π·οΈ Hack23 Classification & Business Continuity Framework
May 10, 2026 Β· View on GitHub
π·οΈ Hack23 AB β Classification & Business Continuity Framework
Systematic Classification Excellence Through Impact Analysis
Enterprise-grade Classification Framework for Security and Business Decisions
π Document Owner: CEO | π Version: 1.5 | π
Last Updated: 2026-05-10 (UTC)
π Review Cycle: Annual | β° Next Review: 2027-05-10
π― Purpose Statement
Hack23 AB's classification framework demonstrates how systematic impact analysis directly enables both security excellence and business decision-making. Our comprehensive classification system serves as both operational framework and client demonstration of our cybersecurity consulting methodologies.
This document outlines the classification framework and business impact analysis matrix for Hack23, focusing on security, compliance, and business continuity. It provides a structured approach to assess the impact of incidents across various dimensions including confidentiality, integrity, availability, recovery time objective (RTO), and recovery point objective (RPO).
Our transparent classification approach showcases how methodical risk assessment and impact analysis create competitive advantages through informed decision-making and systematic security implementation. Under Hack23 AB's AI-augmented operating model, classification is applied at scale by the documentation and risk-assessment specialist agents β every new asset, supplier, risk entry, or repository receives a CIA / RTO / RPO / Privacy badge proposal during PR review, with the CEO making the final classification decision (the agents cannot promote/demote a classification without merge approval).
β James Pether SΓΆrling, CEO/Founder
π·οΈ Hack23 Classification & Business Continuity Framework
This document outlines the classification framework and business impact analysis matrix for Hack23, focusing on security, compliance, and business continuity. It provides a structured approach to assess the impact of incidents across various dimensions including confidentiality, integrity, availability, recovery time objective (RTO), and recovery point objective (RPO).
π° Business Impact Analysis Matrix
| Impact Category | Financial | Operational | Reputational | Regulatory |
|---|---|---|---|---|
| π Confidentiality | ||||
| β Integrity | ||||
| β±οΈ Availability |
π Impact Level Definitions
πΈ Financial Impact Levels {#financial-impact-levels}
Major revenue impact, significant penalties (>$10K daily)
Substantial penalties, customer compensation ($5K-10K daily)
Regulatory fines, recovery costs ($1K-5K daily)
Incident response costs, efficiency losses ($500-1K daily)
Minimal financial impact (<$500 daily)
No financial consequences
π’ Operational Impact Levels {#operational-impact-levels}
Complete service outage, emergency response
Major service degradation, 40-60% efficiency loss
Partial service impact, reduced productivity
Minor inconvenience, normal operations continue
No operational impact
π€ Reputational Impact Levels {#reputational-impact-levels}
International media coverage, long-term brand damage
National coverage, significant trust erosion
Industry attention, temporary reputation impact
Limited visibility, quick recovery
No reputational impact
π Regulatory Impact Levels {#regulatory-impact-levels}
Criminal charges, license revocation
Major penalties, regulatory sanctions
Significant fines, compliance violations
Minor penalties, documentation gaps
Warnings, corrective actions
No regulatory implications
π Security Classification Framework
π‘οΈ Confidentiality Levels {#confidentiality-levels}
β Integrity Levels {#integrity-levels}
β±οΈ Availability Levels {#availability-levels}
π·οΈ Privacy & PII Protection Levels {#privacy-levels}
β±οΈ Recovery Time Classifications
π¨ RTO (Recovery Time Objective) {#rto-classifications}
| Level | Badge | Time Window |
|---|---|---|
| Instant | < 5 minutes | |
| Critical | 5-60 minutes | |
| High | 1-4 hours | |
| Medium | 4-24 hours | |
| Low | 24-72 hours | |
| Standard | > 72 hours |
π RPO (Recovery Point Objective) {#rpo-classifications}
| Level | Badge | Data Loss Window |
|---|---|---|
| Zero Loss | < 1 minute | |
| Near Real-time | 1-15 minutes | |
| Minimal | 15-60 minutes | |
| Hourly | 1-4 hours | |
| Daily | 4-24 hours | |
| Extended | > 24 hours |
π― Project Type Classifications {#project-type-classifications}
ποΈ Technical Project Types
| Project Type | Badge | Description | Typical Security Level |
|---|---|---|---|
| Core Infrastructure | Critical systems supporting all services | High to Mission Critical | |
| Security Tools | Security assessment and monitoring | Very High to Extreme | |
| Compliance Platform | Regulatory compliance systems | High to Very High | |
| Data Analytics | Data processing and analysis | Moderate to High | |
| API Services | Backend services and APIs | Moderate to High | |
| Frontend Apps | User-facing applications | Low to Moderate | |
| Development Tools | Development utilities | Low to Moderate | |
| Banking Services | Financial and banking systems | Very High to Extreme | |
| Accounting Software | Accounting and bookkeeping systems | High to Very High | |
| Identity Services | Authentication and authorization | Very High to Extreme | |
| DevSecOps | Security integrated development tools | High to Very High | |
| License Compliance | Open source license management | Moderate to High | |
| AI Analytics | Artificial intelligence and ML services | Moderate to High | |
| AI Agent / Persona | Specialist Copilot agent persona definitions in .github/agents/ and product-level agents under CEO oversight; subject to AI Policy and OWASP LLM Security Policy | Moderate to High | |
| Agentic Workflow (gh-aw) | GitHub Agentic Workflow (.github/workflows/*-agentic*.yml / gh-aw) β autonomous CI/agent jobs with safe-output controls; aligned with github-agentic-workflows skill (R1βR28) | High to Very High | |
| MCP Server | Model Context Protocol servers exposing tools/resources/prompts to AI agents (e.g. European-Parliament-MCP-Server); aligned with mcp-server-development skill | High to Very High | |
| Content Creation | Media and content generation tools | Low to Moderate | |
| Payment Processing | Payment and transaction systems | Very High to Mission Critical | |
| Insurance | Insurance and risk management | High to Very High | |
| Development | General software development projects | Low to Moderate |
π’ Business Process Types
π Business Value Classification Framework
π‘οΈ Security Investment Returns {#security-investment-returns}
π― Competitive Differentiation {#competitive-differentiation}
π Porter's Five Forces Strategic Impact {#porters-five-forces}
π₯ Buyer Power Classification
| Impact Level | Badge | Customer Retention |
|---|---|---|
| Minimal | 95%+ retention | |
| Reduced | 85-95% retention | |
| Moderate | 70-85% retention | |
| High | 50-70% retention | |
| Extreme | <50% retention |
πͺ Supplier Power Classification
| Impact Level | Badge | Vendor Relationship |
|---|---|---|
| Minimal | Strong negotiation position | |
| Reduced | Good negotiation position | |
| Moderate | Balanced relationship | |
| High | Vendor dependency | |
| Extreme | Critical dependency |
πͺ New Entrants Barriers
| Barrier Level | Badge | Entry Prevention |
|---|---|---|
| Insurmountable | 99%+ prevention | |
| Very High | 90%+ prevention | |
| High | 70-90% prevention | |
| Moderate | 40-70% prevention | |
| Low | <40% prevention |
π Substitute Threats
| Threat Level | Badge | Market Protection |
|---|---|---|
| Minimal | Strong protection | |
| Low | Good protection | |
| Moderate | Some alternatives exist | |
| High | Many alternatives | |
| Critical | Superior alternatives |
π Competitive Rivalry
| Advantage Level | Badge | Market Position |
|---|---|---|
| Dominant | Clear market leader | |
| Strong | Top tier competitor | |
| Competitive | Competitive position | |
| Parity | Level playing field | |
| Disadvantage | Market disadvantage |
π§ How to Use This Classification Framework
π Complete Project Classification Template
Copy this template for each Hack23 project README:
## π Business Value & Strategic Impact
### π― Project Classification
[](./CLASSIFICATION.md#project-type-classifications)
[](./CLASSIFICATION.md#project-type-classifications)
### π Security Classification
[](./CLASSIFICATION.md#confidentiality-levels)
[](./CLASSIFICATION.md#integrity-levels)
[](./CLASSIFICATION.md#availability-levels)
### β±οΈ Business Continuity
[](./CLASSIFICATION.md#rto-classifications)
[](./CLASSIFICATION.md#rpo-classifications)
### π° Business Impact Analysis Matrix
| Impact Category | Financial | Operational | Reputational | Regulatory |
|-----------------|-----------|-------------|--------------|------------|
| **π Confidentiality** | [](./CLASSIFICATION.md#financial-impact-levels) | [](./CLASSIFICATION.md#operational-impact-levels) | [](./CLASSIFICATION.md#reputational-impact-levels) | [](./CLASSIFICATION.md#regulatory-impact-levels) |
| **β
Integrity** | [](./CLASSIFICATION.md#financial-impact-levels) | [](./CLASSIFICATION.md#operational-impact-levels) | [](./CLASSIFICATION.md#reputational-impact-levels) | [](./CLASSIFICATION.md#regulatory-impact-levels) |
| **β±οΈ Availability** | [](./CLASSIFICATION.md#financial-impact-levels) | [](./CLASSIFICATION.md#operational-impact-levels) | [](./CLASSIFICATION.md#reputational-impact-levels) | [](./CLASSIFICATION.md#regulatory-impact-levels) |
### π‘οΈ Security Investment Returns
[](./CLASSIFICATION.md#security-investment-returns)
[](./CLASSIFICATION.md#security-investment-returns)
[](./CLASSIFICATION.md#security-investment-returns)
### π― Competitive Differentiation
[](./CLASSIFICATION.md#competitive-differentiation)
[](./CLASSIFICATION.md#competitive-differentiation)
[](./CLASSIFICATION.md#competitive-differentiation)
### π Porter's Five Forces Strategic Impact
[](./CLASSIFICATION.md#porters-five-forces)
[](./CLASSIFICATION.md#porters-five-forces)
[](./CLASSIFICATION.md#porters-five-forces)
[](./CLASSIFICATION.md#porters-five-forces)
[](./CLASSIFICATION.md#porters-five-forces)
π¨ HTML Documentation Template
Copy this template for each Hack23 project HTML documentation:
<!-- Business Value & Strategic Impact Section -->
<section class="business-value" aria-labelledby="business-value-heading">
<h2 id="business-value-heading">π Business Value & Strategic Impact</h2>
<!-- Project Classification -->
<div class="classification-section">
<h3>π― Project Classification</h3>
<div class="badge-group" role="group" aria-label="Project type classification badges">
<a href="./CLASSIFICATION.md#project-type-classifications"
title="Project Type: [PROJECT_TYPE] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/Type-[PROJECT_TYPE]-[COLOR]?style=for-the-badge&logo=[ICON]&logoColor=white"
alt="Project Type: [PROJECT_TYPE]"
loading="lazy">
</a>
<a href="./CLASSIFICATION.md#project-type-classifications"
title="Business Process: [PROCESS_TYPE] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/Process-[PROCESS_TYPE]-[COLOR]?style=for-the-badge&logo=[ICON]&logoColor=white"
alt="Business Process: [PROCESS_TYPE]"
loading="lazy">
</a>
</div>
</div>
<!-- Security Classification -->
<div class="classification-section">
<h3>π Security Classification</h3>
<div class="badge-group" role="group" aria-label="Security classification badges">
<a href="./CLASSIFICATION.md#confidentiality-levels"
title="Confidentiality Level: [LEVEL] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/Confidentiality-[LEVEL]-[COLOR]?style=for-the-badge&logo=shield&logoColor=white"
alt="Confidentiality: [LEVEL]"
loading="lazy">
</a>
<a href="./CLASSIFICATION.md#integrity-levels"
title="Integrity Level: [LEVEL] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/Integrity-[LEVEL]-[COLOR]?style=for-the-badge&logo=check-circle&logoColor=white"
alt="Integrity: [LEVEL]"
loading="lazy">
</a>
<a href="./CLASSIFICATION.md#availability-levels"
title="Availability Level: [LEVEL] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/Availability-[LEVEL]-[COLOR]?style=for-the-badge&logo=server&logoColor=white"
alt="Availability: [LEVEL]"
loading="lazy">
</a>
</div>
</div>
<!-- Business Continuity -->
<div class="classification-section">
<h3>β±οΈ Business Continuity</h3>
<div class="badge-group" role="group" aria-label="Business continuity badges">
<a href="./CLASSIFICATION.md#rto-classifications"
title="Recovery Time Objective: [TIME_WINDOW]"
class="badge-link">
<img src="https://img.shields.io/badge/RTO-[TIME_WINDOW]-[COLOR]?style=for-the-badge&logo=clock&logoColor=white"
alt="RTO: [TIME_WINDOW]"
loading="lazy">
</a>
<a href="./CLASSIFICATION.md#rpo-classifications"
title="Recovery Point Objective: [DATA_LOSS_WINDOW]"
class="badge-link">
<img src="https://img.shields.io/badge/RPO-[DATA_LOSS_WINDOW]-[COLOR]?style=for-the-badge&logo=database&logoColor=white"
alt="RPO: [DATA_LOSS_WINDOW]"
loading="lazy">
</a>
</div>
</div>
<!-- Business Impact Analysis Matrix -->
<div class="classification-section">
<h3>π° Business Impact Analysis Matrix</h3>
<div class="impact-matrix" role="table" aria-label="Business impact analysis matrix">
<div class="matrix-header" role="rowgroup">
<div role="columnheader">Impact Category</div>
<div role="columnheader">Financial</div>
<div role="columnheader">Operational</div>
<div role="columnheader">Reputational</div>
<div role="columnheader">Regulatory</div>
</div>
<!-- Confidentiality Row -->
<div class="matrix-row" role="rowgroup">
<div class="matrix-cell category" role="rowheader">π Confidentiality</div>
<div class="matrix-cell" role="gridcell">
<a href="./CLASSIFICATION.md#financial-impact-levels"
title="Financial Impact: [LEVEL] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/[LEVEL]-[DESCRIPTION]-[COLOR]?style=for-the-badge&logo=dollar-sign&logoColor=white"
alt="Financial Impact: [LEVEL]"
loading="lazy">
</a>
</div>
<div class="matrix-cell" role="gridcell">
<a href="./CLASSIFICATION.md#operational-impact-levels"
title="Operational Impact: [LEVEL] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/[LEVEL]-[DESCRIPTION]-[COLOR]?style=for-the-badge&logo=exclamation-triangle&logoColor=white"
alt="Operational Impact: [LEVEL]"
loading="lazy">
</a>
</div>
<div class="matrix-cell" role="gridcell">
<a href="./CLASSIFICATION.md#reputational-impact-levels"
title="Reputational Impact: [LEVEL] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/[LEVEL]-[DESCRIPTION]-[COLOR]?style=for-the-badge&logo=newspaper&logoColor=white"
alt="Reputational Impact: [LEVEL]"
loading="lazy">
</a>
</div>
<div class="matrix-cell" role="gridcell">
<a href="./CLASSIFICATION.md#regulatory-impact-levels"
title="Regulatory Impact: [LEVEL] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/[LEVEL]-[DESCRIPTION]-[COLOR]?style=for-the-badge&logo=gavel&logoColor=white"
alt="Regulatory Impact: [LEVEL]"
loading="lazy">
</a>
</div>
</div>
<!-- Integrity Row -->
<div class="matrix-row" role="rowgroup">
<div class="matrix-cell category" role="rowheader">β
Integrity</div>
<div class="matrix-cell" role="gridcell">
<a href="./CLASSIFICATION.md#financial-impact-levels"
title="Financial Impact: [LEVEL] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/[LEVEL]-[DESCRIPTION]-[COLOR]?style=for-the-badge&logo=dollar-sign&logoColor=white"
alt="Financial Impact: [LEVEL]"
loading="lazy">
</a>
</div>
<div class="matrix-cell" role="gridcell">
<a href="./CLASSIFICATION.md#operational-impact-levels"
title="Operational Impact: [LEVEL] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/[LEVEL]-[DESCRIPTION]-[COLOR]?style=for-the-badge&logo=trending-down&logoColor=white"
alt="Operational Impact: [LEVEL]"
loading="lazy">
</a>
</div>
<div class="matrix-cell" role="gridcell">
<a href="./CLASSIFICATION.md#reputational-impact-levels"
title="Reputational Impact: [LEVEL] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/[LEVEL]-[DESCRIPTION]-[COLOR]?style=for-the-badge&logo=newspaper&logoColor=white"
alt="Reputational Impact: [LEVEL]"
loading="lazy">
</a>
</div>
<div class="matrix-cell" role="gridcell">
<a href="./CLASSIFICATION.md#regulatory-impact-levels"
title="Regulatory Impact: [LEVEL] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/[LEVEL]-[DESCRIPTION]-[COLOR]?style=for-the-badge&logo=gavel&logoColor=white"
alt="Regulatory Impact: [LEVEL]"
loading="lazy">
</a>
</div>
</div>
<!-- Availability Row -->
<div class="matrix-row" role="rowgroup">
<div class="matrix-cell category" role="rowheader">β±οΈ Availability</div>
<div class="matrix-cell" role="gridcell">
<a href="./CLASSIFICATION.md#financial-impact-levels"
title="Financial Impact: [LEVEL] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/[LEVEL]-[DESCRIPTION]-[COLOR]?style=for-the-badge&logo=dollar-sign&logoColor=white"
alt="Financial Impact: [LEVEL]"
loading="lazy">
</a>
</div>
<div class="matrix-cell" role="gridcell">
<a href="./CLASSIFICATION.md#operational-impact-levels"
title="Operational Impact: [LEVEL] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/[LEVEL]-[DESCRIPTION]-[COLOR]?style=for-the-badge&logo=stop-circle&logoColor=white"
alt="Operational Impact: [LEVEL]"
loading="lazy">
</a>
</div>
<div class="matrix-cell" role="gridcell">
<a href="./CLASSIFICATION.md#reputational-impact-levels"
title="Reputational Impact: [LEVEL] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/[LEVEL]-[DESCRIPTION]-[COLOR]?style=for-the-badge&logo=newspaper&logoColor=white"
alt="Reputational Impact: [LEVEL]"
loading="lazy">
</a>
</div>
<div class="matrix-cell" role="gridcell">
<a href="./CLASSIFICATION.md#regulatory-impact-levels"
title="Regulatory Impact: [LEVEL] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/[LEVEL]-[DESCRIPTION]-[COLOR]?style=for-the-badge&logo=gavel&logoColor=white"
alt="Regulatory Impact: [LEVEL]"
loading="lazy">
</a>
</div>
</div>
</div>
</div>
<!-- Security Investment Returns -->
<div class="classification-section">
<h3>π‘οΈ Security Investment Returns</h3>
<div class="badge-group" role="group" aria-label="Security investment return badges">
<a href="./CLASSIFICATION.md#security-investment-returns"
title="ROI Level: [LEVEL] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/ROI-[LEVEL]-[COLOR]?style=for-the-badge&logo=chart-line&logoColor=white"
alt="ROI: [LEVEL]"
loading="lazy">
</a>
<a href="./CLASSIFICATION.md#security-investment-returns"
title="Risk Mitigation: [PERCENTAGE]% Reduction"
class="badge-link">
<img src="https://img.shields.io/badge/Risk_Mitigation-[PERCENTAGE]_Reduction-green?style=for-the-badge&logo=shield&logoColor=white"
alt="Risk Mitigation: [PERCENTAGE]% Reduction"
loading="lazy">
</a>
<a href="./CLASSIFICATION.md#security-investment-returns"
title="Breach Prevention: [AMOUNT] Savings"
class="badge-link">
<img src="https://img.shields.io/badge/Breach_Prevention-[AMOUNT]_Savings-darkgreen?style=for-the-badge&logo=lock&logoColor=white"
alt="Breach Prevention: [AMOUNT] Savings"
loading="lazy">
</a>
</div>
</div>
<!-- Competitive Differentiation -->
<div class="classification-section">
<h3>π― Competitive Differentiation</h3>
<div class="badge-group" role="group" aria-label="Competitive differentiation badges">
<a href="./CLASSIFICATION.md#competitive-differentiation"
title="Market Position: [LEVEL] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/Position-[LEVEL]-[COLOR]?style=for-the-badge&logo=trending-up&logoColor=white"
alt="Market Position: [LEVEL]"
loading="lazy">
</a>
<a href="./CLASSIFICATION.md#competitive-differentiation"
title="Customer Trust: [IMPACT] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/Trust-[IMPACT]-lightblue?style=for-the-badge&logo=handshake&logoColor=white"
alt="Customer Trust: [IMPACT]"
loading="lazy">
</a>
<a href="./CLASSIFICATION.md#competitive-differentiation"
title="Regulatory Access: [LEVEL] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/Access-[LEVEL]-gold?style=for-the-badge&logo=key&logoColor=black"
alt="Regulatory Access: [LEVEL]"
loading="lazy">
</a>
</div>
</div>
<!-- Porter's Five Forces -->
<div class="classification-section">
<h3>π Porter's Five Forces Strategic Impact</h3>
<div class="badge-group porters-forces" role="group" aria-label="Porter's Five Forces strategic impact badges">
<a href="./CLASSIFICATION.md#porters-five-forces"
title="Buyer Power: [IMPACT] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/Buyer_Power-[IMPACT]-success?style=flat-square&logo=users&logoColor=white"
alt="Buyer Power: [IMPACT]"
loading="lazy">
</a>
<a href="./CLASSIFICATION.md#porters-five-forces"
title="Supplier Power: [IMPACT] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/Supplier_Power-[IMPACT]-info?style=flat-square&logo=handshake&logoColor=white"
alt="Supplier Power: [IMPACT]"
loading="lazy">
</a>
<a href="./CLASSIFICATION.md#porters-five-forces"
title="Entry Barriers: [LEVEL] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/Entry_Barriers-[LEVEL]-warning?style=flat-square&logo=shield-alt&logoColor=black"
alt="Entry Barriers: [LEVEL]"
loading="lazy">
</a>
<a href="./CLASSIFICATION.md#porters-five-forces"
title="Substitute Threat: [LEVEL] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/Substitute_Threat-[LEVEL]-secondary?style=flat-square&logo=shield&logoColor=white"
alt="Substitute Threat: [LEVEL]"
loading="lazy">
</a>
<a href="./CLASSIFICATION.md#porters-five-forces"
title="Competitive Rivalry: [ADVANTAGE] - [DESCRIPTION]"
class="badge-link">
<img src="https://img.shields.io/badge/Rivalry-[ADVANTAGE]-primary?style=flat-square&logo=trophy&logoColor=white"
alt="Competitive Rivalry: [ADVANTAGE]"
loading="lazy">
</a>
</div>
</div>
</section>
<!-- CSS Styles -->
<style>
.business-value {
margin: 2rem 0;
padding: 1.5rem;
border: 1px solid #d1d5da;
border-radius: 6px;
background-color: #f6f8fa;
}
.business-value h2 {
margin-top: 0;
margin-bottom: 1.5rem;
color: #24292f;
font-size: 1.5rem;
font-weight: 600;
border-bottom: 1px solid #d1d5da;
padding-bottom: 0.5rem;
}
.classification-section {
margin-bottom: 2rem;
}
.classification-section h3 {
margin: 0 0 1rem 0;
color: #24292f;
font-size: 1.25rem;
font-weight: 600;
}
.badge-group {
display: flex;
flex-wrap: wrap;
gap: 0.5rem;
align-items: center;
}
.badge-group.porters-forces {
gap: 0.25rem;
}
.badge-link {
text-decoration: none;
display: inline-block;
transition: opacity 0.2s ease;
}
.badge-link:hover {
opacity: 0.8;
}
.badge-link:focus {
outline: 2px solid #0969da;
outline-offset: 2px;
border-radius: 4px;
}
.badge-link img {
vertical-align: middle;
border: none;
}
.impact-matrix {
display: grid;
grid-template-columns: auto 1fr 1fr 1fr 1fr;
gap: 1px;
background-color: #d1d5da;
border: 1px solid #d1d5da;
border-radius: 6px;
overflow: hidden;
margin-top: 1rem;
}
.matrix-header {
display: contents;
}
.matrix-header > div {
background-color: #f6f8fa;
padding: 0.75rem;
font-weight: 600;
font-size: 0.875rem;
color: #24292f;
text-align: center;
border-bottom: 2px solid #d1d5da;
}
.matrix-row {
display: contents;
}
.matrix-cell {
background-color: #ffffff;
padding: 0.5rem;
text-align: center;
display: flex;
align-items: center;
justify-content: center;
min-height: 3rem;
}
.matrix-cell.category {
background-color: #f6f8fa;
font-weight: 600;
color: #24292f;
text-align: left;
justify-content: flex-start;
border-right: 2px solid #d1d5da;
}
/* Responsive Design */
@media (max-width: 768px) {
.badge-group {
flex-direction: column;
align-items: flex-start;
}
.impact-matrix {
grid-template-columns: 1fr;
gap: 0.5rem;
}
.matrix-header,
.matrix-row {
display: block;
margin-bottom: 1rem;
}
.matrix-cell {
display: block;
margin-bottom: 0.25rem;
text-align: left;
min-height: auto;
padding: 0.5rem;
}
.matrix-cell.category {
font-size: 1.1rem;
margin-bottom: 0.5rem;
border-right: none;
border-bottom: 1px solid #d1d5da;
}
}
/* Print Styles */
@media print {
.business-value {
background-color: transparent;
border: 1px solid #000;
}
.badge-link {
color: #000;
}
.badge-link::after {
content: " (" attr(href) ")";
font-size: 0.8em;
color: #666;
}
}
</style>
β Project Assessment Checklist
Use this checklist to ensure complete project template implementation:
π― Project Classification
- Technical Project Type badge implemented with correct type, color, and icon
- Business Process Type badge implemented with correct process, color, and icon
- All project classification badges link to correct GitHub framework sections
π Security Classification
- Confidentiality level badge implemented with correct level and color
- Integrity level badge implemented with correct level and color
- Availability level badge implemented with correct level and color
- All security classification badges link to correct framework definitions
β±οΈ Business Continuity
- Recovery Time Objective (RTO) badge implemented with correct time window and color
- Recovery Point Objective (RPO) badge implemented with correct data loss window and color
- All business continuity badges link to correct classification sections
π° Business Impact Analysis Matrix
- Confidentiality row completed with all four impact category badges (Financial, Operational, Reputational, Regulatory)
- Integrity row completed with all four impact category badges
- Availability row completed with all four impact category badges
- All impact badges use correct levels, descriptions, and colors matching framework definitions
- All impact badges link to correct impact level definition sections
π‘οΈ Security Investment Returns
- ROI Level badge implemented with correct level and color
- Risk Mitigation badge implemented with percentage reduction value
- Breach Prevention badge implemented with savings amount
- All investment return badges link to security investment returns section
π― Competitive Differentiation
- Market Position badge implemented with correct positioning level and color
- Customer Trust badge implemented with correct impact level
- Regulatory Access badge implemented with correct access level
- All competitive differentiation badges link to framework section
π Porter's Five Forces Strategic Impact
- Buyer Power badge implemented with correct impact level
- Supplier Power badge implemented with correct impact level
- Entry Barriers badge implemented with correct barrier level
- Substitute Threat badge implemented with correct threat level
- Competitive Rivalry badge implemented with correct advantage level
- All Porter's Five Forces badges use flat-square style and link to framework section
π Template Implementation Quality
- All badge URLs properly formatted and functional
- All placeholder values ([LEVEL], [COLOR], [DESCRIPTION], etc.) replaced with actual values
- Markdown syntax properly formatted with correct table structure
- Badge consistency maintained across all categories (style, linking, accessibility)
- Framework links verified to point to correct anchor sections
π Template Completion Tracking
Overall Template Completion: % (/32 items completed)
Section Completion Status:
- π― Project Classification: ___/3 items
- π Security Classification: ___/4 items
- β±οΈ Business Continuity: ___/3 items
- π° Impact Analysis Matrix: ___/5 items
- π‘οΈ Investment Returns: ___/4 items
- π― Competitive Differentiation: ___/4 items
- π Porter's Five Forces: ___/6 items
- π Implementation Quality: ___/5 items
Template Requirements:
- Minimum for Basic Projects: 80% completion required (26/32 items)
- Recommended for All Projects: 95% completion (31/32 items)
- Production Ready: 100% completion mandatory (32/32 items)
Review Status: [ ] Template Draft [ ] Ready for Review [X] Approved for Use
π Related Documents
π― Strategic & Governance
- π― Information Security Strategy - AI-first operations, Pentagon framework, and strategic classification direction
- π Information Security Policy - Security framework application with AI-First Operations Governance
- π€ AI Policy - AI-assisted classification and impact analysis
- π Risk Register - Risk classification implementation
π Security Policies & Controls
- π·οΈ Data Classification Policy - Data-specific classifications
- π» Asset Register - Asset classification examples
βοΈ Operational Integration
- π Business Continuity Plan - RTO/RPO implementation
π Document Control:
β
Approved by: James Pether SΓΆrling, CEO
π€ Distribution: Public
π·οΈ Classification:
π
Effective Date: 2026-05-10
β° Next Review: 2027-05-10
π― Framework Compliance: