000031952 - Default field mappings for Create Self-Assessments node is incorrect in RSA Archer 6.0

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 10Show Document
  • View in full screen mode

Article Content

Article Number000031952
Applies ToRSA Product Set: Archer
RSA Product/Service Type: Packaging, Self-Assessment
RSA Version/Condition: 6.0
Issue

Risk Assessment Data updates via the Field Mappings should be strictly prohibited. We should never allow users to update the xrefs between the assessment application with the field mapping process.


Two issues:


  1. The default as seen in the screen shot needs to be removed from the node attributes as out of box matches.
  2. The availability to map anything to the Risk Assessment Data xref should be prohibited . 

Create Self-Assessments node in WP has 3 mapping attributes associated to the node. Fields that should be protected by the system, and no mapping updates into the target (BPAD, RAD, or CAD) should be allowed in the following fields:


BPAD:


  • BPAD Belongs to Assessment BU field
  • Related Self-Assessment xref
  • Risk Assessment Data xref

RAD:


  • Mitigating Control Assessment Data xref field.
  • Related Business Processes Assessment Data xref field
  • Related RCSA Self-Assessment

CAD:


  • Related CSA Self-Assessment xref
  • Related Risk Assessment Data xref

*All calculated fields, IR fields, system Tracking IDs, etc. should also be removed from the Target drowdown list. Fields that cannot be updated via a similar action in Feeds or WebAPI calls, should be excluded from the target list availability.
User-added image

ResolutionThis issue is being investigated by the Engineering team in order to provide a permanent resolution in a future release.

Attachments

    Outcomes