Files
govoplan-risk-compliance/README.md

64 lines
1.8 KiB
Markdown

# GovOPlaN Risk Compliance
`govoplan-risk-compliance` is the GovOPlaN platform module seed for risk and compliance workflows for data protection incidents, DPIAs, compliance controls, audit measures, risk registers, and internal-control evidence.
This repository is initialized as a discoverable module seed. It exposes a module manifest, initial permissions, role templates, documentation metadata, Gitea workflow templates, and a focused manifest test. It intentionally does not yet add HTTP routes, database models, migrations, or WebUI navigation.
## Initial Ownership
- risk registers
- compliance controls
- DPIA records
- data protection incident records
- audit measures
- internal-control evidence
## Boundaries
This module does not own:
- immutable audit log storage
- records retention engine
- inspection fieldwork
Detailed boundary notes are in [docs/RISK_COMPLIANCE_DOMAIN_BOUNDARY.md](docs/RISK_COMPLIANCE_DOMAIN_BOUNDARY.md).
## Integrations
Expected optional integrations:
- audit
- policy
- records
- inspections
- files
- tasks
- notifications
## Development Install
From the core checkout:
```bash
cd /mnt/DATA/git/govoplan-core
./.venv/bin/python -m pip install -e ../govoplan-risk-compliance
```
Focused manifest verification:
```bash
cd /mnt/DATA/git/govoplan-risk-compliance
PYTHONPATH=src:/mnt/DATA/git/govoplan-core/src /mnt/DATA/git/govoplan-core/.venv/bin/python -m unittest discover -s tests
```
## Gitea Workflow
Issue templates are installed under `.gitea/`, and the shared label taxonomy is copied to `docs/gitea-labels.json` with the module label `module/risk-compliance`.
From the core checkout, labels can be synced once a local `GITEA_TOKEN` is available:
```bash
cd /mnt/DATA/git/govoplan-core
./scripts/gitea-sync-labels.py --root /mnt/DATA/git/govoplan-risk-compliance --apply
```