your task is to generate strategic risk insights and recommendations for executive leadership.

	Provide:
	1. Top 3-5 strategic risk insights
	2. Trend analysis and predictions
	3. Actionable recommendations for senior management
	4. Key performance indicators to monitor

	Consider:
	- Current business environment and market conditions
	- Emerging risks and threat landscapes
	- Regulatory and compliance considerations
	- Business continuity and operational resilience

	Respond strictly in this JSON format:
	{
	"insights": [
	{
	"title": "Insight Title",
	"description": "Detailed insight description",
	"priority": "High/Medium/Low",
	"recommendation": "Specific recommendation"
	}
	],
	"trends": [
	"Trend observation 1",
	"Trend observation 2"
	],
	"kpis_to_monitor": [
	"KPI 1",
	"KPI 2"
	]
	}
	"""

	user_message = f"""
	Generate strategic risk insights for the following context:

	Organization Context: {organization_context}
	Focus Areas: {', '.join(focus_areas) if focus_areas else 'General risk management'}

	Please provide executive-level insights and recommendations.
	"""

	try:
	result = generate_response(system_prompt, user_message)

	# Extract JSON from the response
	json_start = result.find('{')
	json_end = result.rfind('}') + 1

	if json_start != -1 and json_end > json_start:
	json_str = result[json_start:json_end]
	insights_data = json.loads(json_str)

	return {
	"success": True,
	"insights": insights_data.get("insights", []),
	"trends": insights_data.get("trends", []),
	"kpis_to_monitor": insights_data.get("kpis_to_monitor", []),
	"message": "Successfully generated risk insights"
	}
	else:
	raise ValueError("No valid JSON found in response")

	except Exception as e:
	# Fallback response
	fallback_insights = [
	{
	"title": "Cybersecurity Threat Evolution",
	"description": "Increasing sophistication of cyber attacks requires enhanced security measures",
	"priority": "High",
	"recommendation": "Implement zero-trust architecture and advanced threat detection"
	},
	{
	"title": "Supply Chain Resilience",
	"description": "Global supply chain disruptions pose ongoing operational risks",
	"priority": "Medium",
	"recommendation": "Diversify supplier base and establish contingency plans"
	}
	]

	return {
	"success": True,
	"insights": fallback_insights,
	"trends": ["Increased remote work security challenges", "Regulatory compliance complexity"],
	"kpis_to_monitor": ["Mean time to detect threats", "Risk mitigation completion rate"],
	"message": "Generated fallback risk insights"
	}