Name
sn_risk_advanced.RiskUtilityBase
Description
Script Include with Risk Utilities Base
Script
var RiskUtilityBase = Class.create();
RiskUtilityBase.prototype = {
initialize: function() {},
getProfilesWithNoReport: function() {
return this._getProfilesWithNoReport();
},
recalculateToleranceForPropertyChange: function() {
this._recalculateToleranceForPropertyChange();
},
getRiskStatementsHierarchy: function(statement) {
return this._getRiskStatementsHierarchy(statement);
},
_recalculateToleranceForPropertyChange: function() {
if (gs.getProperty('sn_risk_advanced.migrate_to_advanced_risk') == 'false') {
var statements = new GlideRecord('sn_risk_definition');
statements.query();
while (statements.next()) {
this.calculateRiskToleranceFieldValues(statements);
statements.update();
}
var profiles = new GlideRecord('sn_grc_profile');
profiles.query();
while (profiles.next()) {
this.calculateRiskToleranceStatusOfProfile(profiles);
profiles.update();
}
var reports = new GlideRecord('sn_risk_advanced_risk_report');
reports.query();
while (reports.next()) {
this.calculateRiskToleranceOfReport(reports);
reports.update();
}
}
},
_getProfilesWithNoReport: function() {
var profiles = [];
var report_definition = new GlideRecord('sn_risk_advanced_risk_report_definition');
report_definition.query();
while (report_definition.next()) {
profiles.push(report_definition.profile + '');
}
return "sys_idNOT IN" + profiles;
},
getRiskStatementAncestors: function(risk_statement, statements) {
return this._getRiskStatementAncestors(risk_statement, statements);
},
isComplianceInstalled: function() {
return this._isComplianceInstalled();
},
_isComplianceInstalled: function() {
return GlidePluginManager.isActive('sn_compliance') || GlidePluginManager.isActive('com.sn_compliance');
},
_getRiskStatementAncestors: function(risk_statement, statements) {
var statement = new GlideRecord('sn_risk_definition');
statement.get(risk_statement);
if (statement.parent) {
statements.push(statement.parent + '');
return this.getRiskStatementAncestors(statement.parent, statements);
}
return;
},
getRiskStatementChildren: function(risk_statement, statements) {
return this._getRiskStatementChildren(risk_statement, statements);
},
_getRiskStatementChildren: function(risk_statement, statements) {
var parents = [risk_statement];
var immediateChildren = [];
this.getChildrenRiskStatementsBfs(parents, immediateChildren, statements);
},
getChildrenRiskStatementsBfs: function(parents, immediateChildren, children) {
return this._getChildrenRiskStatementsBfs(parents, immediateChildren, children);
},
_getChildrenRiskStatementsBfs: function(parents, immediateChildren, children) {
if (parents.length == 0) {
return;
}
var statement = new GlideRecord('sn_risk_definition');
statement.addQuery('parent', 'IN', parents);
statement.query();
while (statement.next()) {
immediateChildren.push(statement.getUniqueValue());
children.push(statement.getUniqueValue());
}
return this.getChildrenRiskStatementsBfs(immediateChildren, [], children);
},
calculateRiskScoreOfRiskStatement: function(risk_statement_instance) {
return this._calculateRiskScoreOfRiskStatement(risk_statement_instance);
},
_calculateRiskScoreOfRiskStatement: function(risk_statement_instance) {
var statements = [];
var currencyCode = risk_statement_instance.maximum_calculated_ale.getReferenceCurrencyCode();
var min = 0,
max = 0,
avg = 0,
sum = 0;
if (risk_statement_instance.leaf == true) {
statements.push(risk_statement_instance.getUniqueValue());
} else {
statements = this._getRiskStatementsHierarchy(risk_statement_instance.getUniqueValue());
}
var risks = new GlideAggregate("sn_risk_risk");
risks.addQuery('statement', 'IN', statements);
risks.addQuery('state', 'monitor');
risks.addAggregate('SUM', 'calculated_ale');
risks.addAggregate('MIN', 'calculated_ale');
risks.addAggregate('AVG', 'calculated_ale');
risks.addAggregate('MAX', 'calculated_ale');
risks.groupBy('active');
risks.query();
var hasRisks = false;
if (risks.next()) {
hasRisks = true;
min = parseFloat(risks.getAggregate('MIN', 'calculated_ale')).toFixed(2);
max = parseFloat(risks.getAggregate('MAX', 'calculated_ale')).toFixed(2);
avg = parseFloat(risks.getAggregate('AVG', 'calculated_ale')).toFixed(2);
sum = parseFloat(risks.getAggregate('SUM', 'calculated_ale')).toFixed(2);
}
risk_statement_instance.maximum_calculated_ale.setValue(currencyCode + ';' + max);
risk_statement_instance.average_calculated_ale.setValue(currencyCode + ';' + avg);
risk_statement_instance.minimum_calculated_ale.setValue(currencyCode + ';' + min);
risk_statement_instance.sum_of_calculated_ale.setValue(currencyCode + ';' + sum);
var choices = this._getchoices();
if (hasRisks) {
this._updateRiskToleranceFieldValues(risk_statement_instance, choices);
this._setRiskRating(risk_statement_instance);
} else {
risk_statement_instance.setValue('tolerance_status', choices[3]);
risk_statement_instance.calculated_score = '';
}
},
getLeafChildrenRiskStatements: function(risk_statement, statements) {
return this._getLeafChildrenRiskStatements(risk_statement, statements);
},
_getLeafChildrenRiskStatements: function(risk_statement, statements) {
var parents = [risk_statement];
var immediateChildren = [];
this.getLeafStatementsBfs(parents, immediateChildren, statements);
},
getLeafStatementsBfs: function(parents, immediateChildren, leaves) {
return this._getLeafStatementsBfs(parents, immediateChildren, leaves);
},
_getLeafStatementsBfs: function(parents, immediateChildren, leaves) {
if (parents.length == 0) {
return;
}
var statement = new GlideRecord('sn_risk_definition');
statement.addQuery('parent', 'IN', parents);
statement.query();
while (statement.next()) {
immediateChildren.push(statement.getUniqueValue());
if (statement.leaf == true) {
leaves.push(statement.getUniqueValue());
}
}
return this.getLeafStatementsBfs(immediateChildren, [], leaves);
},
markRiskStatementsDirty: function(statements) {
return this._markRiskStatementsDirty(statements);
},
_markRiskStatementsDirty: function(statements) {
var risk_statements = new GlideRecord('sn_risk_definition');
risk_statements.addQuery('sys_id', 'IN', statements);
risk_statements.addEncodedQuery("statusNOT IN1");
risk_statements.query();
risk_statements.setValue('status', '1');
risk_statements.updateMultiple();
return;
},
markReportsDirtyByRS: function(statements) {
return this._markReportsDirtyByRS(statements);
},
_markReportsDirtyByRS: function(statements) {
var reports = new GlideRecord('sn_risk_advanced_risk_report');
reports.addQuery('risk_statement', 'IN', statements);
reports.addEncodedQuery("statusNOT IN1");
reports.query();
reports.setValue('status', '1');
reports.updateMultiple();
return;
},
markReportsDirty: function(statements, profiles) {
return this._markReportsDirty(statements, profiles);
},
_markReportsDirty: function(statements, profiles) {
var reports = new GlideRecord('sn_risk_advanced_risk_report');
reports.addQuery('risk_statement', 'IN', statements);
reports.addQuery("report_definition.profile", 'IN', profiles);
reports.addEncodedQuery("statusNOT IN1");
reports.query();
reports.setValue('status', '1');
reports.updateMultiple();
return;
},
_calculateRiskScoreOfProfile: function(profileInstance) {
var downstreamProfiles = this._getRelatedProfiles(profileInstance);
this._updateRiskScoresOfProfile(profileInstance, downstreamProfiles);
},
_updateRiskScoresOfProfile: function(profileInstance, relatedProfiles) {
var min = 0,
max = 0,
avg = 0,
sum = 0;
var currencyCode = profileInstance.max_calculated_ale.getReferenceCurrencyCode();
if (profileInstance.active && relatedProfiles.length != 0) {
var risks = new GlideAggregate("sn_risk_risk");
risks.addQuery("profile", "IN", relatedProfiles);
risks.addQuery('state', 'monitor');
risks.addAggregate('SUM', 'calculated_ale');
risks.addAggregate('MIN', 'calculated_ale');
risks.addAggregate('AVG', 'calculated_ale');
risks.addAggregate('MAX', 'calculated_ale');
risks.groupBy('active');
risks.query();
var choices = this._getchoices();
if (risks.next()) {
min = parseFloat(risks.getAggregate('MIN', 'calculated_ale')).toFixed(2);
max = parseFloat(risks.getAggregate('MAX', 'calculated_ale')).toFixed(2);
avg = parseFloat(risks.getAggregate('AVG', 'calculated_ale')).toFixed(2);
sum = parseFloat(risks.getAggregate('SUM', 'calculated_ale')).toFixed(2);
var aggrObject = {};
aggrObject.max_calculate_ale = max;
aggrObject.min_calculate_ale = min;
aggrObject.avg_calculate_ale = avg;
aggrObject.sum_calculate_ale = sum;
this.setRiskToleranceStatusOfProfile(profileInstance, aggrObject);
this.setRiskRatingOfProfile(profileInstance, aggrObject, currencyCode);
} else {
profileInstance.setValue('tolerance_status', choices[3]);
profileInstance.calculated_score = "";
}
}
profileInstance.max_calculated_ale.setValue(currencyCode + ';' + max);
profileInstance.avg_calculated_ale.setValue(currencyCode + ';' + avg);
profileInstance.min_calculated_ale.setValue(currencyCode + ';' + min);
profileInstance.sum_of_calculated_ale.setValue(currencyCode + ';' + sum);
},
updateChildren: function(risk_statement, risk_hierarchy_to_set, level_to_set) {
return this._updateChildren(risk_statement, risk_hierarchy_to_set, level_to_set);
},
_updateChildren: function(risk_statement, risk_hierarchy_to_set, level_to_set) {
var statement = new GlideRecord('sn_risk_definition');
statement.addQuery('parent', risk_statement);
statement.query();
while (statement.next()) {
statement.setValue('risk_hierarchy', risk_hierarchy_to_set);
statement.setValue('level', level_to_set);
var hierarchy_to_set_children = statement.risk_hierarchy ? statement.risk_hierarchy + ',' + statement.getUniqueValue() : statement.getUniqueValue();
var level_to_set_children = statement.level + 1;
this.updateChildren(statement.getUniqueValue(), hierarchy_to_set_children, level_to_set_children);
statement.update();
}
},
markProfilesDirty: function(profileIDs) {
this._markProfilesDirty(profileIDs);
},
_markProfilesDirty: function(profileIDs) {
var profiles = new GlideRecord("sn_grc_profile");
profiles.addQuery("sys_id", 'IN', profileIDs);
profiles.addEncodedQuery("statusNOT IN1");
profiles.query();
profiles.setValue('status', '1');
profiles.updateMultiple();
},
markReportsDirtyByProfiles: function(profileIDs) {
this._markReportsDirtyByProfiles(profileIDs);
},
_markReportsDirtyByProfiles: function(profileIDs) {
var report = new GlideRecord("sn_risk_advanced_risk_report");
report.addQuery("report_definition.profile", 'IN', profileIDs);
report.addEncodedQuery("statusNOT IN1");
report.query();
report.setValue('status', '1');
report.updateMultiple();
},
_getRelatedProfiles: function(profileInstance) {
var downstreamProfiles = [];
if (profileInstance.active) {
downstreamProfiles = new sn_grc.GRCProfileLists().getValidDownstreamProfileIDs(profileInstance.getUniqueValue());
}
return downstreamProfiles;
},
_calculateRiskScoreForReport: function(gr) {
var currencyCode = gr.maximum_calculated_ale.getReferenceCurrencyCode();
var min = 0,
max = 0,
avg = 0,
sum = 0;
var profileInstance = new GlideRecord("sn_grc_profile");
profileInstance.get(gr.report_definition.profile + '');
var downstreamProfiles = this._getRelatedProfiles(profileInstance);
var hasRisks = false;
if (downstreamProfiles.length != 0) {
var downstreamRiskstatements = [];
if (gr.risk_statement.leaf) {
downstreamRiskstatements.push(gr.risk_statement + '');
} else {
downstreamRiskstatements = this._getRiskStatementsHierarchy(gr.risk_statement + '');
}
var risks = new GlideAggregate('sn_risk_risk');
risks.addAggregate('SUM', 'calculated_ale');
risks.addAggregate('MIN', 'calculated_ale');
risks.addAggregate('AVG', 'calculated_ale');
risks.addAggregate('MAX', 'calculated_ale');
risks.addQuery('profile', 'IN', downstreamProfiles);
risks.addQuery('statement', 'IN', downstreamRiskstatements);
risks.addQuery('state', 'monitor');
risks.groupBy('active');
risks.query();
if (risks.next()) {
min = parseFloat(risks.getAggregate('MIN', 'calculated_ale')).toFixed(2);
max = parseFloat(risks.getAggregate('MAX', 'calculated_ale')).toFixed(2);
avg = parseFloat(risks.getAggregate('AVG', 'calculated_ale')).toFixed(2);
sum = parseFloat(risks.getAggregate('SUM', 'calculated_ale')).toFixed(2);
hasRisks = true;
}
}
gr.maximum_calculated_ale.setValue(currencyCode + ';' + max);
gr.average_calculated_ale.setValue(currencyCode + ';' + avg);
gr.minimum_calculated_ale.setValue(currencyCode + ';' + min);
gr.sum_of_calculated_ale.setValue(currencyCode + ';' + sum);
var choices = this._getchoices();
if (hasRisks) {
this._updateRiskToleranceFieldValues(gr, choices);
this._setRiskRating(gr);
} else {
gr.setValue('tolerance_status', choices[3]);
gr.calculated_score = '';
}
},
refreshRiskScores: function(tableName) {
this._refreshRiskScores(tableName);
},
//Get all the records of input table which are in Not Updated/Processing state, change state to Processing(those which are in Not Updated state), calculate their scores. For the records which are still in Processing state after risk score calculation, change state to Updated
_refreshRiskScores: function(tableName) {
var record = new GlideRecord(tableName);
record.addEncodedQuery("statusIN1,3");
record.query();
while (record.next()) {
if (record.status == '1') {
record.setValue("status", '3');
record.update();
}
if (tableName == "sn_grc_profile")
this._calculateRiskScoreOfProfile(record);
else if (tableName == "sn_risk_advanced_risk_report")
this._calculateRiskScoreForReport(record);
else if (tableName == "sn_risk_definition")
this._calculateRiskScoreOfRiskStatement(record);
var latestRecord = new GlideRecord(tableName);
latestRecord.get(record.getUniqueValue());
if (latestRecord.isValid()) {
if (latestRecord.status == '3') {
record.setValue('status', '2');
} else if (latestRecord.status == '1') {
record.setValue('status', '1');
}
record.update();
}
}
},
getContributingRisks: function(report) {
return this._getContributingRisksQuery(report);
},
_getContributingRisksQuery: function(report) {
var risks = this._getContributingRisks(report);
return 'sn_risk_risk_list.do?sysparm_query=' + risks.getEncodedQuery();
},
_getContributingRisks: function(report) {
var profileInstance = new GlideRecord("sn_grc_profile");
profileInstance.get(report.report_definition.profile + '');
var downstreamProfiles = this._getRelatedProfiles(profileInstance);
var downstreamRiskstatements = [];
if (report.risk_statement.leaf) {
downstreamRiskstatements.push(report.risk_statement + '');
} else {
downstreamRiskstatements = this._getRiskStatementsHierarchy(report.risk_statement + '');
}
var risks = new GlideRecord("sn_risk_risk");
risks.addQuery("profile", "IN", downstreamProfiles);
risks.addQuery("content", "IN", downstreamRiskstatements);
risks.addQuery('state', 'monitor');
risks.query();
return risks;
},
markAncestorRiskStatementsDirtyonDeletion: function(current) {
return this._markAncestorRiskStatementsDirtyonDeletion(current);
},
_markAncestorRiskStatementsDirtyonDeletion: function(current) {
if (current.parent) {
var risk_statements = [];
risk_statements.push(current.parent + '');
this.getRiskStatementAncestors(current.parent, risk_statements);
var json = {
statements: risk_statements
};
gs.eventQueue('sn_risk_advanced.mark_risk_statement_dir', null, JSON.stringify(json), null, 'sn_risk_advanced.rollup_queue');
}
},
markAncestorRiskStatementsDirtyonParentUpdate: function(current, previous) {
return this._markAncestorRiskStatementsDirtyonParentUpdate(current, previous);
},
_markAncestorRiskStatementsDirtyonParentUpdate: function(current, previous) {
var risk_statements;
var json;
if (current.parent) {
risk_statements = [];
risk_statements.push(current.parent + '');
this.getRiskStatementAncestors(current.parent, risk_statements);
json = {
"statements": risk_statements
};
gs.eventQueue('sn_risk_advanced.mark_risk_statement_dir', current, JSON.stringify(json), null, 'sn_risk_advanced.rollup_queue');
}
if (previous.parent) {
risk_statements = [];
risk_statements.push(previous.parent + '');
this.getRiskStatementAncestors(previous.parent, risk_statements);
json = {
statements: risk_statements
};
gs.eventQueue('sn_risk_advanced.mark_risk_statement_dir', current, JSON.stringify(json), null, 'sn_risk_advanced.rollup_queue');
}
},
updateHierarchyRelatedFieldsOnDeletion: function(current) {
return this._updateHierarchyRelatedFieldsOnDeletion(current);
},
_updateHierarchyRelatedFieldsOnDeletion: function(current) {
var risk_hierarchy_to_set = "";
var level_to_set = 0;
this.updateChildren(current.getUniqueValue(), risk_hierarchy_to_set, level_to_set);
},
updateHierarchyRelatedFieldsOnParentUpdate: function(current) {
return this._updateHierarchyRelatedFieldsOnParentUpdate(current);
},
_updateHierarchyRelatedFieldsOnParentUpdate: function(current) {
var risk_hierarchy_to_set = current.risk_hierarchy ? current.risk_hierarchy.toString() + ',' + current.getUniqueValue() : current.getUniqueValue();
this.updateChildren(current.getUniqueValue(), risk_hierarchy_to_set, current.level + 1);
},
calculateRiskToleranceOfReport: function(report) {
this._calculateRiskToleranceOfReport(report);
},
_calculateRiskToleranceOfReport: function(report) {
var choices = this._getchoices();
if (this._getContributingRisks(report).hasNext()) {
this._updateRiskToleranceFieldValues(report, choices);
} else {
report.setValue('tolerance_status', choices[3]);
}
},
calculateRiskToleranceFieldValues: function(riskStatement) {
this._calculateRiskToleranceFieldValues(riskStatement);
},
_calculateRiskToleranceFieldValues: function(riskStatement) {
var choices = this._getchoices();
if (this.areRisksAssociatedWithRS(riskStatement)) {
this._updateRiskToleranceFieldValues(riskStatement, choices);
} else {
riskStatement.setValue('tolerance_status', choices[3]);
}
},
areRisksAssociatedWithRS: function(riskStatement) {
return this._areRisksAssociatedWithRS(riskStatement);
},
_areRisksAssociatedWithRS: function(riskStatement) {
var statements = [];
if (riskStatement.leaf == true)
statements.push(riskStatement.getUniqueValue());
else
statements = this._getRiskStatementsHierarchy(riskStatement.getUniqueValue());
var risks = new GlideAggregate("sn_risk_risk");
risks.addAggregate('COUNT');
risks.addQuery('statement', 'IN', statements);
risks.addQuery('state', 'monitor');
risks.groupBy('active');
risks.query();
if (risks.next()) {
var count = risks.getAggregate("COUNT");
if (count > 0) {
return true;
} else {
return false;
}
}
return false;
},
_updateRiskToleranceFieldValues: function(riskStatement, choices) {
var calculated_ale;
var expected_ale = parseFloat(riskStatement.expected_ale.getReferenceValue());
var max_acceptable_ale = parseFloat(riskStatement.max_acceptable_ale.getReferenceValue());
var risk_tolerance_property = gs.getProperty('sn_risk_advanced.risk_tolerance');
if (risk_tolerance_property == 'Average')
calculated_ale = parseFloat(riskStatement.average_calculated_ale.getReferenceValue());
else if (risk_tolerance_property == 'Maximum')
calculated_ale = parseFloat(riskStatement.maximum_calculated_ale.getReferenceValue());
else if (risk_tolerance_property == 'Minimum')
calculated_ale = parseFloat(riskStatement.minimum_calculated_ale.getReferenceValue());
else
calculated_ale = parseFloat(riskStatement.sum_of_calculated_ale.getReferenceValue());
if (calculated_ale <= expected_ale)
riskStatement.setValue('tolerance_status', choices[0]);
else if (calculated_ale > expected_ale && calculated_ale <= max_acceptable_ale)
riskStatement.setValue('tolerance_status', choices[1]);
else if (calculated_ale > max_acceptable_ale)
riskStatement.setValue('tolerance_status', choices[2]);
},
_getchoices: function() {
var acceptableChoice;
var needAttentionChoice;
var unAcceptableChoice;
var notApplicableChoice;
var listofChoices = [];
var choice = new GlideRecord('sn_grc_choice');
choice.addQuery('choice_category', 'tolerance_status');
choice.orderBy('name');
choice.query();
while (choice.next()) {
if (choice.getValue('name') == '1') {
acceptableChoice = choice.getUniqueValue();
listofChoices.push(acceptableChoice);
} else if (choice.getValue('name') == '2') {
needAttentionChoice = choice.getUniqueValue();
listofChoices.push(needAttentionChoice);
} else if (choice.getValue('name') == '3') {
unAcceptableChoice = choice.getUniqueValue();
listofChoices.push(unAcceptableChoice);
} else if (choice.getValue('name') == '4') {
notApplicableChoice = choice.getUniqueValue();
listofChoices.push(notApplicableChoice);
}
}
return listofChoices;
},
calculateRiskToleranceStatusOfProfile: function(profileInstance) {
this._calculateRiskToleranceStatusOfProfile(profileInstance);
},
_calculateRiskToleranceStatusOfProfile: function(profileInstance) {
if (this.isProfileAssessed(profileInstance)) {
var aggrObject = {};
aggrObject.max_calculate_ale = profileInstance.max_calculated_ale.getReferenceValue();
aggrObject.min_calculate_ale = profileInstance.min_calculated_ale.getReferenceValue();
aggrObject.avg_calculate_ale = profileInstance.avg_calculated_ale.getReferenceValue();
aggrObject.sum_calculate_ale = profileInstance.sum_of_calculated_ale.getReferenceValue();
this.setRiskToleranceStatusOfProfile(profileInstance, aggrObject);
} else {
var choices = this._getchoices();
profileInstance.setValue('tolerance_status', choices[3]);
}
},
setRiskToleranceStatusOfProfile: function(profile, aggrObject) {
this._setRiskToleranceStatusOfProfile(profile, aggrObject);
},
_setRiskToleranceStatusOfProfile: function(profile, aggrObject) {
var tolerance_property = gs.getProperty('sn_risk_advanced.risk_tolerance');
if (tolerance_property == "Average")
this._updateRiskToleranceStatusOfProfile(profile, aggrObject.avg_calculate_ale);
else if (tolerance_property == "Maximum")
this._updateRiskToleranceStatusOfProfile(profile, aggrObject.max_calculate_ale);
else if (tolerance_property == "Minimum")
this._updateRiskToleranceStatusOfProfile(profile, aggrObject.min_calculate_ale);
else
this._updateRiskToleranceStatusOfProfile(profile, aggrObject.sum_calculate_ale);
},
_updateRiskToleranceStatusOfProfile: function(profile, calculated_ale) {
var acceptable, unacceptable, needs_attention;
var expected_ale = parseFloat(profile.expected_ale.getReferenceValue());
var max_acceptable_ale = parseFloat(profile.max_acceptable_ale.getReferenceValue());
var choices = this._getchoices();
if (calculated_ale <= expected_ale) {
profile.tolerance_status = choices[0];
} else if (calculated_ale > max_acceptable_ale) {
profile.tolerance_status = choices[2];
} else if (calculated_ale > expected_ale && calculated_ale <= max_acceptable_ale) {
profile.tolerance_status = choices[1];
}
},
populateToleranceFromRiskStatements: function(profileID, aggrParam) {
this._populateToleranceFromRiskStatements(profileID, aggrParam);
},
_populateToleranceFromRiskStatements: function(profileID, aggrParam) {
var expected_ales = [];
var max_acceptable_ales = [];
var content, expected_ale = 0,
max_acceptable_ale = 0;
var curr_code;
var risk = new GlideRecord("sn_risk_risk");
risk.addQuery('profile', profileID);
risk.addQuery('state', '!=', 'retired');
risk.addNotNullQuery('content');
risk.query();
while (risk.next()) {
content = risk.statement;
expected_ale = parseFloat(content.expected_ale.getReferenceValue());
max_acceptable_ale = parseFloat(content.max_acceptable_ale.getReferenceValue());
expected_ales.push(expected_ale);
max_acceptable_ales.push(max_acceptable_ale);
}
this._updateRiskToleranceProfile(expected_ales, max_acceptable_ales, aggrParam, profileID);
},
populateToleranceFromProfiles: function(profileID, aggrParam) {
this._populateToleranceFromProfiles(profileID, aggrParam);
},
_populateToleranceFromProfiles: function(profileID, aggrParam) {
var expected_ales = [];
var max_acceptable_ales = [];
var downstream_profile, expected_ale = 0,
max_acceptable_ale = 0;
var curr_code;
var profilem2m = new GlideRecord("sn_grc_m2m_profile_profile");
profilem2m.addQuery('upstream_profile', profileID);
profilem2m.query();
while (profilem2m.next()) {
downstream_profile = profilem2m.downstream_profile;
if (downstream_profile.active) {
expected_ale = parseFloat(downstream_profile.expected_ale.getReferenceValue());
max_acceptable_ale = parseFloat(downstream_profile.max_acceptable_ale.getReferenceValue());
expected_ales.push(expected_ale);
max_acceptable_ales.push(max_acceptable_ale);
}
}
this._updateRiskToleranceProfile(expected_ales, max_acceptable_ales, aggrParam, profileID);
},
_updateRiskToleranceProfile: function(expected_ales, max_acceptable_ales, aggrParam, profileID) {
var aggrExpectedALE = 0,
aggrMaxAcceptableALE = 0;
var sumFn = function(a, b) {
return a + b;
};
var minFn = function(min, currentValue) {
return (min < currentValue ? min : currentValue);
};
var maxFn = function(max, currentValue) {
return (max > currentValue ? max : currentValue);
};
if (aggrParam == "Average") {
aggrExpectedALE = expected_ales.reduce(sumFn, 0) / expected_ales.length;
aggrMaxAcceptableALE = max_acceptable_ales.reduce(sumFn, 0) / max_acceptable_ales.length;
} else if (aggrParam == "Maximum") {
aggrExpectedALE = expected_ales.reduce(maxFn, Number.MIN_VALUE);
aggrMaxAcceptableALE = max_acceptable_ales.reduce(maxFn, Number.MIN_VALUE);
} else if (aggrParam == "Minimum") {
aggrExpectedALE = expected_ales.reduce(minFn, Number.MAX_VALUE);
aggrMaxAcceptableALE = max_acceptable_ales.reduce(minFn, Number.MAX_VALUE);
} else {
aggrExpectedALE = expected_ales.reduce(sumFn, 0);
aggrMaxAcceptableALE = max_acceptable_ales.reduce(sumFn, 0);
}
var profile = new GlideRecord("sn_grc_profile");
profile.get(profileID);
var currCode = profile.expected_ale.getReferenceCurrencyCode();
profile.expected_ale.setValue(currCode + ";" + aggrExpectedALE);
profile.max_acceptable_ale.setValue(currCode + ";" + aggrMaxAcceptableALE);
profile.update();
},
setRiskRatingOfProfile: function(profile, aggrObject, currencyCode) {
this._setRiskRatingOfProfile(profile, aggrObject, currencyCode);
},
_setRiskRatingOfProfile: function(profile, aggrObject, currencyCode) {
var risk_rating_config = gs.getProperty('sn_risk_advanced.risk_rating_config');
var calculated_ale;
if (risk_rating_config == 'max')
calculated_ale = currencyCode + ';' + aggrObject.max_calculate_ale;
else if (risk_rating_config == 'min')
calculated_ale = currencyCode + ';' + aggrObject.min_calculate_ale;
else
calculated_ale = currencyCode + ';' + aggrObject.avg_calculate_ale;
var crit = this._getRiskCriteria('score', calculated_ale);
if (crit) {
profile.setValue('calculated_score', crit.getUniqueValue());
}
},
_getRiskCriteria: function(type, value) {
//Returns the GlideRecord for a Risk Criteria record for a given currency type
if (value == 'null' || value.toString() == 'null')
return '';
var queryField;
if (type.equals('likelihood')) {
queryField = 'percentage_max_value';
value = parseFloat(value);
} else {
queryField = 'currency_max_value';
value = global.getCurrencyFilter('sn_risk_criteria', 'currency_max_value', value);
}
var crit = new GlideRecord('sn_risk_criteria');
crit.addQuery(queryField, '>=', value);
crit.addQuery('type', type);
crit.orderBy(queryField);
crit.setLimit(1);
crit.query();
if (!crit.hasNext()) {
var maxCrit = new GlideRecord('sn_risk_criteria');
maxCrit.addQuery('type', type);
maxCrit.orderByDesc(queryField);
maxCrit.setLimit(1);
maxCrit.query();
maxCrit.next();
return maxCrit;
} else {
crit.next();
return crit;
}
},
calculateRiskRatingOfStatement: function(riskStatement) {
this._calculateRiskRatingOfStatement(riskStatement);
},
_calculateRiskRatingOfStatement: function(riskStatement) {
if (this.areRisksAssociatedWithRS(riskStatement)) {
this.setRiskRating(riskStatement);
} else {
riskStatement.calculated_score = '';
}
},
calculateRiskRatingOfReport: function(report) {
this._calculateRiskRatingOfReport(report);
},
_calculateRiskRatingOfReport: function(report) {
if (this._getContributingRisks(report).hasNext()) {
this.setRiskRating(report);
} else {
report.calculated_score = '';
}
},
setRiskRating: function(r) {
this._setRiskRating(r);
},
_setRiskRating: function(r) {
var calculated_ale;
var riskRatingConfig = gs.getProperty('sn_risk_advanced.risk_rating_config');
if (riskRatingConfig == 'max')
calculated_ale = r.maximum_calculated_ale.getCurrencyString();
else if (riskRatingConfig == 'min')
calculated_ale = r.minimum_calculated_ale.getCurrencyString();
else
calculated_ale = r.average_calculated_ale.getCurrencyString();
var riskRating = this._getRiskCriteria('score', calculated_ale);
if (riskRating) {
r.setValue('calculated_score', riskRating.getUniqueValue());
}
},
calculateRiskRatingOfProfile: function(profileInstance) {
this._calculateRiskRatingOfProfile(profileInstance);
},
_calculateRiskRatingOfProfile: function(profileInstance) {
if (this.isProfileAssessed(profileInstance)) {
var aggrObject = {};
aggrObject.max_calculate_ale = profileInstance.max_calculated_ale.getReferenceValue();
aggrObject.min_calculate_ale = profileInstance.min_calculated_ale.getReferenceValue();
aggrObject.avg_calculate_ale = profileInstance.avg_calculated_ale.getReferenceValue();
aggrObject.sum_calculate_ale = profileInstance.sum_of_calculated_ale.getReferenceValue();
var currencyCode = profileInstance.max_calculated_ale.getReferenceCurrencyCode();
this.setRiskRatingOfProfile(profileInstance, aggrObject, currencyCode);
} else {
profileInstance.calculated_score = "";
}
},
isProfileAssessed: function(profileInstance) {
return this._isProfileAssessed(profileInstance);
},
_isProfileAssessed: function(profileInstance) {
var isProfileAssessed = false;
var downstream_profiles = new sn_grc.GRCProfileLists().getValidDownstreamProfileIDs(profileInstance.getUniqueValue());
var risks = new GlideAggregate('sn_risk_risk');
risks.addAggregate('COUNT');
risks.addQuery('profile', 'IN', downstream_profiles);
risks.addQuery('state', 'monitor');
risks.groupBy('active');
risks.query();
if (risks.next()) {
var count = risks.getAggregate("COUNT");
if (count > 0) {
isProfileAssessed = true;
}
}
return isProfileAssessed;
},
recalculateRiskRating: function() {
return this._recalculateRiskRating();
},
_recalculateRiskRating: function() {
var statements = new GlideRecord('sn_risk_definition');
statements.query();
while (statements.next()) {
this.calculateRiskRatingOfStatement(statements);
statements.update();
}
var profiles = new GlideRecord('sn_grc_profile');
profiles.query();
while (profiles.next()) {
this.calculateRiskRatingOfProfile(profiles);
profiles.update();
}
var reports = new GlideRecord('sn_risk_advanced_risk_report');
reports.query();
while (reports.next()) {
this.calculateRiskRatingOfReport(reports);
reports.update();
}
},
_getRiskStatementsHierarchy: function(statement) {
var statements = [];
statements.push(statement);
var gr = new GlideRecord('sn_risk_definition');
gr.addQuery('risk_hierarchy', 'CONTAINS', statement);
gr.query();
while (gr.next()) {
statements.push(gr.getUniqueValue());
}
return statements;
},
showMonitorPrimaryAction: function(risk) {
return this._showMonitorPrimaryAction(risk);
},
_showMonitorPrimaryAction: function(risk) {
return gs.hasRole("sn_risk.user") && risk.state == "draft" && risk.primary_risk_assessment_methodology == '';
},
showMonitorNonPrimaryAction: function(risk) {
return this._showMonitorNonPrimaryAction(risk);
},
_showMonitorNonPrimaryAction: function(risk) {
return gs.hasRole("sn_risk.user") && risk.state == "draft" && risk.primary_risk_assessment_methodology != '';
},
checkIfOpenResponseTasks: function(asmtID) {
return this._checkIfOpenResponseTasks(asmtID);
},
_checkIfOpenResponseTasks: function(asmtID) {
var responseTask = new GlideAggregate("sn_risk_response_task");
responseTask.addQuery('risk_assessment_instance', asmtID);
responseTask.addQuery('active', true);
responseTask.addAggregate('COUNT');
responseTask.query();
var hasAnyOpen = false;
if (responseTask.next()) {
if (responseTask.getAggregate('COUNT') > 0) {
hasAnyOpen = true;
}
}
return hasAnyOpen;
},
getStateOfRisk: function(risk) {
return this._getStateOfRisk(risk);
},
_getStateOfRisk: function(risk) {
var state = "draft";
var assessmentInstance = this._getLatestAssessment(risk);
if (assessmentInstance) {
var stateValue = parseInt(assessmentInstance.state + '');
if (stateValue != 0 && (stateValue < 7 || stateValue == 10)) {
state = "assess";
} else if (stateValue == 7) {
var isRespond = this._checkIfOpenResponseTasks(assessmentInstance.getUniqueValue());
if (isRespond)
state = 'respond';
else
state = 'monitor';
}
} else if (risk.state == 'monitor')
state = "monitor";
return state;
},
getLatestAssessment: function(risk) {
return this._getLatestAssessment(risk);
},
_getLatestAssessment: function(risk) {
var assessmentInstance = new GlideRecord('sn_risk_advanced_risk_assessment_instance');
assessmentInstance.addQuery('risk_assessment_methodology', risk.primary_risk_assessment_methodology);
assessmentInstance.addQuery('risk', risk.getUniqueValue());
assessmentInstance.addQuery('state', '!=', '9');
assessmentInstance.addQuery('entity_1', risk.profile);
assessmentInstance.orderByDesc("sys_created_on");
assessmentInstance.setLimit(1);
assessmentInstance.query();
if (assessmentInstance.next()) {
return assessmentInstance;
}
return null;
},
checkIfAsmtInDraft: function(risk) {
return this._checkIfAsmtInDraft(risk);
},
_checkIfAsmtInDraft: function(risk) {
var assessmentInstance = this._getLatestAssessment(risk);
var asmt = null;
if (assessmentInstance && assessmentInstance.state == '0') {
asmt = assessmentInstance.getUniqueValue();
}
return asmt;
},
checkIfAsmtOfPrimaryRAM: function(asmt) {
return this._checkIfAsmtOfPrimaryRAM(asmt);
},
_checkIfAsmtOfPrimaryRAM: function(asmt) {
return asmt.risk_assessment_methodology + '' == asmt.risk.primary_risk_assessment_methodology + '' && gs.getProperty('sn_risk_advanced.hide_risk_legacy_lifecycle', 'false') == 'true';
},
cancelLegacyRiskAsmts: function() {
return this._cancelLegacyRiskAsmts();
},
_cancelLegacyRiskAsmts: function() {
var asmts = new GlideRecord("asmt_assessment_instance");
asmts.addEncodedQuery('metric_type.evaluation_method=risk_assessment^stateINready,wip^sn_grc_item.sys_class_name=sn_risk_risk');
asmts.query();
asmts.setValue("state", "canceled");
asmts.updateMultiple();
},
fixAdvancedRisksState: function() {
return this._fixAdvancedRisksState();
},
_fixAdvancedRisksState: function() {
//Risks with no primary RAM and not in monitor, retired state should be moved to draft
var risks = new GlideRecord("sn_risk_risk");
risks.addQuery("stateNOT INdraft,monitor,retired^primary_risk_assessment_methodologyISEMPTY^active=true");
risks.query();
risks.setValue("state", "draft");
risks.updateMultiple();
//Risks with primary RAM not in retired state
risks.initialize();
risks.addQuery("state!=retired^primary_risk_assessment_methodologyISNOTEMPTY^active=true");
risks.query();
while (risks.next()) {
risks.setValue("state", this.getStateOfRisk(risks));
risks.update();
}
},
type: 'RiskUtilityBase'
};
Sys ID
806c29a4534033000a4dddeeff7b12f3