// Mock data modeled after the real Convex shapes from the codebase. // Frameworks, projects, controls, suggested evidence, activity, members. const FRAMEWORKS = [ { key: "soc2-2017", short: "SOC 2", name: "SOC 2 Type II", color: "#93D2CC" }, { key: "iso27001-2022", short: "ISO 27001", name: "ISO 27001:2022", color: "#A8D8A8" }, { key: "nist-csf-2.0", short: "NIST CSF", name: "NIST CSF 2.0", color: "#F4C28A" }, { key: "cis-v8", short: "CIS", name: "CIS Controls v8", color: "#D4A8D4" }, ]; // Maturity color palette — matches your COLOR_SCHEMES "default" feel const MATURITY_COLORS = { null: "transparent", 1: "#E07A5F", 2: "#E8A87C", 3: "#E8D08C", 4: "#A8D8A8", 5: "#6FB98F", }; function maturityColor(score) { if (score === undefined || score === null || Number.isNaN(score)) return "transparent"; const rounded = Math.max(1, Math.min(5, Math.round(score))); return MATURITY_COLORS[rounded]; } // Generate a deterministic-ish set of controls per framework function makeControls(frameworkKey, count, seed) { const controls = []; // simple xorshift-ish for stable randomness let s = seed; const rand = () => { s = (s * 9301 + 49297) % 233280; return s / 233280; }; for (let i = 0; i < count; i++) { const r = rand(); let score; if (r < 0.25) score = null; // unassessed else if (r < 0.4) score = 1; else if (r < 0.55) score = 2; else if (r < 0.72) score = 3; else if (r < 0.88) score = 4; else score = 5; controls.push({ id: `${frameworkKey}-${i}`, controlId: `${frameworkKey.split("-")[0].toUpperCase()}-${String(i + 1).padStart(2, "0")}`, title: `Control ${i + 1}`, score, framework: frameworkKey, }); } return controls; } const PROJECTS = [ { id: "p1", name: "SOC 2 Type II — FY26", framework: "soc2-2017", description: "Annual audit prep for our SOC 2 report.", createdAt: Date.now() - 1000 * 60 * 60 * 24 * 62, updatedAt: Date.now() - 1000 * 60 * 60 * 4, dueDate: Date.now() + 1000 * 60 * 60 * 24 * 48, owner: "Maya Chen", controls: makeControls("soc2-2017", 64, 17), }, { id: "p2", name: "ISO 27001 Recertification", framework: "iso27001-2022", description: "Surveillance audit and ISMS refresh.", createdAt: Date.now() - 1000 * 60 * 60 * 24 * 120, updatedAt: Date.now() - 1000 * 60 * 60 * 24 * 1, dueDate: Date.now() + 1000 * 60 * 60 * 24 * 96, owner: "Jordan Park", controls: makeControls("iso27001-2022", 93, 42), }, { id: "p3", name: "NIST CSF Self-Assessment", framework: "nist-csf-2.0", description: "Internal posture assessment for board reporting.", createdAt: Date.now() - 1000 * 60 * 60 * 24 * 30, updatedAt: Date.now() - 1000 * 60 * 60 * 24 * 7, dueDate: null, owner: "Sam Rivera", controls: makeControls("nist-csf-2.0", 108, 88), }, { id: "p4", name: "CIS Controls Baseline", framework: "cis-v8", description: "Implementation Group 1 hardening across infra.", createdAt: Date.now() - 1000 * 60 * 60 * 24 * 14, updatedAt: Date.now() - 1000 * 60 * 60 * 26, dueDate: Date.now() + 1000 * 60 * 60 * 24 * 21, owner: "Alex Reyes", controls: makeControls("cis-v8", 56, 5), }, ]; // AI-suggested evidence — the new feature. // Each suggestion: what evidence to upload, which controls it would satisfy, // confidence, source signal, and a reason. const SUGGESTIONS = [ { id: "s1", title: "Q1 access review export", description: "Quarterly user access review attestation from Okta covering production systems.", evidenceType: "Access Review", confidence: 0.94, impact: "high", controls: [ { controlId: "CC6.1", framework: "soc2-2017", projectId: "p1", currentScore: 2, projectedScore: 4 }, { controlId: "CC6.2", framework: "soc2-2017", projectId: "p1", currentScore: 1, projectedScore: 4 }, { controlId: "A.5.18", framework: "iso27001-2022", projectId: "p2", currentScore: 2, projectedScore: 4 }, ], reason: "Last access review cycle ended 14 days ago. Detected in Slack #compliance.", requestedFrom: "Maya Chen", age: "2h", status: "new", }, { id: "s2", title: "Incident response tabletop notes", description: "Notes and retro from the March IR tabletop exercise — covers PR.IR controls.", evidenceType: "Tabletop Exercise", confidence: 0.88, impact: "high", controls: [ { controlId: "PR.IR-04", framework: "nist-csf-2.0", projectId: "p3", currentScore: null, projectedScore: 3 }, { controlId: "RS.MA-01", framework: "nist-csf-2.0", projectId: "p3", currentScore: 1, projectedScore: 3 }, { controlId: "CC7.4", framework: "soc2-2017", projectId: "p1", currentScore: 2, projectedScore: 4 }, ], reason: "Calendar event 'IR Tabletop' completed 6 days ago without uploaded artifact.", requestedFrom: "Sam Rivera", age: "6h", status: "new", }, { id: "s3", title: "Vendor SOC 2 reports (3)", description: "Datadog, Stripe, and Linear annual SOC 2 Type II reports — vendor risk evidence.", evidenceType: "Vendor Assessment", confidence: 0.82, impact: "medium", controls: [ { controlId: "CC9.2", framework: "soc2-2017", projectId: "p1", currentScore: 3, projectedScore: 4 }, { controlId: "A.5.19", framework: "iso27001-2022", projectId: "p2", currentScore: 2, projectedScore: 4 }, ], reason: "3 critical vendors detected without current-year SOC reports on file.", requestedFrom: "Jordan Park", age: "1d", status: "new", }, { id: "s4", title: "Backup restore test log", description: "Most recent quarterly backup restoration test log from Veeam.", evidenceType: "Operational Log", confidence: 0.79, impact: "medium", controls: [ { controlId: "CC9.1", framework: "soc2-2017", projectId: "p1", currentScore: 2, projectedScore: 3 }, { controlId: "RC.RP-01", framework: "nist-csf-2.0", projectId: "p3", currentScore: 1, projectedScore: 3 }, ], reason: "Backup test SOP requires quarterly cadence; last evidence was 4 months ago.", requestedFrom: "Alex Reyes", age: "1d", status: "snoozed", }, { id: "s5", title: "Updated security training completion", description: "Q1 security awareness training completion roster from KnowBe4.", evidenceType: "Training Record", confidence: 0.96, impact: "low", controls: [ { controlId: "CC1.4", framework: "soc2-2017", projectId: "p1", currentScore: 3, projectedScore: 4 }, { controlId: "A.6.3", framework: "iso27001-2022", projectId: "p2", currentScore: 3, projectedScore: 4 }, { controlId: "PR.AT-01", framework: "nist-csf-2.0", projectId: "p3", currentScore: 2, projectedScore: 4 }, ], reason: "Training cycle completed in KnowBe4 yesterday — roster auto-detected.", requestedFrom: "Maya Chen", age: "3h", status: "new", }, { id: "s6", title: "Penetration test executive summary", description: "Annual external pentest report summary from NCC Group, redacted version.", evidenceType: "Audit Report", confidence: 0.91, impact: "high", controls: [ { controlId: "CC4.1", framework: "soc2-2017", projectId: "p1", currentScore: 1, projectedScore: 4 }, { controlId: "A.8.8", framework: "iso27001-2022", projectId: "p2", currentScore: 2, projectedScore: 4 }, { controlId: "ID.RA-01", framework: "nist-csf-2.0", projectId: "p3", currentScore: 2, projectedScore: 4 }, { controlId: "DE.CM-08", framework: "nist-csf-2.0", projectId: "p3", currentScore: 1, projectedScore: 3 }, ], reason: "Pentest engagement closed last week per Linear ticket SEC-412.", requestedFrom: "Maya Chen", age: "5h", status: "new", }, ]; const ACTIVITY = [ { id: "a1", actor: "Maya Chen", action: "uploaded", target: "AWS IAM policy export", time: "12m ago", icon: "upload" }, { id: "a2", actor: "Jordan Park", action: "assessed", target: "A.5.7 — Threat intelligence", time: "1h ago", maturity: 4, icon: "check" }, { id: "a3", actor: "AI Assistant", action: "suggested", target: "Q1 access review export", time: "2h ago", icon: "sparkles" }, { id: "a4", actor: "Sam Rivera", action: "commented on", target: "CC7.4 — Incident management", time: "3h ago", icon: "chat" }, { id: "a5", actor: "Alex Reyes", action: "completed assessment for", target: "CIS 4.1 — Secure config process", time: "5h ago", maturity: 3, icon: "check" }, { id: "a6", actor: "Maya Chen", action: "added", target: "SOC 2 vendor inventory", time: "Yesterday", icon: "upload" }, { id: "a7", actor: "Jordan Park", action: "raised priority on", target: "A.8.24 — Cryptography use", time: "Yesterday", icon: "flag" }, ]; const MEMBERS = [ { id: "m1", name: "Maya Chen", role: "Owner", initials: "MC", color: "#93D2CC" }, { id: "m2", name: "Jordan Park", role: "Contributor", initials: "JP", color: "#A8D8A8" }, { id: "m3", name: "Sam Rivera", role: "Contributor", initials: "SR", color: "#F4C28A" }, { id: "m4", name: "Alex Reyes", role: "Contributor", initials: "AR", color: "#D4A8D4" }, { id: "m5", name: "Priya Singh", role: "Viewer", initials: "PS", color: "#E8A87C" }, ]; const ORG = { name: "Acme Security", members: MEMBERS, createdAt: Date.now() - 1000 * 60 * 60 * 24 * 365, }; // Aggregate stats helpers function projectStats(project) { const total = project.controls.length; const assessed = project.controls.filter((c) => c.score != null).length; const completion = total === 0 ? 0 : Math.round((assessed / total) * 100); const scores = project.controls.filter((c) => c.score != null).map((c) => c.score); const avg = scores.length === 0 ? null : Number((scores.reduce((a, b) => a + b, 0) / scores.length).toFixed(1)); const atRisk = project.controls.filter((c) => c.score != null && c.score <= 2).length; const strong = project.controls.filter((c) => c.score != null && c.score >= 4).length; return { total, assessed, completion, avg, atRisk, strong }; } function orgStats() { let total = 0, assessed = 0, sum = 0, scoredCount = 0, atRisk = 0, strong = 0; PROJECTS.forEach((p) => { const s = projectStats(p); total += s.total; assessed += s.assessed; if (s.avg != null) { sum += s.avg * s.assessed; scoredCount += s.assessed; } atRisk += s.atRisk; strong += s.strong; }); const avg = scoredCount === 0 ? null : Number((sum / scoredCount).toFixed(1)); const completion = total === 0 ? 0 : Math.round((assessed / total) * 100); return { total, assessed, completion, avg, atRisk, strong }; } window.MockData = { FRAMEWORKS, PROJECTS, SUGGESTIONS, ACTIVITY, MEMBERS, ORG, MATURITY_COLORS, maturityColor, projectStats, orgStats, };