jpgiannetti/roadwave
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
20a784b15c90613aa03260d0d43a53f48abda77e
roadwave/docs/domains/_shared/states/incident-breach.md
jpgiannetti 62fe0ed5eb docs: renommer fichiers EN→FR pour cohérence linguistique 
Entités:
- entities-overview.md → vue-ensemble.md

États (Lifecycles):
- user-account-lifecycle.md → compte-utilisateur.md
- content-lifecycle.md → contenu.md
- session-lifecycle.md → session.md
- report-lifecycle.md → signalement.md
- export-lifecycle.md → export-donnees.md
- parental-consent-lifecycle.md → consentement-parental.md
- account-deletion-lifecycle.md → suppression-compte.md
- breach-incident-lifecycle.md → incident-breach.md

Séquences:
- authentication-flow.md → authentification.md
- token-refresh.md → refresh-token.md (terme technique conservé)
- content-moderation.md → moderation-contenu.md
- content-report.md → signalement.md
2026-02-08 18:17:48 +01:00

1.5 KiB
Raw Blame History

Cycle de vie - Incident de violation de données

Diagramme

stateDiagram-v2
    [*] --> Detected: Alerte monitoring

    Detected --> Contained: Confinement immédiat (H+0)

    Contained --> UnderInvestigation: Évaluation gravité (H+24)

    UnderInvestigation --> Resolved: Risque faible (mesures suffisantes)
    UnderInvestigation --> CNILNotificationRequired: Risque utilisateurs

    CNILNotificationRequired --> CNILNotified: Notification CNIL (< H+72)

    CNILNotified --> Resolved: Pas de risque élevé utilisateurs
    CNILNotified --> UsersNotificationRequired: Risque élevé

    UsersNotificationRequired --> UsersNotified: Email + push utilisateurs (< H+72)

    UsersNotified --> Resolved: Post-mortem + correctifs

    Resolved --> [*]

Règles

État Valeur Délai max
Detected detected H+0
Contained contained H+0 (immédiat)
Under Investigation under_investigation H+24
CNIL Notification Required cnil_notification_required H+48
CNIL Notified cnil_notified H+72 (Article 33 RGPD)
Users Notification Required users_notification_required H+48
Users Notified users_notified H+72 (Article 34 RGPD)
Resolved resolved Post-incident

Sévérité : low / medium / high / critical Notification CNIL : Obligatoire si risque pour droits/libertés utilisateurs Notification utilisateurs : Obligatoire si risque élevé Runbook : docs/rgpd/procedure-breach.md

Reference in New Issue View Git Blame Copy Permalink