Hugging Face's logo

Spaces:
anktechsol
/
anupalan-karta
Running

App Files Community
anktechsol commited on
Commit
336f16a
·
verified ·
1 Parent(s): 259cfe6

Create js/compliance.js

Browse files
Files changed (1) hide show
  1. js/compliance.js +281 -0
js/compliance.js ADDED
@@ -0,0 +1,281 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ // Import Hugging Face pipeline helpers (for browser environments supporting ES modules)
2
+ import { pipeline } from 'https://cdn.jsdelivr.net/npm/@huggingface/transformers@3';
3
+
4
+ // Lazy-load models
5
+ const getSummariser = () => pipeline('summarization', 'facebook/bart-large-cnn');
6
+ const getPrivacyGuard = () => pipeline('text-classification', 'metricspace/GDPR_Input_Detection_and_Anonymization_0.5B');
7
+ const getLegalEncoder = () => pipeline('feature-extraction', 'nlpaueb/legal-bert-base-uncased', { quantized: true });
8
+
9
+ const summariserP = getSummariser();
10
+ const privacyGuardP = getPrivacyGuard();
11
+ const legalEncoderP = getLegalEncoder();
12
+
13
+ // Compliance Assessment Logic
14
+ class ComplianceAssessment {
15
+ constructor() {
16
+ this.assessmentData = {
17
+ gdpr: {
18
+ name: "GDPR Compliance",
19
+ questions: [
20
+ { id: 1, question: "Do you have a privacy policy clearly stating data collection purposes?", weight: 5 },
21
+ { id: 2, question: "Have you implemented data subject rights (access, rectification, erasure)?", weight: 5 },
22
+ { id: 3, question: "Do you have procedures for data breach notification within 72 hours?", weight: 4 },
23
+ { id: 4, question: "Have you conducted Data Protection Impact Assessments (DPIAs)?", weight: 4 },
24
+ { id: 5, question: "Do you have documented consent mechanisms for data processing?", weight: 3 }
25
+ ]
26
+ },
27
+ euAiAct: {
28
+ name: "EU AI Act Compliance",
29
+ questions: [
30
+ { id: 1, question: "Have you classified your AI system according to risk levels?", weight: 5 },
31
+ { id: 2, question: "Do you have transparency requirements implemented for AI decisions?", weight: 4 },
32
+ { id: 3, question: "Have you established human oversight mechanisms?", weight: 4 },
33
+ { id: 4, question: "Do you have bias testing and mitigation procedures?", weight: 4 },
34
+ { id: 5, question: "Have you implemented AI system documentation and logging?", weight: 3 }
35
+ ]
36
+ },
37
+ iso27001: {
38
+ name: "ISO 27001 Compliance",
39
+ questions: [
40
+ { id: 1, question: "Do you have documented information security policies?", weight: 5 },
41
+ { id: 2, question: "Have you conducted comprehensive risk assessments?", weight: 5 },
42
+ { id: 3, question: "Do you have incident response procedures in place?", weight: 4 },
43
+ { id: 4, question: "Have you implemented access control measures?", weight: 4 },
44
+ { id: 5, question: "Do you have a continuous improvement framework?", weight: 3 }
45
+ ]
46
+ }
47
+ };
48
+ }
49
+
50
+ generateSampleAssessment() {
51
+ const sampleResponses = {};
52
+ Object.keys(this.assessmentData).forEach(standard => {
53
+ sampleResponses[standard] = {};
54
+ this.assessmentData[standard].questions.forEach(q => {
55
+ sampleResponses[standard][q.id] = Math.random() > 0.3 ? 'yes' : 'no';
56
+ });
57
+ });
58
+ return sampleResponses;
59
+ }
60
+
61
+ calculateScore(responses, standard) {
62
+ const questions = this.assessmentData[standard].questions;
63
+ let totalScore = 0;
64
+ let maxScore = 0;
65
+ questions.forEach(q => {
66
+ maxScore += q.weight;
67
+ if (responses[standard] && responses[standard][q.id] === 'yes') {
68
+ totalScore += q.weight;
69
+ }
70
+ });
71
+ return {
72
+ score: totalScore,
73
+ maxScore: maxScore,
74
+ percentage: Math.round((totalScore / maxScore) * 100)
75
+ };
76
+ }
77
+
78
+ generateGapAnalysis(responses, standard) {
79
+ const questions = this.assessmentData[standard].questions;
80
+ const gaps = [];
81
+ questions.forEach(q => {
82
+ if (!responses[standard] || responses[standard][q.id] !== 'yes') {
83
+ gaps.push({
84
+ question: q.question,
85
+ priority: q.weight >= 4 ? 'High' : q.weight >= 3 ? 'Medium' : 'Low',
86
+ recommendation: this.getRecommendation(q.id, standard)
87
+ });
88
+ }
89
+ });
90
+ return gaps;
91
+ }
92
+
93
+ getRecommendation(questionId, standard) {
94
+ const recommendations = {
95
+ gdpr: {
96
+ 1: "Develop and publish a comprehensive privacy policy",
97
+ 2: "Implement data subject request handling procedures",
98
+ 3: "Establish breach notification workflows and templates",
99
+ 4: "Conduct DPIAs for high-risk processing activities",
100
+ 5: "Implement clear consent collection mechanisms"
101
+ },
102
+ euAiAct: {
103
+ 1: "Perform AI system risk classification assessment",
104
+ 2: "Implement algorithmic transparency measures",
105
+ 3: "Establish human-in-the-loop oversight processes",
106
+ 4: "Conduct bias testing and implement mitigation strategies",
107
+ 5: "Implement comprehensive AI system logging and documentation"
108
+ },
109
+ iso27001: {
110
+ 1: "Develop and approve information security policies",
111
+ 2: "Conduct systematic information security risk assessments",
112
+ 3: "Establish incident response team and procedures",
113
+ 4: "Implement role-based access control systems",
114
+ 5: "Establish continuous improvement processes for security management"
115
+ }
116
+ };
117
+ return recommendations[standard][questionId] || "Consult with compliance experts for specific guidance";
118
+ }
119
+ }
120
+
121
+ // PDF Report Generation with AI Integration
122
+ class ReportGenerator {
123
+ constructor() {
124
+ this.assessment = new ComplianceAssessment();
125
+ }
126
+
127
+ // Compose a narrative for summarization
128
+ composeNarrative(responses) {
129
+ let narrative = '';
130
+ Object.keys(this.assessment.assessmentData).forEach(standard => {
131
+ const standardData = this.assessment.assessmentData[standard];
132
+ narrative += `${standardData.name}:\n`;
133
+ standardData.questions.forEach(q => {
134
+ const answer = responses[standard] && responses[standard][q.id] ? responses[standard][q.id] : 'no response';
135
+ narrative += `Q: ${q.question}\nA: ${answer}\n`;
136
+ });
137
+ });
138
+ return narrative;
139
+ }
140
+
141
+ // Main PDF generation function (async for AI)
142
+ async generatePDFReport(responses) {
143
+ const { jsPDF } = window.jspdf;
144
+ const doc = new jsPDF({ compress: true });
145
+ let y = 20;
146
+
147
+ // Header
148
+ doc.setFontSize(18).text('Anupalan Karta Compliance Report', 20, y);
149
+ y += 10;
150
+
151
+ // Executive Summary (AI-generated)
152
+ const fullNarrative = this.composeNarrative(responses);
153
+ const summaryText = await buildExecutiveSummary(fullNarrative);
154
+ doc.setFontSize(14).text('Executive Summary', 20, y); y += 8;
155
+ doc.setFontSize(11).text(doc.splitTextToSize(summaryText, 170), 20, y);
156
+ y += 20;
157
+
158
+ // Privacy Warning (AI-flagged)
159
+ if (await containsSensitive(fullNarrative)) {
160
+ doc.setTextColor(200, 0, 0).setFontSize(12)
161
+ .text('⚠︎ Potential GDPR-sensitive content detected', 20, y);
162
+ doc.setTextColor(0, 0, 0); y += 10;
163
+ }
164
+
165
+ // Individual Standards
166
+ Object.keys(this.assessment.assessmentData).forEach(standard => {
167
+ if (y > 250) {
168
+ doc.addPage();
169
+ y = 20;
170
+ }
171
+ const standardData = this.assessment.assessmentData[standard];
172
+ const score = this.assessment.calculateScore(responses, standard);
173
+
174
+ doc.setFontSize(14).text(standardData.name, 20, y); y += 10;
175
+ doc.setFontSize(12).text(`Score: ${score.score}/${score.maxScore} (${score.percentage}%)`, 20, y); y += 10;
176
+
177
+ // Gap Analysis
178
+ const gaps = this.assessment.generateGapAnalysis(responses, standard);
179
+ if (gaps.length > 0) {
180
+ doc.text('Key Gaps:', 20, y); y += 8;
181
+ gaps.slice(0, 3).forEach(gap => {
182
+ if (y > 250) {
183
+ doc.addPage();
184
+ y = 20;
185
+ }
186
+ doc.setFontSize(10);
187
+ const lines = doc.splitTextToSize(`• ${gap.question}`, 160);
188
+ doc.text(lines, 25, y);
189
+ y += lines.length * 4;
190
+ const recLines = doc.splitTextToSize(` Recommendation: ${gap.recommendation}`, 160);
191
+ doc.text(recLines, 25, y);
192
+ y += recLines.length * 4 + 5;
193
+ });
194
+ }
195
+ y += 10;
196
+ });
197
+
198
+ // Footer
199
+ doc.setFontSize(9).text('Generated with Hugging Face models in the browser',
200
+ 20, doc.internal.pageSize.height - 10);
201
+
202
+ return doc;
203
+ }
204
+ }
205
+
206
+ // Hugging Face AI helpers
207
+
208
+ // Executive summary using BART
209
+ async function buildExecutiveSummary(rawText) {
210
+ const summariser = await summariserP;
211
+ const chunks = rawText.match(/(.|[\r\n]){1,3000}/g);
212
+ let summary = '';
213
+ for (const c of chunks) {
214
+ const out = await summariser(c, { max_length: 120, min_length: 40 });
215
+ summary += out[0].summary_text + ' ';
216
+ }
217
+ return summary.trim();
218
+ }
219
+
220
+ // Privacy check using GDPR model
221
+ async function containsSensitive(text) {
222
+ const guard = await privacyGuardP;
223
+ const res = await guard(text, { topk: 1 });
224
+ return res[0].label === 'SENSITIVE' && res[0].score > 0.6;
225
+ }
226
+
227
+ // Legal insight embedding (future use)
228
+ async function legalVector(text) {
229
+ const encoder = await legalEncoderP;
230
+ const emb = await encoder(text);
231
+ return emb;
232
+ }
233
+
234
+ // UI Logic
235
+
236
+ // Generate Sample Report
237
+ window.generateSampleReport = async function() {
238
+ const assessment = new ComplianceAssessment();
239
+ const reportGenerator = new ReportGenerator();
240
+ const sampleResponses = assessment.generateSampleAssessment();
241
+ const doc = await reportGenerator.generatePDFReport(sampleResponses);
242
+ doc.save('sample-compliance-report.pdf');
243
+ };
244
+
245
+ // Interactive Assessment Modal (optional, for custom assessments)
246
+ window.showAssessmentModal = function() {
247
+ // ... (modal code as in previous answers)
248
+ };
249
+
250
+ window.closeAssessmentModal = function() {
251
+ // ... (modal code as in previous answers)
252
+ };
253
+
254
+ window.generateCustomReport = async function() {
255
+ // ... (collect responses from modal, then:)
256
+ const assessment = new ComplianceAssessment();
257
+ const reportGenerator = new ReportGenerator();
258
+ // Collect responses from UI
259
+ const responses = {};
260
+ Object.keys(assessment.assessmentData).forEach(standard => {
261
+ responses[standard] = {};
262
+ assessment.assessmentData[standard].questions.forEach(q => {
263
+ const radio = document.querySelector(`input[name="${standard}_${q.id}"]:checked`);
264
+ if (radio) {
265
+ responses[standard][q.id] = radio.value;
266
+ }
267
+ });
268
+ });
269
+ const doc = await reportGenerator.generatePDFReport(responses);
270
+ doc.save('compliance-report.pdf');
271
+ window.closeAssessmentModal();
272
+ };
273
+
274
+ // Initialization
275
+ document.addEventListener('DOMContentLoaded', function() {
276
+ const sampleButton = document.querySelector('button[onclick="generateSampleReport()"]');
277
+ if (sampleButton) {
278
+ sampleButton.onclick = window.generateSampleReport;
279
+ }
280
+ // Add interactive assessment button if needed
281
+ });