All files / src/types risk.ts

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
import { SecurityLevel } from "./cia";
 
/**
 * Risk-related type definitions
 * 
 * ## Business Perspective
 * 
 * These types provide a structured way to represent and evaluate security risks,
 * supporting consistent risk assessment and communication across the application. ⚠️
 * 
 * Well-defined risk types enable organizations to make informed security decisions
 * based on standardized risk criteria.
 */
 
/**
 * Risk level identifiers
 */
export type RiskLevel =
  | "Critical"
  | "Critical Risk"
  | "High"
  | "High Risk"
  | "Medium"
  | "Medium Risk"
  | "Low"
  | "Low Risk"
  | "Minimal"
  | "Minimal Risk"
  | "Unknown"
  | "Unknown Risk";
 
/**
 * Risk assessment details
 */
export interface RiskAssessment {
  level: RiskLevel;
  score?: number;
  description: string;
  mitigationRecommendations?: string[];
  businessImpact?: string;
  likelihoodScore?: number;
  impactScore?: number;
}
 
/**
 * Risk matrix cell
 */
export interface RiskMatrixCell {
  likelihood: number;
  impact: number;
  level: RiskLevel;
  color: string;
}
 
/**
 * Risk matrix configuration
 */
export interface RiskMatrix {
  rows: number;
  columns: number;
  cells: RiskMatrixCell[];
}
 
/**
 * Risk treatment action
 */
export type RiskTreatmentAction =
  | "Accept"
  | "Mitigate"
  | "Transfer"
  | "Avoid"
  | "Monitor";
 
/**
 * Risk treatment plan
 */
export interface RiskTreatmentPlan {
  action: RiskTreatmentAction;
  description: string;
  responsibleParty?: string;
  dueDate?: Date;
  status?: "Not Started" | "In Progress" | "Completed" | "Overdue";
}
 
/**
 * Risk level string literals
 */
export type RiskLevelLiteral = "Critical" | "High" | "Medium" | "Moderate" | "Low" | "Minimal" | "Unknown";
 
/**
 * Risk level numeric values for calculations (0-4, higher = more risk)
 */
export interface RiskLevelValue {
  Critical: 4;
  High: 3;
  Medium: 2;
  Moderate: 2;
  Low: 1;
  Minimal: 0;
  Unknown: 0;
}
 
/**
 * Mapping between security levels and risk levels
 */
export const SECURITY_TO_RISK_MAPPING: Record<SecurityLevel, RiskLevelLiteral> = {
  "None": "Critical",
  "Low": "High",
  "Moderate": "Medium",
  "High": "Low",
  "Very High": "Minimal"
};