Name
sn_risk_advanced.RiskRollupUtilsBase
Description
No description available
Script
var RiskRollupUtilsBase = Class.create();
RiskRollupUtilsBase.prototype = {
initialize: function() {},
markAssessmentResultsDirty: function(asmtInstance) {
return this._markAssessmentResultsDirty(asmtInstance);
},
markAssessmentsDirtyFromEntity: function(entityId) {
return this._markAssessmentsDirtyFromEntity(entityId);
},
generateAssessmentResultForEntity: function(upstreamEntity, downStreamEntity) {
this._generateAssessmentResultForEntity(upstreamEntity, downStreamEntity);
},
removeOrUpdateRelatedAssessmentResults: function(upstreamEntity, downStreamEntity) {
this._removeOrUpdateRelatedAssessmentResults(upstreamEntity, downStreamEntity);
},
markAssessmentsDirtyFromRiskStatement: function(riskStmtId) {
return this._markAssessmentsDirtyFromRiskStatement(riskStmtId);
},
calculateScores: function() {
this._calculateScores('entity');
this._calculateScores('statement');
this._calculateScores('aggregate');
},
handleEntityDeletion: function(upStreamEntities, ramArr) {
this._handleEntityDeletion(upStreamEntities, ramArr);
},
handleRiskDeletion: function(entityId, stmt, instances, ramIDs) {
return this._handleRiskDeletion(entityId, stmt, instances, ramIDs);
},
getAssociatedRAMs: function(entityId) {
return this._getAssociatedRAMs(entityId);
},
getAssessmentTypeIds: function(obj, ramId) {
return this._getAssessmentTypeIds(obj, ramId);
},
getRatingDisplay: function(ratingId, score) {
return this._getRatingDisplay(ratingId, score);
},
markAllRollupAsDirty: function(ramID) {
this._markAllRollupCalculation(ramID);
},
_markAllRollupCalculation: function(ramID) {
var results = new GlideRecord('sn_risk_advanced_risk_assessment_result');
results.addQuery('risk_assessment_methodology', ramID);
results.query();
while (results.next()) {
results.status = '1';
results.update();
}
},
getAssessmentResult: function(asmtResult) {
return this._getAssessmentResult(asmtResult);
},
getAsmtInstances: function(risk, ramIDs) {
return this._getAsmtInstances(risk, ramIDs);
},
_getAsmtInstances: function(risk, ramIDs) {
var instances = [];
var asmts = new GlideRecord('sn_risk_advanced_risk_assessment_instance');
asmts.addQuery('risk', risk);
asmts.addQuery('state', '7');
asmts.query();
while (asmts.next()) {
instances.push(asmts.getUniqueValue() + '');
if (ramIDs.indexOf(asmts.risk_assessment_methodology + '') == -1) {
ramIDs.push(asmts.risk_assessment_methodology + '');
}
}
return instances;
},
_getAssessmentResult: function(asmtResult) {
var gr = new GlideRecord(asmtResult.getTableName());
gr.addQuery('entity', asmtResult.entity);
gr.addQuery('statement', asmtResult.statement);
gr.addQuery('risk_assessment_methodology', asmtResult.risk_assessment_methodology);
gr.query();
return gr.hasNext();
},
_getAssociatedRAMs: function(entityId) {
var ramArr = [];
var results = new GlideRecord('sn_risk_advanced_risk_assessment_result');
results.addQuery('entity', entityId);
results.query();
while (results.next()) {
if (ramArr.indexOf(results.risk_assessment_methodology + '') == -1)
ramArr.push(results.risk_assessment_methodology + '');
}
return ramArr;
},
_getDownstreamProfileRAMs: function(entityId) {
var ramIDs = [];
var downStreamProfiles = new sn_grc.GRCProfileLists().getValidDownstreamProfileIDs(entityId);
var asmts = new GlideRecord('sn_risk_advanced_risk_assessment_instance');
asmts.addQuery('entity_1', 'IN', downStreamProfiles);
asmts.addQuery('state', '7');
asmts.query();
while (asmts.next()) {
if (ramIDs.indexOf(asmts.risk_assessment_methodology + '') == -1) {
ramIDs.push(asmts.risk_assessment_methodology + '');
}
}
return ramIDs;
},
_generateAssessmentResultForEntity: function(upstreamEntity, downStreamEntity) {
var upstreamProfiles = new sn_grc.GRCProfileLists().getValidUpstreamProfileIDs(upstreamEntity);
upstreamProfiles.push(upstreamEntity);
var results = new GlideRecord('sn_risk_advanced_risk_assessment_result');
results.addEncodedQuery('statementISEMPTY');
results.addQuery('entity', downStreamEntity);
results.addQuery('risk_assessment_methodology.state', '2');
results.query();
var gr = new GlideRecord('sn_risk_advanced_risk_assessment_result');
while (results.next()) {
for (var i = 0; i < upstreamProfiles.length; i++) {
gr.initialize();
gr.addQuery('entity', upstreamProfiles[i]);
gr.addQuery('risk_assessment_methodology', results.risk_assessment_methodology);
gr.addEncodedQuery('statementISEMPTY');
gr.addQuery();
gr.query();
if (!gr.next()) {
gr.setValue('entity', upstreamProfiles[i]);
gr.setValue('risk_assessment_methodology', results.risk_assessment_methodology);
gr.setValue('status', '1');
gr.insert();
} else {
gr.setValue('status', '1');
gr.update();
}
gr.initialize();
gr.addQuery('entity', upstreamProfiles[i]);
gr.addEncodedQuery('statementISNOTEMPTY');
gr.addQuery('risk_assessment_methodology', results.risk_assessment_methodology);
gr.query();
while (gr.next()) {
gr.setValue('status', '1');
gr.update();
}
}
}
},
_removeOrUpdateRelatedAssessmentResults: function(upStream, downStream) {
var upstreamProfiles = new sn_grc.GRCProfileLists().getValidUpstreamProfileIDs(upStream);
upstreamProfiles.unshift(upStream);
var results = new GlideRecord('sn_risk_advanced_risk_assessment_result');
results.addQuery('entity', downStream);
results.addEncodedQuery('statementISEMPTY');
results.query();
while (results.next()) {
for (var i = 0; i < upstreamProfiles.length; i++) {
this._updateOrDeleteAssessments(results.risk_assessment_methodology, upstreamProfiles[i]);
}
}
},
_updateOrDeleteAssessments: function(ramID, upStream, downStream) {
if (!this._isRamInPublishedState(ramID))
return;
var entity = new GlideRecord('sn_grc_profile');
if (!entity.get(upStream))
return;
var downstreamProfiles = [];
if (this._isActive('sn_grc_profile', upStream)) {
downstreamProfiles = new sn_grc.GRCProfileLists().getDirectDownStreamProfiles(upStream);
}
var gr = new GlideRecord('sn_risk_advanced_risk_assessment_result');
gr.addQuery('entity', "IN", downstreamProfiles);
if (downStream)
gr.addQuery('entity', '!=', downStream);
gr.addQuery('risk_assessment_methodology', ramID);
gr.addEncodedQuery('statementISEMPTY');
gr.query();
if (!gr.hasNext() && !this._hasAssessmentInstancesForEntity(upStream, ramID)) {
gr.initialize();
gr.addQuery('entity', upStream);
gr.addEncodedQuery('statementISEMPTY');
gr.addQuery('risk_assessment_methodology', ramID);
gr.query();
gr.next();
gr.deleteRecord();
} else {
gr.initialize();
gr.addQuery('entity', upStream);
gr.addEncodedQuery('statementISEMPTY');
gr.addQuery('risk_assessment_methodology', ramID);
gr.query();
if (gr.next()) {
gr.status = '1';
gr.update();
}
}
gr.initialize();
gr.addQuery('entity', upStream);
gr.addEncodedQuery('statementISNOTEMPTY');
gr.addQuery('risk_assessment_methodology', ramID);
gr.query();
while (gr.next()) {
gr.status = '1';
gr.update();
}
},
_hasAssessmentInstancesForEntity: function(entity, ramId) {
var gr = new GlideRecord('sn_risk_advanced_risk_assessment_instance');
gr.addQuery('entity_1', entity);
gr.addQuery('risk_assessment_methodology', ramId);
gr.addQuery('active', true);
gr.addQuery('state', '7');
gr.query();
return gr.hasNext();
},
_hasAssessmentInstancesForRiskStatement: function(stmt, ramId) {
var gr = new GlideRecord('sn_risk_advanced_risk_assessment_instance');
gr.addQuery('risk.statement', stmt);
gr.addQuery('risk_assessment_methodology', ramId);
gr.addQuery('active', true);
gr.addQuery('state', '7');
gr.query();
return gr.hasNext();
},
_markAssessmentResultsDirty: function(asmtInstance) {
this._markUpstreamEntitiesDirty(asmtInstance);
this._markAncestorStatementDirty(asmtInstance);
this._markReportsDirty(asmtInstance);
},
_markAssessmentsDirtyFromEntity: function(entityId) {
var upstreamProfiles = new sn_grc.GRCProfileLists().getValidUpstreamProfileIDs(entityId);
upstreamProfiles.unshift(entityId);
var ramIDs = this._getDownstreamProfileRAMs(entityId);
for (var j = 0; j < ramIDs.length; j++) {
for (var i = 0; i < upstreamProfiles.length; i++) {
if (!this._isActive('sn_grc_profile', entityId)) {
this._updateOrDeleteAssessments(ramIDs[j], upstreamProfiles[i]);
} else {
this._handleAssessmentActive(upstreamProfiles[i], ramIDs[j]);
}
}
}
},
handleAssessmentActiveChanges: function(asmt) {
this._handleAssessmentActiveChanges(asmt);
},
_handleAssessmentActiveChanges: function(asmt) {
if (asmt.risk.statement) {
var stmt = asmt.risk.statement;
var riskStatements = [];
riskStatements.push(stmt);
new sn_risk_advanced.RiskUtilities().getRiskStatementAncestors(stmt, riskStatements);
for (var j = 0; j < riskStatements.length; j++) {
this._updateOrDeleteAssessmentsFromStatement(asmt, riskStatements[j]);
}
}
var entityId = asmt.entity_1;
var upstreamProfiles = new sn_grc.GRCProfileLists().getValidUpstreamProfileIDs(entityId);
upstreamProfiles.unshift(entityId);
var gr = new GlideRecord('sn_risk_advanced_risk_assessment_result');
for (var i = 0; i < upstreamProfiles.length; i++) {
if (asmt.state != '7') {
this._updateOrDeleteAssessments(asmt.risk_assessment_methodology, upstreamProfiles[i]);
} else {
this._handleAssessmentActive(upstreamProfiles[i], asmt.risk_assessment_methodology);
}
}
},
_handleAssessmentActive: function(entityId, ramId) {
if (!this._isRamInPublishedState(ramId))
return;
var gr = new GlideRecord('sn_risk_advanced_risk_assessment_result');
gr.addQuery('entity', entityId);
gr.addEncodedQuery('statementISEMPTY');
gr.addQuery('risk_assessment_methodology', ramId);
gr.query();
if (!gr.next()) {
gr.initialize();
gr.setValue('entity', entityId);
gr.setValue('risk_assessment_methodology', ramId);
gr.setValue('status', '1');
gr.insert();
} else {
gr.setValue('status', '1');
gr.update();
}
gr.initialize();
gr.addQuery('entity', entityId);
gr.addEncodedQuery('statementISNOTEMPTY');
gr.addQuery('risk_assessment_methodology', ramId);
gr.query();
while (gr.next()) {
gr.setValue('status', '1');
gr.update();
}
},
_handleEntityDeletion: function(upStreamEntities, ramArr) {
upStreamEntities = upStreamEntities.split(',');
ramArr = ramArr.split(',');
var results = {};
var deletedEntity = upStreamEntities[0];
for (var i = 0; i < ramArr.length; i++) {
results.risk_assessment_methodology = ramArr[i];
for (var j = 1; j < upStreamEntities.length; j++) {
this._updateOrDeleteAssessments(results.risk_assessment_methodology, upStreamEntities[j], deletedEntity);
}
}
},
_markAssessmentsDirtyFromRiskStatement: function(riskStmtId) {
var riskStatements = [];
riskStatements.push(riskStmtId + '');
new sn_risk_advanced.RiskUtilities().getRiskStatementAncestors(riskStmtId, riskStatements);
var results = new GlideRecord('sn_risk_advanced_risk_assessment_result');
results.addQuery('statement', riskStmtId);
results.addEncodedQuery('entityISEMPTY');
results.query();
while (results.next()) {
for (var j = 0; j < riskStatements.length; j++) {
this._updateOrDeleteAssessmentsFromStatement(results, riskStatements[j]);
}
}
},
_updateOrDeleteAssessmentsFromStatement: function(results, statement) {
if (!this._isRamInPublishedState(results.risk_assessment_methodology))
return;
var directChildren = [];
var stmts = new GlideRecord('sn_risk_definition');
if (!stmts.get(statement))
return;
stmts.initialize();
stmts.addQuery('parent', statement);
stmts.query();
while (stmts.next()) {
directChildren.push(stmts.getUniqueValue() + '');
}
var gr = new GlideRecord('sn_risk_advanced_risk_assessment_result');
gr.addQuery('statement', "IN", directChildren);
gr.addEncodedQuery('entityISEMPTY');
gr.addQuery('risk_assessment_methodology', results.risk_assessment_methodology);
gr.query();
if (!gr.hasNext() && !this._hasAssessmentInstancesForRiskStatement(statement, results.risk_assessment_methodology)) {
gr.initialize();
gr.addQuery('statement', statement);
gr.addEncodedQuery('entityISEMPTY');
gr.addQuery('risk_assessment_methodology', results.risk_assessment_methodology);
gr.query();
gr.next();
gr.deleteRecord();
} else {
gr.initialize();
gr.addQuery('statement', statement);
gr.addEncodedQuery('entityISEMPTY');
gr.addQuery('risk_assessment_methodology', results.risk_assessment_methodology);
gr.query();
if (gr.next()) {
gr.status = '1';
gr.update();
} else {
gr.initialize();
gr.setValue('statement', statement);
gr.setValue('risk_assessment_methodology', results.risk_assessment_methodology);
gr.insert();
}
}
gr.initialize();
gr.addQuery('statement', statement);
gr.addEncodedQuery('entityISNOTEMPTY');
gr.addQuery('risk_assessment_methodology', results.risk_assessment_methodology);
gr.query();
while (gr.next()) {
gr.status = '1';
gr.update();
}
},
_markAssessmentInactive: function(entityId) {
var results = new GlideRecord("sn_risk_advanced_risk_assessment_instance");
results.addQuery('entity_1', entityId);
results.query();
var active = this._isActive('sn_grc_profile', entityId);
while (results.next()) {
results.active = active;
results.update();
}
},
_markUpstreamEntitiesDirty: function(asmtInstance) {
var upstreamProfiles = new sn_grc.GRCProfileLists().getValidUpstreamProfileIDs(asmtInstance.entity_1);
upstreamProfiles.push(asmtInstance.entity_1);
for (var i = 0; i < upstreamProfiles.length; i++) {
if (this._isActive('sn_grc_profile', upstreamProfiles[i]))
this._markEntityAssessmentsDirty(upstreamProfiles[i], asmtInstance.risk_assessment_methodology);
}
},
_markAncestorStatementDirty: function(asmtInstance) {
if (!asmtInstance.risk.statement)
return;
var riskStatements = [];
riskStatements.push(asmtInstance.risk.statement + '');
new sn_risk_advanced.RiskUtilities().getRiskStatementAncestors(asmtInstance.risk.statement, riskStatements);
for (var i = 0; i < riskStatements.length; i++) {
this._markRiskStatementAssessmentsDirty(riskStatements[i], asmtInstance.risk_assessment_methodology);
}
},
_markReportsDirty: function(asmtInstance) {
if (!this._isRamInPublishedState(asmtInstance.risk_assessment_methodology))
return;
var upstreamProfiles = new sn_grc.GRCProfileLists().getValidUpstreamProfileIDs(asmtInstance.entity_1);
upstreamProfiles.push(asmtInstance.entity_1);
var riskStatements = [];
riskStatements.push(asmtInstance.risk.statement + '');
new sn_risk_advanced.RiskUtilities().getRiskStatementAncestors(asmtInstance.risk.statement, riskStatements);
var assessmentResult = new GlideRecord('sn_risk_advanced_risk_assessment_result');
assessmentResult.addQuery('entity', 'IN', upstreamProfiles);
assessmentResult.addQuery('statement', 'IN', riskStatements);
assessmentResult.addQuery('risk_assessment_methodology', asmtInstance.risk_assessment_methodology);
assessmentResult.query();
while (assessmentResult.next()) {
assessmentResult.status = '1';
assessmentResult.update();
}
},
_markEntityAssessmentsDirty: function(entity, ramId) {
if (!this._isRamInPublishedState(ramId))
return;
var assessmentResult = new GlideRecord('sn_risk_advanced_risk_assessment_result');
assessmentResult.addQuery('entity', entity);
assessmentResult.addEncodedQuery('statementISEMPTY');
assessmentResult.addQuery('risk_assessment_methodology', ramId);
assessmentResult.query();
if (assessmentResult.next()) {
assessmentResult.status = '1';
assessmentResult.update();
} else {
assessmentResult.initialize();
assessmentResult.risk_assessment_methodology = ramId;
assessmentResult.entity = entity;
assessmentResult.status = '1';
assessmentResult.insert();
}
},
_markRiskStatementAssessmentsDirty: function(statement, ramId) {
if (!this._isRamInPublishedState(ramId))
return;
var assessmentResult = new GlideRecord('sn_risk_advanced_risk_assessment_result');
assessmentResult.addQuery('statement', statement);
assessmentResult.addEncodedQuery('entityISEMPTY');
assessmentResult.addQuery('risk_assessment_methodology', ramId);
assessmentResult.query();
if (assessmentResult.next()) {
assessmentResult.status = '1';
assessmentResult.update();
} else {
assessmentResult.initialize();
assessmentResult.risk_assessment_methodology = ramId;
assessmentResult.statement = statement;
assessmentResult.status = '1';
assessmentResult.insert();
}
},
_getAssessmentTypeIds: function(obj, ramId) {
if (obj[ramId])
return obj[ramId];
var assessmentIds = {};
var assessmentType = new GlideRecord('sn_risk_advanced_assessment_type');
assessmentType.addQuery('risk_assessment_methodology', ramId);
assessmentType.query();
while (assessmentType.next()) {
if (assessmentType.display_order == 1) {
assessmentIds.inherent = assessmentType.getUniqueValue();
} else if (assessmentType.display_order == 2) {
assessmentIds.control = assessmentType.getUniqueValue();
} else if (assessmentType.display_order == 3) {
assessmentIds.residual = assessmentType.getUniqueValue();
} else if (assessmentType.display_order == 4) {
assessmentIds.target = assessmentType.getUniqueValue();
}
}
obj[ramId] = assessmentIds;
return obj[ramId];
},
_calculateScores: function(choice) {
var assessmentResult = new GlideRecord('sn_risk_advanced_risk_assessment_result');
assessmentResult.addQuery("statusIN1,3");
if (choice == "entity")
assessmentResult.addNullQuery('statement');
else if (choice == "aggregate")
assessmentResult.addNotNullQuery('report_definition');
else if (choice == "statement")
assessmentResult.addNullQuery('entity');
assessmentResult.query();
while (assessmentResult.next()) {
if (assessmentResult.status == '1') {
assessmentResult.setValue("status", '3');
assessmentResult.update();
}
if (choice == "entity")
this._calculateEntityWiseAsmtScore(assessmentResult);
else if (choice == "aggregate")
this._calculateReportWiseAsmtScore(assessmentResult);
else if (choice == "statement")
this._calculateStmtWiseAsmtScore(assessmentResult);
var latestRecord = new GlideRecord('sn_risk_advanced_risk_assessment_result');
latestRecord.get(assessmentResult.getUniqueValue());
if (latestRecord.isValid()) {
if (latestRecord.status == '3') {
assessmentResult.setValue('status', '2');
} else if (latestRecord.status == '1') {
assessmentResult.setValue('status', '1');
}
assessmentResult.update();
}
}
},
_calculateEntityWiseAsmtScore: function(assessmentResult) {
var assessmentTypes = this._getAssessmentTypeIds({}, assessmentResult.risk_assessment_methodology);
var downstreamProfiles = [];
if (assessmentResult.entity.active) {
downstreamProfiles = new sn_grc.GRCProfileLists().getValidDownstreamProfileIDs(assessmentResult.entity);
downstreamProfiles.push(assessmentResult.entity);
}
this._performCalculation(assessmentResult, 'entity_1', downstreamProfiles, '', '', assessmentTypes);
},
_calculateStmtWiseAsmtScore: function(assessmentResult) {
var assessmentTypes = this._getAssessmentTypeIds({}, assessmentResult.risk_assessment_methodology);
var childrenRiskStatements = new sn_risk_advanced.RiskUtilities().getRiskStatementsHierarchy(assessmentResult.statement + '');
this._performCalculation(assessmentResult, 'risk.statement', childrenRiskStatements, '', '', assessmentTypes);
},
_calculateReportWiseAsmtScore: function(assessmentResult) {
var assessmentTypes = this._getAssessmentTypeIds({}, assessmentResult.risk_assessment_methodology);
var childrenRiskStatements = [],
downstreamProfiles = [];
if (assessmentResult.entity.active) {
new sn_risk_advanced.RiskUtilities().getRiskStatementChildren(assessmentResult.statement, childrenRiskStatements);
childrenRiskStatements.push(assessmentResult.statement);
downstreamProfiles = new sn_grc.GRCProfileLists().getValidDownstreamProfileIDs(assessmentResult.entity);
downstreamProfiles.push(assessmentResult.entity);
}
this._performCalculation(assessmentResult, 'risk.statement', childrenRiskStatements, 'entity_1', downstreamProfiles, assessmentTypes);
},
_performCalculation: function(result, fieldName1, fieldValueArray1, fieldName2, fieldValueArray2, assessmentTypes) {
var scoringUtils = new sn_risk_advanced.RiskAssessmentScoringUtils();
if (assessmentTypes.inherent) {
this._performInherentCalculation(result, fieldName1, fieldValueArray1, fieldName2, fieldValueArray2, assessmentTypes);
}
if (assessmentTypes.control) {
this._performControlCalculation(result, fieldName1, fieldValueArray1, fieldName2, fieldValueArray2, assessmentTypes);
}
if (assessmentTypes.residual) {
this._performResidualCalculation(result, fieldName1, fieldValueArray1, fieldName2, fieldValueArray2, assessmentTypes);
}
if (assessmentTypes.target) {
this._performTargetCalculation(result, fieldName1, fieldValueArray1, fieldName2, fieldValueArray2, assessmentTypes);
}
},
_performInherentCalculation: function(result, fieldName1, fieldValueArray1, fieldName2, fieldValueArray2, assessmentTypes) {
var scoringUtils = new sn_risk_advanced.RiskAssessmentScoringUtils();
var aggregatedScore = result.risk_assessment_methodology.risk_assessment_score;
var aggregatedALE = result.risk_assessment_methodology.risk_assessment_ale;
var instance = new GlideAggregate("sn_risk_advanced_risk_assessment_instance");
instance.addQuery(fieldName1, "IN", fieldValueArray1);
if (fieldName2 != '')
instance.addQuery(fieldName2, "IN", fieldValueArray2);
instance.addQuery('risk_assessment_methodology', result.risk_assessment_methodology);
instance.addQuery('state', '7');
instance.addQuery('active', true);
instance.addAggregate('MIN', 'final_inherent_ale');
instance.addAggregate('MIN', 'final_inherent_score');
instance.addAggregate('SUM', 'final_inherent_ale');
instance.addAggregate('SUM', 'final_inherent_score');
instance.addAggregate('AVG', 'final_inherent_ale');
instance.addAggregate('AVG', 'final_inherent_score');
instance.addAggregate('MAX', 'final_inherent_ale');
instance.addAggregate('MAX', 'final_inherent_score');
instance.groupBy('risk_assessment_methodology');
instance.query();
if (instance.next()) {
result.min_inherent_ale = parseFloat(instance.getAggregate('MIN', 'final_inherent_ale')).toFixed(2);
result.max_inherent_ale = parseFloat(instance.getAggregate('MAX', 'final_inherent_ale')).toFixed(2);
result.avg_inherent_ale = parseFloat(instance.getAggregate('AVG', 'final_inherent_ale')).toFixed(2);
result.sum_inherent_ale = parseFloat(instance.getAggregate('SUM', 'final_inherent_ale')).toFixed(2);
result.inherent_ale = parseFloat(instance.getAggregate(aggregatedALE, 'final_inherent_ale')).toFixed(2);
result.min_inherent_score = parseFloat(instance.getAggregate('MIN', 'final_inherent_score')).toFixed(2);
result.max_inherent_score = parseFloat(instance.getAggregate('MAX', 'final_inherent_score')).toFixed(2);
result.avg_inherent_score = parseFloat(instance.getAggregate('AVG', 'final_inherent_score')).toFixed(2);
result.sum_inherent_score = parseFloat(instance.getAggregate('SUM', 'final_inherent_score')).toFixed(2);
result.inherent_score = parseFloat(instance.getAggregate(aggregatedScore, 'final_inherent_score')).toFixed(2);
result.inherent_rating = scoringUtils.getRatingScore(assessmentTypes.inherent, result.inherent_score);
} else {
result.min_inherent_ale = '';
result.max_inherent_ale = '';
result.avg_inherent_ale = '';
result.sum_inherent_ale = '';
result.inherent_ale = '';
result.min_inherent_score = '';
result.max_inherent_score = '';
result.avg_inherent_score = '';
result.sum_inherent_score = '';
result.inherent_score = '';
result.inherent_rating = '';
}
},
_performControlCalculation: function(result, fieldName1, fieldValueArray1, fieldName2, fieldValueArray2, assessmentTypes) {
var scoringUtils = new sn_risk_advanced.RiskAssessmentScoringUtils();
var aggregatedScore = result.risk_assessment_methodology.risk_assessment_score;
var instance = new GlideAggregate("sn_risk_advanced_risk_assessment_instance");
instance.addQuery(fieldName1, "IN", fieldValueArray1);
if (fieldName2 != '')
instance.addQuery(fieldName2, "IN", fieldValueArray2);
instance.addQuery('risk_assessment_methodology', result.risk_assessment_methodology);
instance.addQuery('state', '7');
instance.addQuery('active', true);
instance.addQuery('mitigating_controls_to_assess', false);
instance.addAggregate('MIN', 'final_control_score');
instance.addAggregate('AVG', 'final_control_score');
instance.addAggregate('MAX', 'final_control_score');
instance.addAggregate('SUM', 'final_control_score');
instance.groupBy('risk_assessment_methodology');
instance.query();
if (instance.next()) {
result.min_control_score = parseFloat(instance.getAggregate('MIN', 'final_control_score')).toFixed(2);
result.max_control_score = parseFloat(instance.getAggregate('MAX', 'final_control_score')).toFixed(2);
result.avg_control_score = parseFloat(instance.getAggregate('AVG', 'final_control_score')).toFixed(2);
result.sum_control_score = parseFloat(instance.getAggregate('SUM', 'final_control_score')).toFixed(2);
result.control_score = parseFloat(instance.getAggregate(aggregatedScore, 'final_control_score')).toFixed(2);
result.control_rating = scoringUtils.getRatingScore(assessmentTypes.control, result.control_score);
} else {
result.min_control_score = '';
result.max_control_score = '';
result.avg_control_score = '';
result.sum_control_score = '';
result.control_score = '';
result.control_rating = '';
}
},
_performResidualCalculation: function(result, fieldName1, fieldValueArray1, fieldName2, fieldValueArray2, assessmentTypes) {
var scoringUtils = new sn_risk_advanced.RiskAssessmentScoringUtils();
var aggregatedScore = result.risk_assessment_methodology.risk_assessment_score;
var aggregatedALE = result.risk_assessment_methodology.risk_assessment_ale;
var instance = new GlideAggregate("sn_risk_advanced_risk_assessment_instance");
instance.addQuery(fieldName1, "IN", fieldValueArray1);
if (fieldName2 != '')
instance.addQuery(fieldName2, "IN", fieldValueArray2);
instance.addQuery('risk_assessment_methodology', result.risk_assessment_methodology);
instance.addQuery('state', '7');
instance.addQuery('active', true);
instance.addQuery('residual_risk_not_applicable', false);
instance.addAggregate('MIN', 'final_residual_ale');
instance.addAggregate('MIN', 'final_residual_score');
instance.addAggregate('AVG', 'final_residual_ale');
instance.addAggregate('AVG', 'final_residual_score');
instance.addAggregate('MAX', 'final_residual_ale');
instance.addAggregate('MAX', 'final_residual_score');
instance.addAggregate('SUM', 'final_residual_ale');
instance.addAggregate('SUM', 'final_residual_score');
instance.groupBy('risk_assessment_methodology');
instance.query();
if (instance.next()) {
result.min_residual_ale = parseFloat(instance.getAggregate('MIN', 'final_residual_ale')).toFixed(2);
result.max_residual_ale = parseFloat(instance.getAggregate('MAX', 'final_residual_ale')).toFixed(2);
result.avg_residual_ale = parseFloat(instance.getAggregate('AVG', 'final_residual_ale')).toFixed(2);
result.sum_residual_ale = parseFloat(instance.getAggregate('SUM', 'final_residual_ale')).toFixed(2);
result.residual_ale = parseFloat(instance.getAggregate(aggregatedALE, 'final_residual_ale')).toFixed(2);
result.min_residual_score = parseFloat(instance.getAggregate('MIN', 'final_residual_score')).toFixed(2);
result.max_residual_score = parseFloat(instance.getAggregate('MAX', 'final_residual_score')).toFixed(2);
result.avg_residual_score = parseFloat(instance.getAggregate('AVG', 'final_residual_score')).toFixed(2);
result.sum_residual_score = parseFloat(instance.getAggregate('SUM', 'final_residual_score')).toFixed(2);
result.residual_score = parseFloat(instance.getAggregate(aggregatedScore, 'final_residual_score')).toFixed(2);
result.residual_rating = scoringUtils.getRatingScore(assessmentTypes.residual, result.residual_score);
} else {
result.min_residual_ale = '';
result.max_residual_ale = '';
result.avg_residual_ale = '';
result.sum_residual_ale = '';
result.residual_ale = '';
result.min_residual_score = '';
result.max_residual_score = '';
result.avg_residual_score = '';
result.sum_residual_score = '';
result.residual_score = '';
result.residual_rating = '';
}
},
_performTargetCalculation: function(result, fieldName1, fieldValueArray1, fieldName2, fieldValueArray2, assessmentTypes) {
var scoringUtils = new sn_risk_advanced.RiskAssessmentScoringUtils();
var aggregatedScore = result.risk_assessment_methodology.risk_assessment_score;
var aggregatedALE = result.risk_assessment_methodology.risk_assessment_ale;
var instance = new GlideAggregate("sn_risk_advanced_risk_assessment_instance");
instance.addQuery(fieldName1, "IN", fieldValueArray1);
if (fieldName2 != '')
instance.addQuery(fieldName2, "IN", fieldValueArray2);
instance.addQuery('risk_assessment_methodology', result.risk_assessment_methodology);
instance.addQuery('state', '7');
instance.addQuery('active', true);
instance.addAggregate('MIN', 'final_target_ale');
instance.addAggregate('MIN', 'final_target_score');
instance.addAggregate('SUM', 'final_target_ale');
instance.addAggregate('SUM', 'final_target_score');
instance.addAggregate('AVG', 'final_target_ale');
instance.addAggregate('AVG', 'final_target_score');
instance.addAggregate('MAX', 'final_target_ale');
instance.addAggregate('MAX', 'final_target_score');
instance.groupBy('risk_assessment_methodology');
instance.query();
if (instance.next()) {
result.min_target_ale = parseFloat(instance.getAggregate('MIN', 'final_target_ale')).toFixed(2);
result.max_target_ale = parseFloat(instance.getAggregate('MAX', 'final_target_ale')).toFixed(2);
result.avg_target_ale = parseFloat(instance.getAggregate('AVG', 'final_target_ale')).toFixed(2);
result.sum_target_ale = parseFloat(instance.getAggregate('SUM', 'final_target_ale')).toFixed(2);
result.target_ale = parseFloat(instance.getAggregate(aggregatedALE, 'final_target_ale')).toFixed(2);
result.min_target_score = parseFloat(instance.getAggregate('MIN', 'final_target_score')).toFixed(2);
result.max_target_score = parseFloat(instance.getAggregate('MAX', 'final_target_score')).toFixed(2);
result.avg_target_score = parseFloat(instance.getAggregate('AVG', 'final_target_score')).toFixed(2);
result.sum_target_score = parseFloat(instance.getAggregate('SUM', 'final_target_score')).toFixed(2);
result.target_score = parseFloat(instance.getAggregate(aggregatedScore, 'final_target_score')).toFixed(2);
result.target_rating = scoringUtils.getRatingScore(assessmentTypes.target, result.target_score);
} else {
result.min_target_ale = '';
result.max_target_ale = '';
result.avg_target_ale = '';
result.sum_target_ale = '';
result.target_ale = '';
result.min_target_score = '';
result.max_target_score = '';
result.avg_target_score = '';
result.sum_target_score = '';
result.target_score = '';
result.target_rating = '';
}
},
_getRatingDisplay: function(ratingId, score) {
var ratingCriteria = new GlideRecord('sn_risk_advanced_rating_criteria');
ratingCriteria.get(ratingId);
return ratingCriteria.rating + " (Score: " + score + ")";
},
getContributingRiskAsmts: function(report) {
return this._getContributingRiskAsmts(report);
},
_getContributingRiskAsmts: function(report) {
var instance = new GlideRecord("sn_risk_advanced_risk_assessment_instance");
var childrenRiskStatements = [],
downStreamProfiles = [];
if (report.entity == '' || (report.entity != '' && report.entity.active)) {
if (report.statement != '') {
new sn_risk_advanced.RiskUtilities().getRiskStatementChildren(report.statement, childrenRiskStatements);
childrenRiskStatements.push(report.statement);
instance.addQuery('risk.statement', "IN", childrenRiskStatements);
}
if (report.entity != '') {
downStreamProfiles = new sn_grc.GRCProfileLists().getValidDownstreamProfileIDs(report.entity);
downStreamProfiles.push(report.entity);
instance.addQuery('entity_1', "IN", downStreamProfiles);
}
} else {
instance.addQuery('risk.statement', "IN", childrenRiskStatements);
instance.addQuery('entity_1', "IN", downStreamProfiles);
}
instance.addQuery('risk_assessment_methodology', report.risk_assessment_methodology);
instance.addQuery('state', '7');
instance.addQuery('active', true);
instance.query();
var assessmentIds = [];
while (instance.next()) {
assessmentIds.push(instance.getUniqueValue());
}
return assessmentIds + "";
},
_isActive: function(table, sysId) {
var gr = new GlideRecord(table);
gr.addQuery('sys_id', sysId);
gr.addActiveQuery();
gr.query();
return gr.hasNext();
},
_handleRiskDeletion: function(entityId, stmt, instances, ramIDs) {
this._handleRiskStatementResults(stmt, instances, ramIDs);
this._handleEntityResults(entityId, instances, ramIDs);
},
_handleRiskStatementResults: function(stmt, instances, ramIDs) {
if (!this._isRecordExists('sn_risk_definition', stmt))
return;
var riskStatements = [];
riskStatements.push(stmt);
new sn_risk_advanced.RiskUtilities().getRiskStatementAncestors(stmt, riskStatements);
for (var i = 0; i < riskStatements.length; i++) {
for (var j = 0; j < ramIDs.length; j++) {
var riskStmtChildren = [riskStatements[i]];
new sn_risk_advanced.RiskUtilities().getRiskStatementChildren(riskStatements[i], riskStmtChildren);
var instance = new GlideAggregate("sn_risk_advanced_risk_assessment_instance");
instance.addQuery('risk_assessment_methodology', ramIDs[j]);
instance.addQuery('active', true);
instance.addQuery('sys_id', 'NOT IN', instances);
instance.addQuery('risk.statement', 'IN', riskStmtChildren);
instance.addAggregate('COUNT');
instance.query();
if (instance.next()) {
var noOfInstances = parseInt(instance.getAggregate('COUNT'));
this._updateOrDeleteAssessmentResult(ramIDs[j], 'statement=' + riskStatements[i], noOfInstances, 'entity');
}
}
}
},
_handleEntityResults: function(entityId, instances, ramIDs) {
if (!this._isRecordExists('sn_grc_profile', entityId))
return;
var upstreamProfiles = new sn_grc.GRCProfileLists().getValidUpstreamProfileIDs(entityId);
upstreamProfiles.unshift(entityId);
for (var i = 0; i < upstreamProfiles.length; i++) {
for (var j = 0; j < ramIDs.length; j++) {
var downStreams = new sn_grc.GRCProfileLists().getValidDownstreamProfileIDs(upstreamProfiles[i]);
var instance = new GlideAggregate("sn_risk_advanced_risk_assessment_instance");
instance.addQuery('active', true);
instance.addQuery('risk_assessment_methodology', ramIDs[j]);
instance.addQuery('sys_id', 'NOT IN', instances);
instance.addQuery('entity_1', 'IN', downStreams);
instance.addAggregate('COUNT');
instance.query();
if (instance.next()) {
var noOfInstances = parseInt(instance.getAggregate('COUNT'));
this._updateOrDeleteAssessmentResult(ramIDs[j], 'entity=' + upstreamProfiles[i], noOfInstances, 'statement');
}
}
}
},
_updateOrDeleteAssessmentResult: function(ramId, condition, count, field) {
if (!this._isRamInPublishedState(ramId))
return;
var gr = new GlideRecord('sn_risk_advanced_risk_assessment_result');
gr.addQuery('risk_assessment_methodology', ramId);
gr.addEncodedQuery(condition + '^' + field + 'ISEMPTY');
gr.query();
while (gr.next()) {
if (count > 0) {
gr.status = '1';
gr.update();
} else {
gr.deleteRecord();
}
}
gr.initialize();
gr.addEncodedQuery(condition + '^' + field + 'ISNOTEMPTY');
gr.addQuery('risk_assessment_methodology', ramId);
gr.query();
while (gr.next()) {
gr.status = '1';
gr.update();
}
},
_isRecordExists: function(table, sysId) {
var gr = new GlideRecord(table);
return gr.get(sysId);
},
_isRamInPublishedState: function(ramId) {
var ram = new GlideRecord('sn_risk_advanced_risk_assessment_methodology');
ram.get(ramId);
return ram.state == '2';
},
type: 'RiskRollupUtilsBase'
};
Sys ID
43a2296273350010ec95d11ee2f6a7ee