Update app.py

app.py

@@ -1,135 +1,194 @@
+"""
+Governance-GPT Quiz – AI-Maturity Self-Assessment (bucket version)
+Author: Rishabh Sharma – 2025-09-14
+Single-file Gradio Space: 15-question Likert survey ➜ bucket scores ➜ PDF+summary
+"""
+
 import os, tempfile, datetime
 import gradio as gr
 import pandas as pd
-from fpdf import FPDF  # pure-python PDF generator – no wkhtmltopdf needed
+from fpdf import FPDF  # pure-python PDF – no external binaries
 
-# ---------- Quiz Definition ---------- #
+# ------------------- Question bank ------------------- #
 QUESTIONS = [
-    "1. Governance framework is documented and communicated across the organisation.",
-    "2. Roles & responsibilities for AI oversight are clearly assigned.",
-    "3. Data lineage is captured and auditable for all production models.",
-    "4. Privacy impact assessments are performed before every new AI use-case.",
-    "5. Model cards or equivalent documentation exist for each deployed model.",
-    "6. Bias / fairness metrics are monitored post-deployment.",
-    "7. Incident response playbooks cover AI system failures & ethics breaches.",
-    "8. Third-party models and datasets are licensed and risk-assessed.",
-    "9. KPIs link AI outcomes to business & societal value.",
-    "10. Continuous training keeps staff aware of AI policy updates.",
-    "11. Security controls protect model artefacts and inference endpoints.",
-    "12. Explainability techniques are applied commensurate with model impact.",
-    "13. Human-in-the-loop overrides exist for high-risk decisions.",
-    "14. End-of-life or rollback criteria are defined for all models.",
-    "15. Governance performance is reviewed by senior leadership at least quarterly.",
+    "Governance framework is documented and communicated across the organisation.",
+    "Roles & responsibilities for AI oversight are clearly assigned.",
+    "KPIs link AI outcomes to business & societal value.",
+
+    "Data lineage is captured and auditable for all production models.",
+    "Privacy impact assessments are performed before every new AI use-case.",
+    "Bias / fairness metrics are monitored post-deployment.",
+
+    "Incident response playbooks cover AI system failures & ethics breaches.",
+    "Third-party models and datasets are licensed and risk-assessed.",
+    "Governance performance is reviewed by senior leadership at least quarterly.",
+
+    "Security controls protect model artefacts and inference endpoints.",
+    "Continuous training keeps staff aware of AI policy updates.",
+    "Explainability techniques are applied commensurate with model impact.",
+
+    "Human-in-the-loop overrides exist for high-risk decisions.",
+    "End-of-life or rollback criteria are defined for all models.",
+    "Model cards or equivalent documentation exist for each deployed model.",
 ]
 
+# Five buckets, 3 questions each (index positions are 0-based)
+BUCKETS = {
+    "Governance & Strategy":      [0, 1, 2],
+    "Data & Privacy":             [3, 4, 5],
+    "Risk & Compliance":          [6, 7, 8],
+    "Security & Infrastructure":  [9, 10, 11],
+    "Lifecycle & Oversight":      [12, 13, 14],
+}
+
 TIERS = {
-    "Initial": (1.0, 2.0),
-    "Repeatable": (2.01, 2.5),
-    "Defined": (2.51, 3.5),
-    "Managed": (3.51, 4.5),
-    "Optimized": (4.51, 5.0),
+    "Initial":    (1.00, 2.00),
+    "Repeatable": (2.01, 2.50),
+    "Defined":    (2.51, 3.50),
+    "Managed":    (3.51, 4.50),
+    "Optimized":  (4.51, 5.00),
 }
 
-ACTIONS = {
-    "Initial": "Kick-off a cross-functional task-force, map critical use-cases, prioritise policy creation.",
-    "Repeatable": "Formalise processes; introduce mandatory model documentation & basic monitoring.",
-    "Defined": "Scale governance with automated lineage capture, bias dashboards, and internal audits.",
-    "Managed": "Integrate governance KPIs into OKRs; adopt continuous compliance tooling.",
-    "Optimized": "Benchmark externally (OECD, ISO 42001), publish transparency reports, champion open-governance.",
+# Generic tier actions (overall)
+OVERALL_ACTION = {
+    "Initial":    "kick-off a cross-functional task-force and establish a basic AI policy.",
+    "Repeatable": "formalise core processes and create mandatory model documentation.",
+    "Defined":    "scale governance with automated monitoring and periodic audits.",
+    "Managed":    "integrate governance KPIs into OKRs and adopt continuous compliance tooling.",
+    "Optimized":  "benchmark externally, publish transparency reports, and champion open governance.",
 }
 
-# ---------- Helper Functions ---------- #
+# Bucket-specific remediation snippets
+BUCKET_ACTION = {
+    "Governance & Strategy":     "formalise decision rights and publish an organisation-wide AI charter.",
+    "Data & Privacy":            "implement end-to-end data lineage and privacy impact assessments.",
+    "Risk & Compliance":         "create incident playbooks and third-party risk registers.",
+    "Security & Infrastructure": "harden model artefact storage and secure inference endpoints.",
+    "Lifecycle & Oversight":     "define human-override mechanisms and retirement criteria for models.",
+}
+
+# ------------------- Helpers ------------------- #
 def score_to_tier(avg: float) -> str:
     for tier, (low, high) in TIERS.items():
         if low <= avg <= high:
             return tier
     return "Unclassified"
 
-def latin1_safe(txt: str) -> str:
-    """Replace problematic chars & force Latin-1 compliance for FPDF core fonts."""
-    txt = txt.replace("…", "...")        # swap Unicode ellipsis
-    return txt.encode("latin-1", "replace").decode("latin-1")
+def latin1(txt: str) -> str:
+    """Convert to Latin-1 safe string for FPDF."""
+    return txt.replace("…", "...").encode("latin-1", "replace").decode("latin-1")
 
-def build_pdf(name: str, df: pd.DataFrame, avg: float, tier: str, file_path: str):
-    from fpdf import FPDF
+def build_pdf(product: str, bucket_df: pd.DataFrame, overall_avg: float,
+              overall_tier: str, file_path: str, summary_text: str):
     pdf = FPDF()
     pdf.set_auto_page_break(auto=True, margin=15)
     pdf.add_page()
 
-    # Title block
+    # Title
     pdf.set_font("Helvetica", "B", 16)
-    pdf.cell(0, 10, latin1_safe("AI Governance Maturity Report"), ln=1, align="C")
+    pdf.cell(0, 10, latin1(f"AI Governance Maturity Report – {product}"), ln=1, align="C")
     pdf.set_font("Helvetica", "", 12)
     pdf.cell(0, 8, f"Generated on {datetime.date.today().isoformat()}", ln=1, align="C")
     pdf.ln(4)
 
     # Summary
     pdf.set_font("Helvetica", "B", 12)
-    pdf.cell(0, 8, latin1_safe(f"Overall Score: {avg:.2f}  |  Tier: {tier}"), ln=1)
+    pdf.cell(0, 8, latin1(f"Overall Score: {overall_avg:.2f}  |  Tier: {overall_tier}"), ln=1)
     pdf.set_font("Helvetica", "", 11)
-    pdf.multi_cell(0, 6, latin1_safe(f"Next step recommendation: {ACTIONS[tier]}"))
+    pdf.multi_cell(0, 6, latin1(summary_text))
     pdf.ln(4)
 
-    # Table header
+    # Bucket table header
     pdf.set_font("Helvetica", "B", 11)
-    pdf.cell(10, 8, "#", 1)
-    pdf.cell(150, 8, "Question", 1)
-    pdf.cell(20, 8, "Score", 1, ln=1)
+    pdf.cell(80, 8, "Bucket", 1)
+    pdf.cell(35, 8, "Avg Score", 1)
+    pdf.cell(35, 8, "Tier", 1, ln=1)
     pdf.set_font("Helvetica", "", 10)
 
-    for idx, row in df.iterrows():
-        question_txt = row["Question"]
-        if len(question_txt) > 65:
-            question_txt = question_txt[:62] + "..."   # ASCII dots
+    # Rows
+    for _, row in bucket_df.iterrows():
+        pdf.cell(80, 8, latin1(row["Bucket"][:40]), 1)
+        pdf.cell(35, 8, f'{row["Avg Score"]:.2f}', 1)
+        pdf.cell(35, 8, row["Tier"], 1, ln=1)
 
-        pdf.cell(10, 8, str(idx + 1), 1)
-        pdf.cell(150, 8, latin1_safe(question_txt), 1)
-        pdf.cell(20, 8, str(row["Score"]), 1, ln=1)
+    # Overall row
+    pdf.cell(80, 8, "Overall", 1)
+    pdf.cell(35, 8, f"{overall_avg:.2f}", 1)
+    pdf.cell(35, 8, overall_tier, 1, ln=1)
 
     pdf.output(file_path)
 
-def generate_report(*scores):
-    """Gradio callback → returns Markdown summary + PDF path."""
+def generate_summary(product: str, bucket_avgs: dict, overall_tier: str) -> str:
+    """Return markdown remediation summary."""
+    lines = [f"### 🏷️ AI Governance Summary for **{product}**",
+             f"- **Overall tier:** {overall_tier}"]
+
+    # Bucket-specific feedback
+    for bucket, avg in bucket_avgs.items():
+        tier = score_to_tier(avg)
+        # Only add remediation if below Managed
+        if tier in ("Initial", "Repeatable", "Defined"):
+            lines.append(f"- **{bucket}** score is {avg:.2f} → *{tier}*. "
+                         f"{product} should {BUCKET_ACTION[bucket]}")
+    # If all buckets high, generic kudos
+    if len(lines) == 2:
+        lines.append("Great job! All buckets are Managed or Optimized.")
+
+    # Overall action line
+    lines.append(f"- Next step: {product} should {OVERALL_ACTION[overall_tier]}")
+    return "  \n".join(lines)
+
+# ------------------- Gradio callback ------------------- #
+def generate_report(product_name, *scores):
+    product = product_name.strip() or "your product"
     scores = list(scores)
-    avg = sum(scores) / len(scores)
-    tier = score_to_tier(avg)
 
-    # DataFrame for table in PDF
-    df = pd.DataFrame({"Question": QUESTIONS, "Score": scores})
+    # Compute bucket averages
+    bucket_avgs = {}
+    for bucket, idxs in BUCKETS.items():
+        bucket_avgs[bucket] = sum(scores[i] for i in idxs) / len(idxs)
+
+    overall_avg = sum(scores) / len(scores)
+    overall_tier = score_to_tier(overall_avg)
+
+    # Prepare DF for PDF table
+    bucket_df = pd.DataFrame({
+        "Bucket": list(bucket_avgs.keys()),
+        "Avg Score": list(bucket_avgs.values()),
+        "Tier": [score_to_tier(v) for v in bucket_avgs.values()],
+    })
 
-    # Temporary PDF file
+    # Build remediation summary
+    summary_md = generate_summary(product, bucket_avgs, overall_tier)
+
+    # Generate PDF
     tmp_pdf = tempfile.NamedTemporaryFile(delete=False, suffix=".pdf")
-    build_pdf("Report", df, avg, tier, tmp_pdf.name)
+    build_pdf(product, bucket_df, overall_avg, overall_tier, tmp_pdf.name, summary_md)
 
-    md_summary = (
-        f"### ✅ Your AI Governance Tier: **{tier}**  \n"
-        f"**Average score:** {avg:.2f} / 5.00  \n"
-        f"**Action plan:** {ACTIONS[tier]}"
-    )
-    return md_summary, tmp_pdf.name
+    return summary_md, tmp_pdf.name
 
-# ---------- Gradio UI ---------- #
+# ------------------- Gradio UI ------------------- #
 with gr.Blocks(title="Governance-GPT Quiz") as demo:
     gr.Markdown(
         """
 # Governance-GPT Quiz  
-Rate each statement from **1 (Strongly Disagree)** to **5 (Strongly Agree)**.
-The tool benchmarks your AI-governance maturity and produces a PDF action plan aligned with OECD AI Principles.
+Enter your **product / system name**, rate each statement from **1 (Strongly Disagree)** to **5 (Strongly Agree)**,  
+and get a bucket-wise governance score with a personalised remediation plan.
         """
     )
 
-    sliders = []
-    for q in QUESTIONS:
-        sliders.append(gr.Slider(1, 5, value=3, step=1, label=q))
+    product_inp = gr.Textbox(label="Product / System Name", placeholder="e.g. AcmeAI Recommendation Engine")
+
+    sliders = [gr.Slider(1, 5, value=3, step=1, label=q) for q in QUESTIONS]
 
-    generate_btn = gr.Button("Generate Report")
-    summary_md = gr.Markdown()
-    pdf_file = gr.File(label="⬇️ Download PDF")
+    btn = gr.Button("Generate PDF Report")
+    summary_out = gr.Markdown()
+    pdf_out = gr.File(label="⬇️ Download your PDF")
 
-    generate_btn.click(
+    btn.click(
         fn=generate_report,
-        inputs=sliders,
-        outputs=[summary_md, pdf_file],
+        inputs=[product_inp] + sliders,
+        outputs=[summary_out, pdf_out],
     )
 
 demo.launch()