{
  "id": "responsibility:dependency-audit",
  "_kind": "Responsibility",
  "_file": "role/responsibilities/responsibilities-security.yaml",
  "_cluster": "role",
  "attributes": {
    "displayName": "Dependency audit",
    "cadence": "scheduled",
    "description": "Periodic audit of third-party dependencies for vuln status, licensing,\nand supply-chain risk.\n"
  },
  "outgoingEdges": [
    {
      "from": "responsibility:dependency-audit",
      "to": "role:dependency-updater",
      "kind": "held_by",
      "attributes": {}
    },
    {
      "from": "responsibility:dependency-audit",
      "to": "role:license-auditor",
      "kind": "held_by",
      "attributes": {}
    },
    {
      "from": "responsibility:dependency-audit",
      "to": "role:security-scanner-bot",
      "kind": "held_by",
      "attributes": {}
    },
    {
      "from": "responsibility:dependency-audit",
      "to": "skill-area:dependency-vulnerability-mgmt",
      "kind": "requires_expertise",
      "attributes": {}
    }
  ],
  "incomingEdges": [
    {
      "from": "tool:wiz",
      "to": "responsibility:dependency-audit",
      "kind": "supports_work",
      "attributes": {
        "confidence": "medium",
        "evidence": "Runtime/cloud dependency exposure can inform dependency and supply-chain audit."
      }
    },
    {
      "from": "role:dependency-updater",
      "to": "responsibility:dependency-audit",
      "kind": "holds_responsibility"
    },
    {
      "from": "role:license-auditor",
      "to": "responsibility:dependency-audit",
      "kind": "holds_responsibility"
    },
    {
      "from": "role:dependency-updater-bot",
      "to": "responsibility:dependency-audit",
      "kind": "holds_responsibility"
    },
    {
      "from": "role:security-scanner-bot",
      "to": "responsibility:dependency-audit",
      "kind": "holds_responsibility"
    },
    {
      "from": "role:vulnerability-scanner",
      "to": "responsibility:dependency-audit",
      "kind": "holds_responsibility"
    },
    {
      "from": "workflow:ai-model-license-compliance",
      "to": "responsibility:dependency-audit",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:plugin-marketplace-review",
      "to": "responsibility:dependency-audit",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:compliance-technology-stack-audit",
      "to": "responsibility:dependency-audit",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:annual-compliance-review",
      "to": "responsibility:dependency-audit",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:cryptographic-library-upgrade",
      "to": "responsibility:dependency-audit",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:it-asset-lifecycle-management",
      "to": "responsibility:dependency-audit",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:fundraising-due-diligence-preparation",
      "to": "responsibility:dependency-audit",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:sustainability-supply-chain-audit",
      "to": "responsibility:dependency-audit",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:dependency-upgrade-cycle",
      "to": "responsibility:dependency-audit",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:ip-portfolio-review",
      "to": "responsibility:dependency-audit",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:oss-contribution-review",
      "to": "responsibility:dependency-audit",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:license-compliance-audit",
      "to": "responsibility:dependency-audit",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:regulatory-change-management",
      "to": "responsibility:dependency-audit",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:airworthiness-compliance-review",
      "to": "responsibility:dependency-audit",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:sustainable-fashion-audit",
      "to": "responsibility:dependency-audit",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:public-procurement-compliance",
      "to": "responsibility:dependency-audit",
      "kind": "triggers_responsibility",
      "attributes": {}
    }
  ]
}