Initialize GovOPlaN module seed
This commit is contained in:
47
docs/RISK_COMPLIANCE_DOMAIN_BOUNDARY.md
Normal file
47
docs/RISK_COMPLIANCE_DOMAIN_BOUNDARY.md
Normal file
@@ -0,0 +1,47 @@
|
||||
# Risk Compliance Domain Boundary
|
||||
|
||||
## Purpose
|
||||
|
||||
Risk and compliance workflows for data protection incidents, DPIAs, compliance controls, audit measures, risk registers, and internal-control evidence.
|
||||
|
||||
## Owns
|
||||
|
||||
- risk registers
|
||||
- compliance controls
|
||||
- DPIA records
|
||||
- data protection incident records
|
||||
- audit measures
|
||||
- internal-control evidence
|
||||
|
||||
## Does Not Own
|
||||
|
||||
- immutable audit log storage
|
||||
- records retention engine
|
||||
- inspection fieldwork
|
||||
|
||||
## Integration Candidates
|
||||
|
||||
- audit
|
||||
- policy
|
||||
- records
|
||||
- inspections
|
||||
- files
|
||||
- tasks
|
||||
- notifications
|
||||
|
||||
## Seed State
|
||||
|
||||
The current repository state is intentionally small:
|
||||
|
||||
- module manifest and entry point
|
||||
- tenant-level permission definitions
|
||||
- manager and viewer role templates
|
||||
- documentation topic describing the module boundary
|
||||
- Gitea issue workflow templates
|
||||
- manifest contract test
|
||||
|
||||
No runtime API, database model, migration, WebUI route, or navigation item is registered yet. The first implementation slice should preserve the boundary above and only add user-visible surfaces once the workflow model is clear.
|
||||
|
||||
## First Implementation Slice
|
||||
|
||||
Define risk register, control, evidence, DPIA, incident, measure, and review-cycle concepts.
|
||||
Reference in New Issue
Block a user