Spaces:

anktechsol
/

anupalan-karta

Running

App Files Files Community

anupalan-karta / js /compliance.js

anktechsol's picture

Create js/compliance.js

336f16a verified 10 months ago

history blame contribute delete

11.7 kB

	// Import Hugging Face pipeline helpers (for browser environments supporting ES modules)
	import { pipeline } from 'https://cdn.jsdelivr.net/npm/@huggingface/transformers@3';

	// Lazy-load models
	const getSummariser = () => pipeline('summarization', 'facebook/bart-large-cnn');
	const getPrivacyGuard = () => pipeline('text-classification', 'metricspace/GDPR_Input_Detection_and_Anonymization_0.5B');
	const getLegalEncoder = () => pipeline('feature-extraction', 'nlpaueb/legal-bert-base-uncased', { quantized: true });

	const summariserP = getSummariser();
	const privacyGuardP = getPrivacyGuard();
	const legalEncoderP = getLegalEncoder();

	// Compliance Assessment Logic
	class ComplianceAssessment {
	constructor() {
	this.assessmentData = {
	gdpr: {
	name: "GDPR Compliance",
	questions: [
	{ id: 1, question: "Do you have a privacy policy clearly stating data collection purposes?", weight: 5 },
	{ id: 2, question: "Have you implemented data subject rights (access, rectification, erasure)?", weight: 5 },
	{ id: 3, question: "Do you have procedures for data breach notification within 72 hours?", weight: 4 },
	{ id: 4, question: "Have you conducted Data Protection Impact Assessments (DPIAs)?", weight: 4 },
	{ id: 5, question: "Do you have documented consent mechanisms for data processing?", weight: 3 }
	]
	},
	euAiAct: {
	name: "EU AI Act Compliance",
	questions: [
	{ id: 1, question: "Have you classified your AI system according to risk levels?", weight: 5 },
	{ id: 2, question: "Do you have transparency requirements implemented for AI decisions?", weight: 4 },
	{ id: 3, question: "Have you established human oversight mechanisms?", weight: 4 },
	{ id: 4, question: "Do you have bias testing and mitigation procedures?", weight: 4 },
	{ id: 5, question: "Have you implemented AI system documentation and logging?", weight: 3 }
	]
	},
	iso27001: {
	name: "ISO 27001 Compliance",
	questions: [
	{ id: 1, question: "Do you have documented information security policies?", weight: 5 },
	{ id: 2, question: "Have you conducted comprehensive risk assessments?", weight: 5 },
	{ id: 3, question: "Do you have incident response procedures in place?", weight: 4 },
	{ id: 4, question: "Have you implemented access control measures?", weight: 4 },
	{ id: 5, question: "Do you have a continuous improvement framework?", weight: 3 }
	]
	}
	};
	}

	generateSampleAssessment() {
	const sampleResponses = {};
	Object.keys(this.assessmentData).forEach(standard => {
	sampleResponses[standard] = {};
	this.assessmentData[standard].questions.forEach(q => {
	sampleResponses[standard][q.id] = Math.random() > 0.3 ? 'yes' : 'no';
	});
	});
	return sampleResponses;
	}

	calculateScore(responses, standard) {
	const questions = this.assessmentData[standard].questions;
	let totalScore = 0;
	let maxScore = 0;
	questions.forEach(q => {
	maxScore += q.weight;
	if (responses[standard] && responses[standard][q.id] === 'yes') {
	totalScore += q.weight;
	}
	});
	return {
	score: totalScore,
	maxScore: maxScore,
	percentage: Math.round((totalScore / maxScore) * 100)
	};
	}

	generateGapAnalysis(responses, standard) {
	const questions = this.assessmentData[standard].questions;
	const gaps = [];
	questions.forEach(q => {
	if (!responses[standard] \|\| responses[standard][q.id] !== 'yes') {
	gaps.push({
	question: q.question,
	priority: q.weight >= 4 ? 'High' : q.weight >= 3 ? 'Medium' : 'Low',
	recommendation: this.getRecommendation(q.id, standard)
	});
	}
	});
	return gaps;
	}

	getRecommendation(questionId, standard) {
	const recommendations = {
	gdpr: {
	1: "Develop and publish a comprehensive privacy policy",
	2: "Implement data subject request handling procedures",
	3: "Establish breach notification workflows and templates",
	4: "Conduct DPIAs for high-risk processing activities",
	5: "Implement clear consent collection mechanisms"
	},
	euAiAct: {
	1: "Perform AI system risk classification assessment",
	2: "Implement algorithmic transparency measures",
	3: "Establish human-in-the-loop oversight processes",
	4: "Conduct bias testing and implement mitigation strategies",
	5: "Implement comprehensive AI system logging and documentation"
	},
	iso27001: {
	1: "Develop and approve information security policies",
	2: "Conduct systematic information security risk assessments",
	3: "Establish incident response team and procedures",
	4: "Implement role-based access control systems",
	5: "Establish continuous improvement processes for security management"
	}
	};
	return recommendations[standard][questionId] \|\| "Consult with compliance experts for specific guidance";
	}
	}

	// PDF Report Generation with AI Integration
	class ReportGenerator {
	constructor() {
	this.assessment = new ComplianceAssessment();
	}

	// Compose a narrative for summarization
	composeNarrative(responses) {
	let narrative = '';
	Object.keys(this.assessment.assessmentData).forEach(standard => {
	const standardData = this.assessment.assessmentData[standard];
	narrative += `${standardData.name}:\n`;
	standardData.questions.forEach(q => {
	const answer = responses[standard] && responses[standard][q.id] ? responses[standard][q.id] : 'no response';
	narrative += `Q: ${q.question}\nA: ${answer}\n`;
	});
	});
	return narrative;
	}

	// Main PDF generation function (async for AI)
	async generatePDFReport(responses) {
	const { jsPDF } = window.jspdf;
	const doc = new jsPDF({ compress: true });
	let y = 20;

	// Header
	doc.setFontSize(18).text('Anupalan Karta Compliance Report', 20, y);
	y += 10;

	// Executive Summary (AI-generated)
	const fullNarrative = this.composeNarrative(responses);
	const summaryText = await buildExecutiveSummary(fullNarrative);
	doc.setFontSize(14).text('Executive Summary', 20, y); y += 8;
	doc.setFontSize(11).text(doc.splitTextToSize(summaryText, 170), 20, y);
	y += 20;

	// Privacy Warning (AI-flagged)
	if (await containsSensitive(fullNarrative)) {
	doc.setTextColor(200, 0, 0).setFontSize(12)
	.text('⚠︎ Potential GDPR-sensitive content detected', 20, y);
	doc.setTextColor(0, 0, 0); y += 10;
	}

	// Individual Standards
	Object.keys(this.assessment.assessmentData).forEach(standard => {
	if (y > 250) {
	doc.addPage();
	y = 20;
	}
	const standardData = this.assessment.assessmentData[standard];
	const score = this.assessment.calculateScore(responses, standard);

	doc.setFontSize(14).text(standardData.name, 20, y); y += 10;
	doc.setFontSize(12).text(`Score: ${score.score}/${score.maxScore} (${score.percentage}%)`, 20, y); y += 10;

	// Gap Analysis
	const gaps = this.assessment.generateGapAnalysis(responses, standard);
	if (gaps.length > 0) {
	doc.text('Key Gaps:', 20, y); y += 8;
	gaps.slice(0, 3).forEach(gap => {
	if (y > 250) {
	doc.addPage();
	y = 20;
	}
	doc.setFontSize(10);
	const lines = doc.splitTextToSize(`• ${gap.question}`, 160);
	doc.text(lines, 25, y);
	y += lines.length * 4;
	const recLines = doc.splitTextToSize(` Recommendation: ${gap.recommendation}`, 160);
	doc.text(recLines, 25, y);
	y += recLines.length * 4 + 5;
	});
	}
	y += 10;
	});

	// Footer
	doc.setFontSize(9).text('Generated with Hugging Face models in the browser',
	20, doc.internal.pageSize.height - 10);

	return doc;
	}
	}

	// Hugging Face AI helpers

	// Executive summary using BART
	async function buildExecutiveSummary(rawText) {
	const summariser = await summariserP;
	const chunks = rawText.match(/(.\|[\r\n]){1,3000}/g);
	let summary = '';
	for (const c of chunks) {
	const out = await summariser(c, { max_length: 120, min_length: 40 });
	summary += out[0].summary_text + ' ';
	}
	return summary.trim();
	}

	// Privacy check using GDPR model
	async function containsSensitive(text) {
	const guard = await privacyGuardP;
	const res = await guard(text, { topk: 1 });
	return res[0].label === 'SENSITIVE' && res[0].score > 0.6;
	}

	// Legal insight embedding (future use)
	async function legalVector(text) {
	const encoder = await legalEncoderP;
	const emb = await encoder(text);
	return emb;
	}

	// UI Logic

	// Generate Sample Report
	window.generateSampleReport = async function() {
	const assessment = new ComplianceAssessment();
	const reportGenerator = new ReportGenerator();
	const sampleResponses = assessment.generateSampleAssessment();
	const doc = await reportGenerator.generatePDFReport(sampleResponses);
	doc.save('sample-compliance-report.pdf');
	};

	// Interactive Assessment Modal (optional, for custom assessments)
	window.showAssessmentModal = function() {
	// ... (modal code as in previous answers)
	};

	window.closeAssessmentModal = function() {
	// ... (modal code as in previous answers)
	};

	window.generateCustomReport = async function() {
	// ... (collect responses from modal, then:)
	const assessment = new ComplianceAssessment();
	const reportGenerator = new ReportGenerator();
	// Collect responses from UI
	const responses = {};
	Object.keys(assessment.assessmentData).forEach(standard => {
	responses[standard] = {};
	assessment.assessmentData[standard].questions.forEach(q => {
	const radio = document.querySelector(`input[name="${standard}_${q.id}"]:checked`);
	if (radio) {
	responses[standard][q.id] = radio.value;
	}
	});
	});
	const doc = await reportGenerator.generatePDFReport(responses);
	doc.save('compliance-report.pdf');
	window.closeAssessmentModal();
	};

	// Initialization
	document.addEventListener('DOMContentLoaded', function() {
	const sampleButton = document.querySelector('button[onclick="generateSampleReport()"]');
	if (sampleButton) {
	sampleButton.onclick = window.generateSampleReport;
	}
	// Add interactive assessment button if needed
	});