Chukwuemerie-ezieke/school-incident-response-playbook-generator
GitHub: Chukwuemerie-ezieke/school-incident-response-playbook-generator
Stars: 0 | Forks: 0
# School Incident Response Playbook Generator
## Table of Contents
- [Overview](#overview)
- [Features](#features)
- [Incident Types Covered](#incident-types-covered)
- [How It Works](#how-it-works)
- [Tech Stack](#tech-stack)
- [Getting Started](#getting-started)
- [Prerequisites](#prerequisites)
- [Installation](#installation)
- [Development](#development)
- [Production Build](#production-build)
- [Deployment](#deployment)
- [GitHub Pages](#github-pages)
- [Other Platforms](#other-platforms)
- [Project Structure](#project-structure)
- [Regulatory Framework](#regulatory-framework)
- [Contributing](#contributing)
- [License](#license)
- [Credits](#credits)
## Overview
African K-12 schools increasingly rely on digital systems — student databases, AI-powered learning tools, online platforms — but most lack a documented incident response procedure. When something goes wrong, staff scramble with no clear protocol.
This tool solves that by generating a **customised, printable incident response playbook** in seconds. Staff fill in their school details and incident specifics, and the generator produces:
- Phased response steps with urgency labels
- NDPC (Nigeria Data Protection Commission) notification templates
- Parent/guardian communication emails
- Internal staff notices
- Evidence preservation checklists
- Post-incident review procedures
**No data is sent to any server.** Everything runs entirely in the browser.
## Features
| Feature | Description |
|---------|-------------|
| **4 Incident Types** | Data Breach, Harmful AI Output, Algorithmic Bias/Discrimination, Cyberbullying/Online Safety |
| **NDPC 72-Hour Clock** | Automatically calculates the regulatory notification deadline from the discovery timestamp |
| **Personalised Templates** | Parent email, staff notice, and NDPC notification pre-filled with your school's details |
| **Severity Classification** | Low / Medium / High / Critical — tailors the urgency of each response step |
| **Print / Save as PDF** | One-click print-optimised output with professional formatting for physical records |
| **Copy-to-Clipboard** | Instantly copy any communication template for use in email or messaging |
| **Post-Incident Checklist** | 8-step recovery and review process aligned with best practice |
| **100% Client-Side** | No backend, no data collection, no cookies — fully offline-capable after first load |
| **Mobile Responsive** | Works on phones, tablets, and desktops |
| **Dark Mode Support** | Respects system preference |
| **Harmony Digital Branding** | Professional branding for Harmony Digital Consults Ltd |
## Incident Types Covered
### 1. Data Breach / Unauthorised Disclosure
Covers: hacked accounts, lost/stolen devices, insider errors, system vulnerabilities, third-party vendor breaches. Includes the mandatory NDPC 72-hour notification workflow.
### 2. Harmful AI Output / AI Safety Incident
Covers: AI tools generating violent, sexual, extremist, or misleading content in school settings. Includes AI tool suspension protocol, safeguarding escalation, and ISO 42001 governance recommendations.
### 3. Algorithmic Bias / Discrimination Event
Covers: AI or system-driven bias in grading, content filtering, student placement, or profiling. Includes automated decision-making rights under NDPA 2023 Section 36, independent audit requirements, and corrective action protocols.
### 4. Cyberbullying / Online Safety Incident
## How It Works
┌─────────────────┐ ┌──────────────────┐ ┌────────────────────┐
│ Step 1 │ │ Step 2 │ │ Step 3 │
│ School Profile │ ──► │ Incident Details │ ──► │ Review & Generate │
│ │ │ │ │ │
│ - School name │ │ - Incident type │ │ - Confirm details │
│ - Principal │ │ - Severity │ │ - Generate │
│ - DPO │ │ - Description │ │ Playbook │
│ - Location │ │ - Data involved │ │ │
└─────────────────┘ └──────────────────┘ └────────────────────┘
│
▼
┌────────────────────┐
│ Generated Playbook │
│ │
│ 📋 Response Steps │
│ 📧 Email Templates │
│ ✅ Checklists │
│ 🖨️ Print / PDF │
└────────────────────┘
## Tech Stack
| Technology | Purpose |
|-----------|---------|
| **React 18** | UI framework |
| **TypeScript** | Type safety |
| **Vite** | Build tool & dev server |
| **Tailwind CSS v3** | Utility-first styling |
| **shadcn/ui** | Component library (Radix UI primitives) |
| **Wouter** | Lightweight client-side routing (hash-based) |
| **Lucide React** | Icon library |
| **Plus Jakarta Sans** | Display typography (Google Fonts) |
| **DM Sans** | Body typography (Google Fonts) |
## Getting Started
### Prerequisites
- **Node.js** >= 18.x
- **npm** >= 9.x
### Installation
# Clone the repository
git clone https://github.com/Chukwuemerie-ezieke/school-incident-response-playbook-generator.git
cd school-incident-response-playbook-generator
# Install dependencies
npm install
### Development
# Start the development server
npm run dev
# The app will be available at http://localhost:5000
The development server supports hot module replacement (HMR) — changes to React components appear instantly without a full page reload.
### Production Build
# Build for production
npm run build
# Output is in dist/public/
The build produces a fully static site (HTML + CSS + JS) with no backend dependencies.
## Deployment
### GitHub Pages
This repository includes a GitHub Actions workflow that automatically builds and deploys to GitHub Pages on every push to `main`.
**To enable:**
1. Go to your repository **Settings** → **Pages**
2. Under **Source**, select **GitHub Actions**
3. Push to `main` — the workflow handles the rest
The site will be live at:
https://chukwuemerie-ezieke.github.io/school-incident-response-playbook-generator/
### Other Platforms
The production build (`dist/public/`) is a static site that can be deployed anywhere:
| Platform | Command / Method |
|----------|-----------------|
| **Netlify** | Drag & drop `dist/public/` folder, or connect the repo |
| **Vercel** | `vercel --prod` from project root |
| **Cloudflare Pages** | Connect repo, build command: `npm run build`, output: `dist/public` |
| **AWS S3** | Upload `dist/public/` to an S3 bucket with static hosting enabled |
| **Any web server** | Serve the contents of `dist/public/` as static files |
## Project Structure
school-incident-response-playbook-generator/
├── .github/
│ └── workflows/
│ └── deploy.yml # GitHub Actions: build & deploy to Pages
├── client/
│ ├── index.html # HTML entry point
│ └── src/
│ ├── App.tsx # Root component with routing
│ ├── index.css # Global styles, design tokens, print CSS
│ ├── main.tsx # React entry point
│ ├── components/
│ │ └── ui/ # shadcn/ui components (Button, Card, etc.)
│ ├── hooks/
│ │ ├── use-mobile.tsx # Mobile detection hook
│ │ └── use-toast.ts # Toast notification hook
│ ├── lib/
│ │ ├── playbook-generator.ts # Core playbook generation logic
│ │ ├── queryClient.ts # TanStack Query client
│ │ └── utils.ts # Utility functions
│ └── pages/
│ ├── Home.tsx # Multi-step intake form
│ ├── Playbook.tsx # Generated playbook display
│ └── not-found.tsx # 404 page
├── shared/
│ └── schema.ts # TypeScript types and interfaces
├── server/ # Express server (dev only, not needed for static deploy)
├── package.json
├── tailwind.config.ts
├── tsconfig.json
├── vite.config.ts
├── CONTRIBUTING.md
├── LICENSE
└── README.md
### Key Files
| File | Description |
|------|-------------|
| `client/src/lib/playbook-generator.ts` | Contains all playbook content logic — response steps, communication templates, and checklists for all 4 incident types |
| `client/src/pages/Home.tsx` | Multi-step form with validation (School Profile → Incident Details → Review & Generate) |
| `client/src/pages/Playbook.tsx` | Playbook display with tabs (Response Steps, Communication Templates, Post-Incident) |
| `shared/schema.ts` | TypeScript interfaces for `SchoolProfile`, `IncidentDetails`, and `PlaybookData` |
| `client/src/index.css` | Design tokens (navy/amber palette), Tailwind config, and `@media print` styles |
## Regulatory Framework
This tool aligns with the following Nigerian and international frameworks:
| Framework | Relevance |
|-----------|-----------|
| **Nigeria Data Protection Act 2023 (NDPA)** | 72-hour breach notification (Section 40), automated decision-making rights (Section 36), children's data processing requirements |
| **Nigeria Data Protection Regulation 2019 (NDPR)** | Legacy data protection framework — still referenced in many school policies |
| **Cybercrimes (Prohibition, Prevention, Etc.) Act 2015** | Criminal referral criteria for cyberbullying, hacking, and online abuse |
| **Child Rights Act 2003** | Safeguarding obligations for schools handling student data and welfare |
| **ISO/IEC 27001:2022** | Information security management — incident response, evidence preservation, recovery |
| **ISO/IEC 42001:2023** | AI management system — AI governance, bias mitigation, responsible AI deployment |
## License
This project is licensed under the **MIT License**. See [LICENSE](LICENSE) for details.
标签:自动化攻击