datasynth_core/models/organizational_profile.rs
1//! Organizational profile models for entity-level understanding.
2//!
3//! These models describe the IT landscape, regulatory environment, and
4//! structural characteristics of an audited entity (ISA 315 risk assessment).
5
6use serde::{Deserialize, Serialize};
7
8/// An IT system in the entity's technology landscape.
9///
10/// Auditors assess IT general controls (ITGCs) and application controls
11/// around each significant system that processes financial data.
12#[derive(Debug, Clone, Serialize, Deserialize)]
13pub struct ItSystem {
14 /// System name (e.g., "SAP S/4HANA", "Oracle EBS")
15 pub name: String,
16 /// Vendor (e.g., "SAP", "Oracle", "Microsoft")
17 pub vendor: String,
18 /// Functional module (e.g., "ERP", "CRM", "HCM", "Treasury")
19 pub module: String,
20 /// Category: "core_financial", "operational", or "reporting"
21 pub category: String,
22}
23
24/// High-level organizational profile of an audited entity.
25///
26/// Captures the IT systems, regulatory environment, prior auditor, and
27/// organizational structure that inform the auditor's risk assessment
28/// under ISA 315 and engagement acceptance under ISA 220.
29#[derive(Debug, Clone, Serialize, Deserialize)]
30pub struct OrganizationalProfile {
31 /// Entity / company code this profile describes
32 pub entity_code: String,
33 /// IT systems in use across the entity
34 #[serde(default)]
35 pub it_systems: Vec<ItSystem>,
36 /// Applicable regulatory regimes (e.g., "SOX", "GDPR", "Basel III")
37 #[serde(default)]
38 pub regulatory_environment: Vec<String>,
39 /// Name of the predecessor audit firm, if any
40 #[serde(default, skip_serializing_if = "Option::is_none")]
41 pub prior_auditor: Option<String>,
42 /// Narrative description of the organizational structure
43 #[serde(default)]
44 pub org_structure_description: String,
45}