مصفوفة الميزات & Implementation الحالة
Complete inventory of AIIA capabilities with current implementation status.
Status Legend:
| Icon | Meaning |
|---|---|
| ✅ | Fully implemented — backend API + frontend UI + tests |
| 🟡 | Partially implemented — backend done, frontend partial or in progress |
| 🔲 | Planned — not yet implemented |
الوحدة 1: عالم التدقيق & Risk/Control Library
| Feature | Backend | Frontend | Status | Notes |
|---|---|---|---|---|
| CRUD universe items with hierarchy | /universe router | /universe page | ✅ | Full tree view with drag-drop |
| Risk library with classification | /library router | /library page | ✅ | Preventive/detective/corrective |
| Control library | /library router | /library page | ✅ | Linked to risks |
| Risk-to-control many-to-many mapping | riskcontrolmapping model | Library page | ✅ | Visual mapping UI |
| Bulk import/export | /imports router | /admin/imports page | ✅ | CSV/Excel import |
الوحدة 2: التخطيط السنوي & Resource إدارةment
| Feature | Backend | Frontend | Status | Notes |
|---|---|---|---|---|
| Annual audit plans by year | /planning router | /planning page | ✅ | Plan items linked to universe |
| Plan version history | plan_version model | Planning page | ✅ | Version comparison |
| Resource availability tracking | /planning router | /planning/resources | ✅ | Calendar view |
| Resource booking per engagement | Planning service | Resources page | ✅ | Capacity utilization bars |
| Risk-based prioritization scoring | Planning service | Planning page | 🟡 | Backend scoring done, UI partial |
الوحدة 3: Engagement Setup & Methodology
| Feature | Backend | Frontend | Status | Notes |
|---|---|---|---|---|
| Full engagement lifecycle (7 states) | /engagements router | /engagements page | ✅ | DRAFT→PLANNED→FIELDWORK→REPORTING→REVIEW→FINAL→CLOSED |
| Phase tracking with milestones | /phases router | Engagement detail | ✅ | Gate checks enforced |
| Methodology templates | methodology model | /admin/templates | ✅ | Configurable per engagement type |
| Review points and signoff | /signoff router | /signoff page | ✅ | SoD enforcement |
| Engagement wizard | — | /engagements/new/wizard | ✅ | Guided setup flow |
الوحدة 4: العمل الميداني — Workpapers, Testing, العينات, Evidence
| Feature | Backend | Frontend | Status | Notes |
|---|---|---|---|---|
| Workpaper CRUD with status workflow | /workpapers router | /workpapers page | ✅ | DRAFT→IN_REVIEW→REVIEWED |
| Version history for workpapers | Workpaper service | Detail page | ✅ | Full diff view |
| Workpaper templates | workpaper_template model | /admin/templates | ✅ | Reusable structures |
| Test procedures with pass/fail | /workpapers router | Workpaper detail | ✅ | Linked to controls |
| Statistical sampling | /sampling router | /sampling page | ✅ | Sample size calculator |
| Judgmental sampling | /sampling router | /sampling/new | ✅ | Criteria-based selection |
| Evidence upload with chain-of-custody | /ingest router | Drag-drop UI | ✅ | SHA-256 hash + virus scan |
| AI workpaper writing assistant | AI prompts | Workpaper editor | ✅ | IPPF-governed suggestions |
الوحدة 5: العميل Collaboration Portal (PBC)
| Feature | Backend | Frontend | Status | Notes |
|---|---|---|---|---|
| Guest token authentication | /portal router | /portal/login | ✅ | No Keycloak needed |
| Client views assigned PBC requests | /pbc router | /portal page | ✅ | Filtered by assignment |
| Evidence upload by client | /portal router | /portal/[id] | ✅ | With virus scanning |
| Comment threads | PBC service | Portal detail | ✅ | Auditor ↔ client |
| Due date tracking + reminders | Email service | Portal page | ✅ | Automated email reminders |
الوحدة 6: الملاحظات, الإجراءات, Remediation, Follow-up
| Feature | Backend | Frontend | Status | Notes |
|---|---|---|---|---|
| Finding lifecycle | /findings router | /findings page | ✅ | DRAFT→MANAGEMENT_RESPONSE→FINAL→CLOSED |
| Finding versioning | findingversion model | Detail page | ✅ | Immutable history |
| Action plans with owners/due dates | /remediation router | /remediation page | ✅ | Owner tracking |
| Remediation evidence collection | Remediation service | Remediation page | ✅ | Upload + validation |
| Follow-up testing | Remediation service | Remediation page | ✅ | Verify implementation |
| Escalation rules for overdue items | /escalation router | Admin config | ✅ | Multi-level escalation |
| AI finding drafting | AI prompts | Finding editor | ✅ | CCCER format assistance |
الوحدة 7: التقارير وحزم مجلس الإدارة
| Feature | Backend | Frontend | Status | Notes |
|---|---|---|---|---|
| Report versioning | /reports router | /reports page | ✅ | DRAFT→REVIEW→APPROVED→ISSUED |
| Report templates | report_template model | /admin/templates | ✅ | Configurable sections |
| Report approval workflow | Signoff service | Report detail | ✅ | Multi-level review |
| PDF export | PDF service | Report detail | ✅ | Professional formatting |
| Board pack generation | /executive router | /executive page | ✅ | Cross-engagement aggregation |
| AI narrative drafting | AI prompts | Report editor | ✅ | Section-by-section assistance |
الوحدة 8: لوحات المعلومات & Portfolio Analytics
| Feature | Backend | Frontend | Status | Notes |
|---|---|---|---|---|
| Executive dashboard | /dashboard router | /dashboard page | ✅ | KPIs, charts, status cards |
| Custom dashboard builder | /dashboard router | /dashboard-builder | ✅ | Drag-drop widget placement |
| Custom widgets | custom_widget model | Dashboard builder | ✅ | Charts, tables, metrics |
| Portfolio analytics | Analytics service | /executive page | ✅ | Drill-down by engagement |
| Overdue actions tracking | Dashboard metrics | Dashboard | ✅ | Real-time counters |
| Data visualization engine | /visualization router | Dashboard | ✅ | Bar, line, pie, heatmap |
الوحدة 9: المراقبة المستمرة & KRI Automation
| Feature | Backend | Frontend | Status | Notes |
|---|---|---|---|---|
| KRI definition with thresholds | /monitoring router | /monitoring page | ✅ | Red/Amber/Green zones |
| KRI visual playground | KRI builder service | /monitoring/playground | ✅ | Drag-drop builder with live preview |
| AI KRI wizard | AI prompts | Playground page | ✅ | Guided creation with AI |
| Monitoring rules (cron) | KRI scheduler | Admin config | ✅ | Scheduled execution |
| Exception tracking | Exception service | Monitoring page | ✅ | Flagged anomalies |
| Alert generation | Alert service | Monitoring page | ✅ | Multi-channel (email, in-app) |
| Trend analysis | KRI pipeline | Monitoring page | ✅ | Historical trend charts |
| Convert alerts to findings | Monitoring service | Monitoring page | ✅ | One-click escalation |
| KRI threshold configuration | /kri-builder router | Playground | ✅ | Visual threshold editor |
الوحدة 10: ضمان الجودة Program
| Feature | Backend | Frontend | Status | Notes |
|---|---|---|---|---|
| QA reviews per engagement | /qa router | /qa page | ✅ | Checklist-based |
| Scoring (Satisfactory/Needs Improvement) | QA service | QA detail | ✅ | Configurable criteria |
| QA templates | /qa router | /admin/qa-templates | ✅ | Reusable checklists |
| QA analytics | /qa-analytics router | QA page | ✅ | Scores over time |
الوحدة 11: الاستبيانات
| Feature | Backend | Frontend | Status | Notes |
|---|---|---|---|---|
| Multiple question types | /questionnaires router | /questionnaires page | ✅ | Text, rating, multi-choice, matrix |
| Conditional logic | Questionnaire model | Builder UI | ✅ | Show/hide based on answers |
| Scoring and risk assessment | Questionnaire service | Results page | ✅ | Automated scoring |
| Assignment and tracking | Questionnaire service | List page | ✅ | Completion tracking |
الوحدة 12: أطر الامتثال
| Feature | Backend | Frontend | Status | Notes |
|---|---|---|---|---|
| NCA ECC assessment | /nca router | /compliance/nca | ✅ | Essential Cybersecurity Controls |
| PDPL compliance | /pdpl router | /compliance/pdpl | ✅ | Personal Data Protection Law |
| CSCC compliance | Compliance service | /compliance/cscc | ✅ | Cloud Security |
| General frameworks | /compliance router | /compliance page | ✅ | Custom framework mapping |
| Gap analysis | Compliance service | Assessment detail | ✅ | Control gap identification |
الوحدة 13: AI Layer (Cross-Cutting)
| Feature | Backend | Frontend | Status | Notes |
|---|---|---|---|---|
| AI companion (contextual chat) | /chat router | Chat panel | ✅ | Per-engagement context |
| Evidence summarization | AI features service | Workpaper view | ✅ | Automatic summaries |
| Report narrative drafting | AI prompts | Report editor | ✅ | Section-by-section |
| Historical retrieval | RAG service | AI companion | ✅ | Prior audit references |
| Recurring finding detection | AI insight service | Findings page | ✅ | Cross-engagement patterns |
| Risk/control suggestion | AI features service | Engagement setup | ✅ | Based on universe |
| KRI exception analysis | AI features | Monitoring page | ✅ | Contextual interpretation |
| Scoping memo generation | /ai-features router | Engagement detail | ✅ | Full scoping document |
| Cross-audit summary | /ai-features router | /executive/summaries | ✅ | Multi-engagement analysis |
| Document intelligence | /doc-intelligence router | /doc-intelligence | ✅ | Narrative + flowchart |
| Data agent (SQL generation) | Data agent service | AI companion | ✅ | Natural language → SQL |
| AI diff review | AI diff service | Workpaper editor | ✅ | Before/after comparison |
| IPPF prompt governance | AI prompts router | Admin | ✅ | Versioned, audited prompts |
| Multi-provider LLM config | AI model configs | /admin/ai-models | ✅ | Ollama/Gemini/OpenAI/Anthropic |
| Agentic AI (multi-step tasks) | /agentic-ai router | /audit-agent | ✅ | Human-in-the-loop checkpoints |
الوحدة 14: التكاملات وواجهات البرمجة
| Feature | Backend | Frontend | Status | Notes |
|---|---|---|---|---|
| API key management | API key service | Admin section | ✅ | Create/revoke keys |
| Integration connectors | /connectors router | /admin/connectors | ✅ | Configurable endpoints |
| Webhook support | Webhook service | Admin config | ✅ | Event-driven notifications |
| Data refresh scheduling | /data-refreshes router | Admin config | ✅ | Automated data sync |
| SSO/OIDC integration | SSO service | /admin/sso | ✅ | Multi-provider support |
| MinIO/S3 storage | Storage service | Transparent | ✅ | Automatic routing |
Cross-Cutting الميزةs
| Feature | Status | Notes |
|---|---|---|
| RBAC/SoD at API + UI | ✅ | 7 default roles, custom role support |
| Immutable audit trail | ✅ | Every CUD, state change, approval, AI action |
| Versioning for governed records | ✅ | Workpapers, findings, reports |
| Evidence chain-of-custody | ✅ | SHA-256 hash, virus scan, uploader, timestamps |
| i18n (EN + AR, full RTL) | ✅ | Translation keys with fallbacks |
| Offline PWA support | ✅ | Local sync queue for air-gapped fieldwork |
| Multi-tenancy (org isolation) | ✅ | RLS policies, org-scoped queries |
| License enforcement | ✅ | RS256 JWT, tier-based module access |
| Billing (Stripe + Moyasar) | ✅ | Subscription management, usage metering |
Commercial / النشر والتوزيع الميزةs
| Feature | Status | Notes |
|---|---|---|
| Shared SaaS deployment | ✅ | OCI Riyadh, namespace isolation |
| Private Tenant deployment | 🟡 | Model ready, manual provisioning until Phase 2 |
| On-Premise deployment | ✅ | Docker Compose, air-gapped capable |
| License CLI management | ✅ | Generate, inspect, keygen commands |
| Tier-based feature gating | ✅ | Essentials → Professional → Enterprise → Sovereign |
| RLS database policies | ✅ | 19 policies across all tenant-scoped tables |
| Email verification signup | ✅ | JWT-based 24h verification tokens |
Last updated: May 24, 2026 · AIIA v1.0.0-beta