regscale-cli 6.21.2.0__py3-none-any.whl → 6.28.2.1__py3-none-any.whl

regscale/integrations/public/fedramp/fedramp_cis_crm.py

@@ -8,12 +8,13 @@ import json
 import math
 import re
 import shutil
-import tempfile
 from collections import Counter
 from concurrent.futures import as_completed
 from concurrent.futures.thread import ThreadPoolExecutor
 from datetime import datetime
+from functools import lru_cache
 from pathlib import Path
+from tempfile import gettempdir
 from threading import Thread
 from types import ModuleType
 from typing import TYPE_CHECKING, Any, Callable, Dict, List, Literal, Optional, Tuple, TypeVar
@@ -24,7 +25,7 @@ from regscale.core.app.api import Api
 from regscale.core.app.utils.api_handler import APIInsertionError, APIUpdateError
 from regscale.core.app.utils.app_utils import compute_hash, create_progress_object, error_and_exit, get_current_datetime
 from regscale.core.utils.graphql import GraphQLQuery
-from regscale.integrations.public.fedramp.parts_mapper import PartMapper
+from regscale.integrations.control_matcher import ControlMatcher
 from regscale.integrations.public.fedramp.ssp_logger import SSPLogger
 from regscale.models import ControlObjective, ImplementationObjective, ImportValidater, Parameter, Profile
 from regscale.models.regscale_models import (
@@ -43,14 +44,9 @@ from regscale.utils.version import RegscaleVersion
 if TYPE_CHECKING:
     import pandas as pd
 
-from functools import lru_cache
-from tempfile import gettempdir
-
 T = TypeVar("T")
 
 logger = SSPLogger()
-part_mapper_rev5 = PartMapper()
-part_mapper_rev4 = PartMapper()
 progress = create_progress_object()
 
 SERVICE_PROVIDER_CORPORATE = "Service Provider Corporate"
@@ -120,6 +116,112 @@ def get_pandas() -> ModuleType:
     return pd
 
 
+def _build_potential_oscal_ids(variation: str) -> List[str]:
+    """
+    Build potential OSCAL ID formats from a control ID variation.
+
+    :param str variation: Control ID variation (e.g., "AC-1", "AC-01", "AC-1.a")
+    :return: List of potential OSCAL IDs
+    :rtype: List[str]
+    """
+    variation_lower = variation.lower()
+    oscal_ids = []
+
+    # Check if this is a control with a letter part (e.g., "ac-1.a")
+    if re.match(r"^[a-z]+-\d+\.[a-z]$", variation_lower):
+        # For letter parts, map to OSCAL format: ac-1.a -> ac-1_smt.a
+        base_control = variation_lower.rsplit(".", 1)[0]  # Get "ac-1" from "ac-1.a"
+        letter_part = variation_lower.rsplit(".", 1)[1]  # Get "a" from "ac-1.a"
+        oscal_ids.extend(
+            [
+                f"{base_control}_smt.{letter_part}",  # ac-1_smt.a (primary format)
+                f"{variation_lower}_smt",  # ac-1.a_smt (alternative format)
+            ]
+        )
+    else:
+        # Base control without letter part - include all potential letter variations
+        oscal_ids.extend(
+            [
+                f"{variation_lower}_smt",
+                f"{variation_lower}_smt.a",
+                f"{variation_lower}_smt.b",
+                f"{variation_lower}_smt.c",
+            ]
+        )
+
+    return oscal_ids
+
+
+def _matches_oscal_id(obj_id: str, variation: str) -> bool:
+    """
+    Check if an objective's otherId matches any OSCAL ID format for the given variation.
+
+    :param str obj_id: The objective's otherId
+    :param str variation: Control ID variation
+    :return: True if matches, False otherwise
+    :rtype: bool
+    """
+    potential_ids = _build_potential_oscal_ids(variation)
+    return obj_id in potential_ids or obj_id.startswith(f"{variation.lower()}_smt")
+
+
+def _find_matching_objectives(control_objectives: List[ControlObjective], variations: set) -> List[ControlObjective]:
+    """
+    Find objectives that match any of the control ID variations.
+
+    :param List[ControlObjective] control_objectives: List of objectives to search
+    :param set variations: Set of control ID variations
+    :return: List of matched objectives
+    :rtype: List[ControlObjective]
+    """
+    matched_objectives = []
+
+    for obj in control_objectives:
+        if not hasattr(obj, "otherId") or not obj.otherId:
+            continue
+
+        obj_id = obj.otherId
+        for variation in variations:
+            if _matches_oscal_id(obj_id, variation):
+                if obj not in matched_objectives:
+                    matched_objectives.append(obj)
+                break
+
+    return matched_objectives
+
+
+def find_objectives_using_control_matcher(
+    source: str, control_objectives: List[ControlObjective], control_matcher: ControlMatcher
+) -> Tuple[List[ControlObjective], str]:
+    """
+    Find control objectives using ControlMatcher for consistent control ID parsing and matching.
+
+    :param str source: The source control ID (e.g., "AC-1(a)", "AC-01 (a)")
+    :param List[ControlObjective] control_objectives: List of ControlObjective objects to search
+    :param ControlMatcher control_matcher: Instance of ControlMatcher for parsing and variations
+    :return: Tuple of (matched objectives list, status_message)
+    :rtype: Tuple[List[ControlObjective], str]
+    """
+    # Parse the control ID using ControlMatcher
+    parsed_id = control_matcher.parse_control_id(source)
+    if not parsed_id:
+        return [], f"Unable to parse control {source}"
+
+    # Get all variations of this control ID
+    # pylint: disable=protected-access  # Using internal method for control ID variation matching
+    variations = control_matcher._get_control_id_variations(parsed_id)
+    if not variations:
+        return [], f"Unable to generate variations for {source}"
+
+    # Find matching objectives
+    matched_objectives = _find_matching_objectives(control_objectives, variations)
+
+    if matched_objectives:
+        return matched_objectives, f"Found {len(matched_objectives)} objective(s) for {source}"
+
+    return [], f"No database match found for {source} (parsed: {parsed_id})"
+
+
 def transform_control(control: str) -> str:
     """
     Function to parse the control string and transform it to the RegScale format
@@ -129,16 +231,15 @@ def transform_control(control: str) -> str:
     :return: Transformed control ID to match RegScale control ID format
     :rtype: str
     """
-    # Use regex to match the pattern and capture the parts
-    match = re.match(r"([A-Za-z]+)-(\d+)\s\((\d+|[a-z])\)", control)
-    if match:
+    # Use regex to match the pattern and capture the parts (handle extra spaces)
+    # Now handles both uppercase and lowercase letters in parentheses
+    if match := re.match(r"([A-Z]+)-(\d+)\s*\(\s*(\d+|[A-Z])\s*\)", control, re.IGNORECASE):
         control_name = match.group(1).lower()
         control_number = match.group(2)
-        sub_control = match.group(3)
-
-        if sub_control.isdigit():
+        try:
+            sub_control = match.group(3).lower()  # Normalize to lowercase
             transformed_control = f"{control_name}-{control_number}.{sub_control}"
-        else:
+        except IndexError:
             transformed_control = f"{control_name}-{control_number}"
 
         return transformed_control
@@ -179,29 +280,76 @@ def new_leveraged_auth(
     return new_leveraged_auth_id.id
 
 
-def gen_key(control_id: str):
+def gen_key(control_id: str) -> str:
     """
-    Function to generate a key for the control ID
+    Function to generate a key for the control ID by stripping letter-based parts.
+    Handles both parentheses notation (AC-1(a)) and dot notation (ac-1.a).
+
+    Examples:
+    - AC-1 (a) -> AC-1
+    - ac-1.a -> ac-1
+    - AC-2(1) -> AC-2(1) (numeric enhancement preserved)
+    - AC-17.2 -> AC-17.2 (numeric enhancement preserved)
 
     :param str control_id: The control ID to generate a key for
-    :return: The generated key
+    :return: The generated key with letter parts stripped
     :rtype: str
     """
-    # Match pattern: captures everything up to either:
-    # 1. The last (number) if it exists
+    # First, try parentheses notation: ALPHA-NUM(LETTER) -> ALPHA-NUM
+    # Captures everything up to either:
+    # 1. The last (number) if it exists (preserved)
     # 2. The main control number if no enhancement exists
-    # And excludes any trailing (letter)
-    pattern = r"^((?:\w+-\d+(?:\(\d+\))?))(?:\([a-zA-Z]\))?$"
+    # Excludes trailing (letter) - handles extra spaces like AC-6 ( 1 ) ( a )
+    pattern_paren = r"^(\w+-\d+(?:\s*\(\s*\d+\s*\))?)(?:\s*\(\s*[a-zA-Z]\s*\))?$"
+    if match := re.match(pattern_paren, control_id):
+        return match.group(1)
 
-    match = re.match(pattern, control_id)
-    if match:
+    # Try dot notation: alpha-num.letter -> alpha-num
+    # Preserves numeric enhancements (ac-17.2) but strips letter parts (ac-1.a)
+    pattern_dot = r"^([a-z]+-\d+)\.([a-z])$"
+    if match := re.match(pattern_dot, control_id, re.IGNORECASE):
+        # Check if the part after dot is a single letter (not a number)
         return match.group(1)
+
+    # No match, return as-is
     return control_id
 
 
+def _is_letter_based_control_part(control_id: str) -> bool:
+    """
+    Check if a control ID is a letter-based part (e.g., AC-1(a), ac-1.a).
+    Returns True for ALPHA-NUMERIC(ALPHA) or alpha-numeric.alpha patterns.
+    Returns False for numeric enhancements (AC-1(1), ac-17.2).
+
+    :param str control_id: The control ID to check
+    :return: True if it's a letter-based control part
+    :rtype: bool
+    """
+    # Pattern 1: Parentheses notation - ALPHA-NUMERIC(ALPHA) like AC-1(a), AC-2(B)
+    pattern_paren = r"^[A-Za-z]+-\d+\s*\(\s*[a-zA-Z]\s*\)$"
+    if re.match(pattern_paren, control_id):
+        return True
+
+    # Pattern 2: Dot notation - alpha-numeric.alpha like ac-1.a, ac-2.b
+    # Exclude numeric enhancements like ac-17.2
+    pattern_dot = r"^[a-z]+-\d+\.([a-z])$"
+    match = re.match(pattern_dot, control_id, re.IGNORECASE)
+    if match and match.group(1).isalpha():
+        return True
+
+    return False
+
+
 def map_implementation_status(control_id: str, cis_data: dict) -> str:
     """
-    Function to map the selected implementation status on the CIS worksheet to a RegScale status
+    Function to map the selected implementation status on the CIS worksheet to a RegScale status.
+    Aggregates letter-based control parts (AC-1(a), AC-1(b), AC-1(c)) into base control (AC-1).
+
+    Aggregation logic for letter-based parts:
+    - All "Implemented" → "Fully Implemented"
+    - Mix with at least one "Implemented" → "Partially Implemented"
+    - All "Not Implemented" or empty → "Not Implemented"
+    - Any "Planned" (no implemented) → "Planned"
 
     :param str control_id: The control ID from RegScale
     :param dict cis_data: Data from the CIS worksheet to map the status from
@@ -209,7 +357,7 @@ def map_implementation_status(control_id: str, cis_data: dict) -> str:
     :rtype: str
     """
 
-    # Extract matching records
+    # Extract matching records (gen_key strips letter parts to match base control)
     cis_records = [
         value
         for value in cis_data.values()
@@ -221,31 +369,49 @@ def map_implementation_status(control_id: str, cis_data: dict) -> str:
     logger.debug("Found %d CIS records for control %s", len(cis_records), control_id)
 
     if not cis_records:
+        # Alerts if a control exists in regscale but is missing from CIS worksheet
         logger.warning(f"No CIS records found for control {control_id}")
         return status_ret
 
+    # Check if these are letter-based control parts that need aggregation
+    has_letter_parts = any(_is_letter_based_control_part(rec.get("control_id", "")) for rec in cis_records)
+
     # Count implementation statuses
     status_counts = Counter(record.get("implementation_status", "") for record in cis_records)
-    logger.debug("Status distribution for %s: %s", control_id, dict(status_counts))
+    logger.debug("Status distribution for %s: %s (letter parts: %s)", control_id, dict(status_counts), has_letter_parts)
 
-    # Early returns for simple cases
+    # Early return for simple case: all same status
     if len(status_counts) == 1:
         status = next(iter(status_counts))
-        return STATUS_MAPPING.get(status, ControlImplementationStatus.NotImplemented)
+        mapped_status = STATUS_MAPPING.get(status, ControlImplementationStatus.NotImplemented)
+        # If all letter parts have same status and it's "Implemented", return FullyImplemented
+        if has_letter_parts and status == "Implemented":
+            return ControlImplementationStatus.FullyImplemented
+        return mapped_status
 
+    # Aggregate statuses for letter-based control parts or multiple records
     implemented_count = status_counts.get("Implemented", 0)
+    not_implemented_count = status_counts.get("", 0)  # Empty status counts as not implemented
+    partially_implemented_count = status_counts.get("Partially Implemented", 0)
+    planned_count = status_counts.get("Planned", 0)
     total_count = sum(status_counts.values())
 
+    # Aggregation logic
     if implemented_count == total_count:
+        # All parts are implemented
         return ControlImplementationStatus.FullyImplemented
-    elif implemented_count > 0 or any(status == "Partially Implemented" for status in status_counts):
-        status_ret = ControlImplementationStatus.PartiallyImplemented
-    elif any(status == "Planned" for status in status_counts):
-        status_ret = ControlImplementationStatus.Planned
+    elif implemented_count > 0 or partially_implemented_count > 0:
+        # Mix of implemented and other statuses, or any partially implemented
+        return ControlImplementationStatus.PartiallyImplemented
+    elif planned_count > 0 and not_implemented_count == 0:
+        # All are planned (no not-implemented)
+        return ControlImplementationStatus.Planned
     elif any(status in ["N/A", ALTERNATIVE_IMPLEMENTATION] for status in status_counts):
-        status_ret = ControlImplementationStatus.NA
-
-    return status_ret
+        # Any N/A or Alternative
+        return ControlImplementationStatus.NA
+    else:
+        # Default: not implemented
+        return ControlImplementationStatus.NotImplemented
 
 
 def map_origination(control_id: str, cis_data: dict) -> dict:
@@ -268,7 +434,7 @@ def map_origination(control_id: str, cis_data: dict) -> dict:
     }
 
     # Initialize result with all flags set to False
-    result = {key: False for key in origination_mapping.values()}
+    result = dict.fromkeys(origination_mapping.values(), False)
     result["record_text"] = ""
 
     # Find matching CIS records
@@ -345,6 +511,103 @@ def get_multi_status(record: dict) -> str:
         return status_map.get(implementation_status, NOT_IMPLEMENTED)
 
 
+def _calculate_responsibility(control_originations: List[str], imp: ControlImplementation) -> str:
+    """
+    Calculate responsibility from control originations.
+
+    :param List[str] control_originations: List of control origination values
+    :param ControlImplementation imp: Control implementation
+    :return: Calculated responsibility value
+    :rtype: str
+    """
+    try:
+        if RegscaleVersion.meets_minimum_version("6.20.17.0"):
+            return ",".join(control_originations)
+        return next(iter(control_originations))
+    except StopIteration:
+        if imp.responsibility:
+            return imp.responsibility.split(",")[0]
+        return SERVICE_PROVIDER_CORPORATE
+
+
+def _create_new_implementation_objective(
+    leverage_auth_id: int,
+    imp: ControlImplementation,
+    objective: ControlObjective,
+    cis_record: dict,
+    responsibility: str,
+    cloud_responsibility: str,
+    customer_responsibility: str,
+    can_be_inherited_from_csp: str,
+) -> ImplementationObjective:
+    """
+    Create a new implementation objective.
+
+    :param int leverage_auth_id: Leveraged authorization ID
+    :param ControlImplementation imp: Control implementation
+    :param ControlObjective objective: Control objective
+    :param dict cis_record: CIS record data
+    :param str responsibility: Responsibility value
+    :param str cloud_responsibility: Cloud responsibility value
+    :param str customer_responsibility: Customer responsibility value
+    :param str can_be_inherited_from_csp: Can be inherited flag
+    :return: New implementation objective
+    :rtype: ImplementationObjective
+    """
+    imp_obj = ImplementationObjective(
+        id=0,
+        uuid="",
+        inherited=can_be_inherited_from_csp in ["Yes", "Partial"],
+        implementationId=imp.id,
+        status=get_multi_status(cis_record),
+        objectiveId=objective.id,
+        notes=objective.name,
+        securityControlId=objective.securityControlId,
+        securityPlanId=REGSCALE_SSP_ID,
+        responsibility=responsibility,
+        cloudResponsibility=cloud_responsibility,
+        customerResponsibility=customer_responsibility,
+        authorizationId=leverage_auth_id,
+        parentObjectiveId=objective.parentObjectiveId,
+    )
+    logger.debug(
+        "Creating new Implementation Objective for Control %s with status: %s responsibility: %s",
+        imp_obj.securityControlId,
+        imp_obj.status,
+        imp_obj.responsibility,
+    )
+    return imp_obj
+
+
+def _update_existing_implementation_objective(
+    ex_obj: ImplementationObjective,
+    cis_record: dict,
+    responsibility: str,
+    cloud_responsibility: str,
+    customer_responsibility: str,
+) -> None:
+    """
+    Update an existing implementation objective.
+
+    :param ImplementationObjective ex_obj: Existing implementation objective
+    :param dict cis_record: CIS record data
+    :param str responsibility: Responsibility value
+    :param str cloud_responsibility: Cloud responsibility value
+    :param str customer_responsibility: Customer responsibility value
+    :rtype: None
+    """
+    ex_obj.status = get_multi_status(cis_record)
+    ex_obj.responsibility = responsibility
+    if cloud_responsibility.strip():
+        logger.debug(f"Updating Implementation Objective #{ex_obj.id} with responsibility: {responsibility}")
+        ex_obj.cloudResponsibility = cloud_responsibility
+    if customer_responsibility.strip():
+        logger.debug(
+            f"Updating Implementation Objective #{ex_obj.id} with cloud responsibility: {cloud_responsibility}"
+        )
+        ex_obj.customerResponsibility = customer_responsibility
+
+
 def update_imp_objective(
     leverage_auth_id: int,
     existing_imp_obj: List[ImplementationObjective],
@@ -363,80 +626,49 @@ def update_imp_objective(
     :rtype: None
     :return: None
     """
-
     cis_record = record.get("cis", {})
     crm_record = record.get("crm", {})
-    # There could be multiples, take the first one as regscale will not allow multiples at the objective level.
-    control_originations = cis_record.get("control_origination", "").split(",")
-    for ix, control_origination in enumerate(control_originations):
-        control_originations[ix] = control_origination.strip()
 
-    try:
-        if RegscaleVersion.meets_minimum_version("6.20.17.0"):
-            responsibility = ",".join(control_originations)
-        else:
-            responsibility = next(origin for origin in control_originations)
+    # Parse and clean control originations
+    control_originations = [orig.strip() for orig in cis_record.get("control_origination", "").split(",")]
 
-    except StopIteration:
-        if imp.responsibility:
-            responsibility = imp.responsibility.split(",")[0]  # only one responsiblity allowed here.
-        else:
-            responsibility = SERVICE_PROVIDER_CORPORATE
+    # Calculate responsibility
+    responsibility = _calculate_responsibility(control_originations, imp)
 
+    # Parse responsibility fields
     customer_responsibility = clean_customer_responsibility(
         crm_record.get("specific_inheritance_and_customer_agency_csp_responsibilities")
     )
-    existing_pairs = {(obj.objectiveId, obj.implementationId) for obj in existing_imp_obj}
-    logger.debug(f"CRM Record: {crm_record}")
     can_be_inherited_from_csp: str = crm_record.get("can_be_inherited_from_csp") or ""
     cloud_responsibility = customer_responsibility if can_be_inherited_from_csp.lower() == "yes" else ""
     customer_responsibility = customer_responsibility if can_be_inherited_from_csp.lower() != "yes" else ""
+
+    existing_pairs = {(obj.objectiveId, obj.implementationId) for obj in existing_imp_obj}
+    logger.debug(f"CRM Record: {crm_record}")
+
     for objective in objectives:
+        if objective.securityControlId != imp.controlID:
+            continue
+
         current_pair = (objective.id, imp.id)
         if current_pair not in existing_pairs:
-            if objective.securityControlId != imp.controlID:
-                # This is a bad match, do not save.
-                continue
-
-            imp_obj = ImplementationObjective(
-                id=0,
-                uuid="",
-                inherited=can_be_inherited_from_csp in ["Yes", "Partial"],
-                implementationId=imp.id,
-                status=get_multi_status(cis_record),
-                objectiveId=objective.id,
-                notes=objective.name,
-                securityControlId=objective.securityControlId,
-                securityPlanId=REGSCALE_SSP_ID,
-                responsibility=responsibility,
-                cloudResponsibility=cloud_responsibility,
-                customerResponsibility=customer_responsibility,
-                authorizationId=leverage_auth_id,
-                parentObjectiveId=objective.parentObjectiveId,
-            )
-            logger.debug(
-                "Creating new Implementation Objective for Control %s with status: %s responsibility: %s",
-                imp_obj.securityControlId,
-                imp_obj.status,
-                imp_obj.responsibility,
+            imp_obj = _create_new_implementation_objective(
+                leverage_auth_id,
+                imp,
+                objective,
+                cis_record,
+                responsibility,
+                cloud_responsibility,
+                customer_responsibility,
+                can_be_inherited_from_csp,
             )
             UPDATED_IMPLEMENTATION_OBJECTIVES.add(imp_obj)
         else:
             ex_obj = next((obj for obj in existing_imp_obj if obj.objectiveId == objective.id), None)
             if ex_obj:
-                ex_obj.status = get_multi_status(cis_record)
-                ex_obj.responsibility = responsibility
-                if cloud_responsibility.strip():
-                    logger.debug(
-                        f"Updating Implementation Objective #{ex_obj.id} with responsibility: {responsibility}"
-                    )
-                    ex_obj.cloudResponsibility = cloud_responsibility
-                if customer_responsibility.strip():
-                    logger.debug(
-                        f"Updating Implementation Objective #{ex_obj.id} with cloud responsibility: {cloud_responsibility}"
-                    )
-                    ex_obj.customerResponsibility = customer_responsibility
-
+                _update_existing_implementation_objective(
+                    ex_obj, cis_record, responsibility, cloud_responsibility, customer_responsibility
+                )
                 UPDATED_IMPLEMENTATION_OBJECTIVES.add(ex_obj)
 
 
@@ -565,8 +797,6 @@ def get_all_imps(api: Api, cis_data: dict, version: Literal["rev4", "rev5"]) ->
     :return: None
     :rtype: None
     """
-    from requests import RequestException
-
     # Check if the response is successful
     if EXISTING_IMPLEMENTATIONS:
         # Get Control Implementations For SSP
@@ -641,6 +871,9 @@ def update_all_objectives(
     """
 
     all_control_objectives = get_all_control_objectives(imps=EXISTING_IMPLEMENTATIONS.values())
+    # Create ControlMatcher instance for consistent control ID parsing
+    control_matcher = ControlMatcher()
+
     error_set = set()
     process_task = progress.add_task(
         "[cyan]Processing control objectives...", total=len(EXISTING_IMPLEMENTATIONS.values())
@@ -653,7 +886,13 @@ def update_all_objectives(
         # Submit all tasks
         future_to_control = {
             executor.submit(
-                process_implementation, leveraged_auth_id, imp, combined_data, version, all_control_objectives
+                process_implementation,
+                leveraged_auth_id,
+                imp,
+                combined_data,
+                version,
+                all_control_objectives,
+                control_matcher,
             ): imp
             for imp in EXISTING_IMPLEMENTATIONS.values()
         }
@@ -709,6 +948,7 @@ def process_implementation(
     sheet_data: dict,
     version: Literal["rev4", "rev5"],
     all_objectives: List[ControlObjective],
+    control_matcher: ControlMatcher,
 ) -> Tuple[List[str], List[ImplementationObjective]]:
     """
     Processes a single implementation and its associated records.
@@ -718,6 +958,7 @@ def process_implementation(
     :param dict sheet_data: The CIS/CRM data to process
     :param Literal["rev4", "rev5"] version: The version of the workbook
     :param List[ControlObjective] all_objectives: all the control objectives
+    :param ControlMatcher control_matcher: ControlMatcher instance for control ID parsing
     :rtype Tuple[List[str], List[ImplementationObjective]]
     :returns A list of updated implementation objectives
     """
@@ -725,7 +966,7 @@ def process_implementation(
     errors = []
     processed_objectives = []
 
-    existing_objectives, filtered_records = gen_filtered_records(implementation, sheet_data, version)
+    existing_objectives, filtered_records = gen_filtered_records(implementation, sheet_data, control_matcher)
     result = None
     for record in filtered_records:
         res = process_single_record(
@@ -735,6 +976,7 @@ def process_implementation(
             control_objectives=all_objectives,
             existing_objectives=existing_objectives,
             version=version,
+            control_matcher=control_matcher,
         )
         if isinstance(res, tuple):
             method_errors, result = res
@@ -745,39 +987,67 @@ def process_implementation(
     return errors, processed_objectives
 
 
+def _extract_base_control_id(control_id: str) -> str:
+    """
+    Extract the base control ID from a control ID that may have a letter part.
+
+    Examples:
+    - "AC-1.a" -> "AC-1"
+    - "AC-17.2" -> "AC-17.2" (numeric parts are preserved)
+    - "AC-1" -> "AC-1"
+
+    :param str control_id: Control ID that may have a letter part
+    :return: Base control ID without letter part
+    :rtype: str
+    """
+    # Check if the control has a letter part (e.g., AC-1.a)
+    match = re.match(r"^([A-Z]+-\d+)\.[A-Z]$", control_id, re.IGNORECASE)
+    if match:
+        return match.group(1)
+    return control_id
+
+
 def gen_filtered_records(
-    implementation: ControlImplementation, sheet_data: dict, version: Literal["rev4", "rev5"]
+    implementation: ControlImplementation, sheet_data: dict, control_matcher: ControlMatcher
 ) -> Tuple[List[ImplementationObjective], List[Dict[str, str]]]:
     """
-    Generates filtered records for a given implementation.
+    Generates filtered records for a given implementation using ControlMatcher.
 
     :param ControlImplementation implementation: The control implementation to filter records for
     :param dict sheet_data: The CIS/CRM data to filter
-    :param Literal["rev4", "rev5"] version: The version of the workbook
+    :param ControlMatcher control_matcher: ControlMatcher instance for control ID matching
     :returns A tuple of existing objectives, and filtered records
     :rtype Tuple[List[ImplementationObjective], List[Dict[str, str]]]
     """
     security_control = SecurityControl.get_object(implementation.controlID)
     existing_objectives = ImplementationObjective.get_by_control(implementation.id)
-    if version == "rev5":
-        filtered_records = filter(
-            lambda r: extract_control_name(r["cis"]["regscale_control_id"]).lower()
-            == security_control.controlId.lower(),
-            sheet_data.values(),
-        )
-    else:
-        try:
-            control_label = next(
-                dat
-                for dat in part_mapper_rev4.data
-                if dat.get("Oscal Control ID") == security_control.controlId.lower()
-            ).get("CONTROLLABEL")
-        except StopIteration:
-            control_label = None
-        if control_label:
-            filtered_records = [r for r in sheet_data.values() if r["cis"]["regscale_control_id"] == control_label]
+
+    # Get all variations of the control ID using ControlMatcher
+    # pylint: disable=protected-access  # Using internal method for control ID variation matching
+    control_variations = control_matcher._get_control_id_variations(security_control.controlId)
+
+    # Filter records that match any variation of the control ID
+    filtered_records = []
+    for record in sheet_data.values():
+        record_control_id = record["cis"].get("regscale_control_id", "")
+        # Parse the record's control ID
+        parsed_record_id = control_matcher.parse_control_id(record_control_id)
+        if not parsed_record_id:
+            continue
+        # Get variations for the parsed record ID
+        # pylint: disable=protected-access  # Using internal method for control ID variation matching
+        record_variations = control_matcher._get_control_id_variations(parsed_record_id)
+
+        # Check if the parsed record control ID matches any variation
+        if control_variations & record_variations:
+            filtered_records.append(record)
         else:
-            filtered_records = []
+            # If no direct match and record has a letter part, try matching the base control
+            base_control_id = _extract_base_control_id(parsed_record_id)
+            if base_control_id != parsed_record_id:
+                base_variations = control_matcher._get_control_id_variations(base_control_id)
+                if control_variations & base_variations:
+                    filtered_records.append(record)
 
     return existing_objectives, filtered_records
 
@@ -801,54 +1071,28 @@ def process_single_record(**kwargs) -> Tuple[List[str], Optional[ImplementationO
     :rtype Tuple[List[str], Optional[ImplementationObjective]]
     :returns A list of errors and the Implementation Objective if successful, otherwise None
     """
-    # for pytest
-    if not part_mapper_rev5.data:
-        part_mapper_rev5.load_fedramp_version_5_mapping()
-    if not part_mapper_rev4.data:
-        part_mapper_rev4.load_fedramp_version_4_mapping()
-
     errors = []
-    version = kwargs.get("version")
     leveraged_auth_id: int = kwargs.get("leveraged_auth_id")
     implementation: ControlImplementation = kwargs.get("implementation")
     record: dict = kwargs.get("record")
     control_objectives: List[ControlObjective] = kwargs.get("control_objectives")
     existing_objectives: List[ImplementationObjective] = kwargs.get("existing_objectives")
-    mapped_objectives: List[ControlObjective] = []
+    control_matcher: ControlMatcher = kwargs.get("control_matcher")
     result = None
-    parts = []
-    # Note: The Control ID from the CIS/CRM can be in non-standard formats, as compared to the example sheet on fedramp.
-    if version == "rev5":
-        key = record["cis"]["control_id"].replace(" ", "")
-        source = part_mapper_rev5.find_by_source(key)
-    else:
-        key = record["cis"]["control_id"]
-        source = part_mapper_rev4.find_by_source(key)
-        if parts := part_mapper_rev4.find_sub_parts(key):
-            for part in parts:
-                try:
-                    if version == "rev5":
-                        mapped_objectives.append(next(obj for obj in control_objectives if obj.name == part))
-                    else:
-                        mapped_objectives.append(next(obj for obj in control_objectives if obj.otherId == part))
-                except StopIteration:
-                    errors.append(f"Unable to find part {part} for control {key}")
-    if not source and not parts:
-        errors.append(f"Unable to find source and part for control {key}")
-
-    if source and not parts:
-        try:
-            objective = next(
-                obj
-                for obj in control_objectives
-                if (obj.otherId == source and version in ["rev5", "rev4"]) or (obj.name == source and version == "rev4")
-            )
-            mapped_objectives.append(objective)
-        except StopIteration:
-            logger.debug(f"Missing Source: {source}")
-            errors.append(f"Unable to find objective for control {key} ({source})")
 
-    if mapped_objectives:
+    # Get the control ID from the CIS/CRM record
+    key = record["cis"]["control_id"]
+
+    # Use ControlMatcher to find matching objectives
+    mapped_objectives, status = find_objectives_using_control_matcher(key, control_objectives, control_matcher)
+
+    logger.debug(f"Control matching result for {key}: {status}")
+
+    # Add to errors list if no objectives found
+    if not mapped_objectives:
+        errors.append(f"{key}: {status}")
+    else:
+        # Update implementation objectives with the matched control objectives
         update_imp_objective(
             leverage_auth_id=leveraged_auth_id,
             existing_imp_obj=existing_objectives,
@@ -898,46 +1142,53 @@ def parse_crm_worksheet(file_path: click.Path, crm_sheet_name: str, version: Lit
 
     logger.debug(f"Skipping {skip_rows} rows in CRM worksheet")
 
-    # only use thse coloumns
-    usecols = [
+    # Define required columns
+    required_columns = [
         CONTROL_ID,
         "Can Be Inherited from CSP",
         "Specific Inheritance and Customer Agency/CSP Responsibilities",
     ]
 
     try:
-        # Verify that the columns are in the dataframe
-        header_row = validator.data.iloc[skip_rows - 1 :].iloc[0]
+        # Get the header row (which is at skip_rows - 1)
+        header_row = validator.data.iloc[skip_rows - 1]
 
-        # Check if we have enough columns
-        if len(header_row) < len(usecols):
-            error_and_exit(
-                f"Not enough columns found in CRM worksheet. Expected {len(usecols)} columns but found {len(header_row)}."
-            )
+        # Get data rows starting from skip_rows
+        data = validator.data.iloc[skip_rows:].reset_index(drop=True)
 
-        # Verify each required column exists in the correct position
+        # Set column names from header row
+        data.columns = header_row
+
+        # Find required columns by name (case-insensitive, handle extra columns in AWS CIS/CRM)
+        available_columns = data.columns.tolist()
+        columns_to_use = []
         missing_columns = []
-        for i, expected_col in enumerate(usecols):
-            if header_row.iloc[i] != expected_col:
-                missing_columns.append(
-                    f"Expected '{expected_col}' at position {i + 1} but found '{header_row.iloc[i]}'"
-                )
+
+        for required_col in required_columns:
+            # Find column that matches (case-insensitive, strip whitespace)
+            matching_col = next(
+                (col for col in available_columns if str(col).strip().lower() == required_col.lower()), None
+            )
+            if matching_col is not None:
+                columns_to_use.append(matching_col)
+            else:
+                missing_columns.append(required_col)
 
         if missing_columns:
-            error_msg = "Required columns not found in the CRM worksheet:\n" + "\n".join(missing_columns)
+            error_msg = (
+                f"Required columns not found in the CRM worksheet: {', '.join(missing_columns)}\n"
+                f"Available columns: {', '.join(str(col) for col in available_columns)}"
+            )
             error_and_exit(error_msg)
 
-        logger.debug("Verified all required columns exist in CRM worksheet")
-
-        # Reindex the dataframe and skip some rows
-        data = validator.data.iloc[skip_rows:]
+        logger.debug(f"Found all required columns in CRM worksheet: {', '.join(required_columns)}")
 
-        # Keep only the first three columns
-        data = data.iloc[:, :3]
+        # Keep only the required columns
+        data = data[columns_to_use]
 
-        # Rename the columns to match usecols
-        data.columns = usecols
-        logger.debug(f"Kept only required columns: {', '.join(usecols)}")
+        # Rename the columns to standardize names
+        data.columns = required_columns
+        logger.debug(f"Using columns: {', '.join(required_columns)}")
 
     except KeyError as e:
         error_and_exit(f"KeyError: {e} - One or more columns specified in usecols are not found in the dataframe.")
@@ -973,59 +1224,216 @@ def parse_crm_worksheet(file_path: click.Path, crm_sheet_name: str, version: Lit
     return formatted_crm
 
 
-def parse_cis_worksheet(file_path: click.Path, cis_sheet_name: str) -> dict:
+def _get_expected_cis_columns() -> List[str]:
     """
-    Function to parse and format the CIS worksheet content
+    Get the expected column names for CIS worksheet in order.
+    These match the FedRAMP Rev 5 CIS worksheet format.
 
-    :param click.Path file_path: The file path to the FedRAMP CIS CRM workbook
-    :param str cis_sheet_name: The name of the CIS sheet to parse
-    :return: Formatted CIS content
-    :rtype: dict
+    :return: List of expected column names
+    :rtype: List[str]
+    """
+    return [
+        CONTROL_ID,  # "Control ID"
+        "Implemented",
+        ControlImplementationStatus.PartiallyImplemented,  # "Partially Implemented"
+        "Planned",
+        ALTERNATIVE_IMPLEMENTATION,  # "Alternative Implementation"
+        ControlImplementationStatus.NA,  # "N/A"
+        SERVICE_PROVIDER_CORPORATE,
+        SERVICE_PROVIDER_SYSTEM_SPECIFIC,
+        SERVICE_PROVIDER_HYBRID,
+        CONFIGURED_BY_CUSTOMER,
+        PROVIDED_BY_CUSTOMER,
+        SHARED,
+        INHERITED,  # "Inherited from pre-existing FedRAMP Authorization"
+    ]
+
+
+def _normalize_cis_columns(cis_df: "pd.DataFrame", expected_columns: List[str]) -> "pd.DataFrame":
+    """
+    Normalize CIS dataframe columns by matching expected columns and handling missing ones.
+    Uses fuzzy matching to handle truncated column names from merged cells.
+
+    :param pd.DataFrame cis_df: The CIS dataframe
+    :param List[str] expected_columns: List of expected column names
+    :return: Normalized dataframe with standardized column names
+    :rtype: pd.DataFrame
+    """
+    available_columns = cis_df.columns.tolist()
+    columns_to_keep = []
+
+    logger.debug(f"Available CIS columns: {available_columns}")
+
+    for expected_col in expected_columns:
+        matching_col = None
+
+        # Try exact match first (case-insensitive)
+        matching_col = next(
+            (col for col in available_columns if str(col).strip().lower() == expected_col.lower()), None
+        )
+
+        # If no exact match, try partial/fuzzy match for truncated column names
+        if matching_col is None:
+            # Create a simplified version for matching (first few significant words)
+            # Filter out common words and take first 3 significant words
+            skip_words = {"from", "by", "to", "the", "and", "or", "a", "an"}
+            expected_words = [w for w in expected_col.lower().split() if w not in skip_words][:3]
+
+            for col in available_columns:
+                col_str = str(col).lower()
+                # Check if at least 2 of the significant words are in the column name (handles truncation & variations)
+                matches = sum(1 for word in expected_words if word in col_str)
+                if matches >= min(2, len(expected_words)):  # Need at least 2 matches, or all if less than 2 words
+                    matching_col = col
+                    logger.debug(
+                        f"Fuzzy matched '{expected_col}' to '{col}' (matched {matches}/{len(expected_words)} words)"
+                    )
+                    break
+
+        if matching_col is not None:
+            columns_to_keep.append(matching_col)
+        else:
+            logger.info(f"Expected column '{expected_col}' not found in CIS worksheet. Using empty values.")
+            cis_df[expected_col] = ""
+            columns_to_keep.append(expected_col)
+
+    cis_df = cis_df[columns_to_keep]
+    cis_df.columns = expected_columns
+    return cis_df.fillna("")
+
+
+def _find_control_id_row_index(df: "pd.DataFrame") -> Optional[int]:
+    """
+    Find the row index containing 'Control ID' in the first column.
+
+    :param pd.DataFrame df: The dataframe to search
+    :return: Row index if found, None otherwise
+    :rtype: Optional[int]
+    """
+    for idx, row in df.iterrows():
+        if row.iloc[0] == CONTROL_ID:
+            return idx
+    return None
+
+
+def _merge_header_rows(header_row, sub_header_row) -> List[str]:
+    """
+    Merge two header rows into a single list of column names.
+
+    FedRAMP Rev5 has a two-row header structure where main headers span multiple columns
+    and sub-headers provide specific column names.
+
+    :param header_row: The main header row (categories)
+    :param sub_header_row: The sub-header row (specific columns)
+    :return: List of merged column names
+    :rtype: List[str]
     """
     pd = get_pandas()
-    logger.info("Parsing CIS worksheet...")
-    skip_rows = 2
+    merged_headers = []
+    current_category = None
 
-    validator = ImportValidater(
-        file_path=file_path,
-        disable_mapping=True,
-        required_headers=[],
-        mapping_file_path=gettempdir(),
-        prompt=False,
-        ignore_unnamed=True,
-        worksheet_name=cis_sheet_name,
-        warn_extra_headers=False,
-    )
-    if validator.data.empty:
-        return {}
+    for i, (main, sub) in enumerate(zip(header_row, sub_header_row)):
+        # Update current category if main header has a value
+        if pd.notna(main) and main and str(main).strip():
+            current_category = str(main)
 
-    skip_rows = determine_skip_row(original_df=validator.data, text_to_find=CONTROL_ID, original_skip=skip_rows)
+        # Determine which header value to use
+        header_value = _select_header_value(pd, main, sub, current_category, i)
+        merged_headers.append(header_value)
+
+    return merged_headers
 
-    # Parse the worksheet named 'CIS GovCloud U.S.+DoD (H)', skipping the initial rows
-    original_cis = validator.data
 
-    cis_df = original_cis.iloc[skip_rows:].reset_index(drop=True)
+def _select_header_value(pd: "pd.DataFrame", main, sub, current_category: Optional[str], index: int) -> str:
+    """
+    Select the appropriate header value based on priority: sub-header > main header > category > unnamed.
 
-    # Set the appropriate headers
-    cis_df.columns = cis_df.iloc[0]
+    :param pd.DataFrame pd: The pandas dataframe
+    :param main: Main header value
+    :param sub: Sub-header value
+    :param Optional[str] current_category: Current category from merged cells
+    :param int index: Column index for fallback naming
+    :return: Selected header value
+    :rtype: str
+    """
+    if pd.notna(sub) and sub and str(sub).strip():
+        return str(sub)
+    if pd.notna(main) and main and str(main).strip():
+        return str(main)
+    if current_category:
+        return f"{current_category}_{index}"
+    return f"Unnamed_{index}"
 
-    # Drop any fully empty rows
-    cis_df.dropna(how="all", inplace=True)
 
-    # Reset the index
+def _load_and_prepare_cis_dataframe(file_path: click.Path, cis_sheet_name: str, skip_rows: int):
+    """
+    Load and prepare the CIS dataframe from the workbook.
+
+    :param click.Path file_path: The file path to the workbook
+    :param str cis_sheet_name: The sheet name to parse
+    :param int skip_rows: Number of rows to skip
+    :return: Tuple of (prepared dataframe, updated skip_rows) or (None, skip_rows) if empty
+    """
+    # Read the Excel file directly with pandas to preserve "N/A" as string
+    pd = get_pandas()
+    df = pd.read_excel(file_path, sheet_name=cis_sheet_name, header=None, keep_default_na=False)
+
+    if df.empty:
+        return None, skip_rows
+
+    # Find the row with "Control ID"
+    control_id_row_idx = _find_control_id_row_index(df)
+    if control_id_row_idx is None:
+        logger.error("Could not find 'Control ID' in CIS worksheet")
+        return None, skip_rows
+
+    # Extract and merge the two header rows
+    header_row = df.iloc[control_id_row_idx]
+    sub_header_row = df.iloc[control_id_row_idx + 1]
+    merged_headers = _merge_header_rows(header_row, sub_header_row)
+
+    # Get data starting from two rows after the main header row
+    cis_df = df.iloc[control_id_row_idx + 2 :].reset_index(drop=True)
+    cis_df.columns = merged_headers
+    cis_df.dropna(how="all", inplace=True)
     cis_df.reset_index(drop=True, inplace=True)
 
-    # Only keep the first 13 columns
-    cis_df = cis_df.iloc[:, :13]
+    skip_rows = control_id_row_idx + 2
 
-    # Rename columns to standardize names
-    cis_df.columns = [
-        CONTROL_ID,
+    return cis_df, skip_rows
+
+
+def _extract_status(data_row) -> str:
+    """
+    Extract the first non-empty implementation status from the CIS worksheet.
+
+    :param data_row: The data row to extract the status from
+    :return: The implementation status
+    :rtype: str
+    """
+    selected_status = []
+    for col in [
         "Implemented",
         ControlImplementationStatus.PartiallyImplemented,
         "Planned",
-        ALT_IMPLEMENTATION,
+        ALTERNATIVE_IMPLEMENTATION,  # Use the correct constant
         ControlImplementationStatus.NA,
+    ]:
+        if data_row[col]:
+            selected_status.append(col)
+    return ", ".join(selected_status) if selected_status else ""
+
+
+def _extract_origination(data_row) -> str:
+    """
+    Extract the first non-empty control origination from the CIS worksheet.
+
+    :param data_row: The data row to extract the origination from
+    :return: The control origination
+    :rtype: str
+    """
+    selected_origination = []
+    for col in [
         SERVICE_PROVIDER_CORPORATE,
         SERVICE_PROVIDER_SYSTEM_SPECIFIC,
         SERVICE_PROVIDER_HYBRID,
@@ -1033,75 +1441,53 @@ def parse_cis_worksheet(file_path: click.Path, cis_sheet_name: str) -> dict:
         PROVIDED_BY_CUSTOMER,
         SHARED,
         INHERITED,
-    ]
+    ]:
+        if data_row[col]:
+            selected_origination.append(col)
+    return ", ".join(selected_origination) if selected_origination else ""
 
-    # Fill NaN values with an empty string for processing
-    cis_df = cis_df.fillna("")
-
-    # Function to extract the first non-empty implementation status
-    def _extract_status(data_row: pd.Series) -> str:
-        """
-        Function to extract the first non-empty implementation status from the CIS worksheet
-
-        :param pd.Series data_row: The data row to extract the status from
-        :return: The implementation status
-        :rtype: str
-        """
-        selected_status = []
-        for col in [
-            "Implemented",
-            ControlImplementationStatus.PartiallyImplemented,
-            "Planned",
-            ALT_IMPLEMENTATION,
-            ControlImplementationStatus.NA,
-        ]:
-            if data_row[col]:
-                selected_status.append(col)
-        return ", ".join(selected_status) if selected_status else ""
-
-    # Function to extract the first non-empty control origination
-    def _extract_origination(data_row: pd.Series) -> str:
-        """
-        Function to extract the first non-empty control origination from the CIS worksheet
-
-        :param pd.Series data_row: The data row to extract the origination from
-        :return: The control origination
-        :rtype: str
-        """
-        selected_origination = []
-        for col in [
-            SERVICE_PROVIDER_CORPORATE,
-            SERVICE_PROVIDER_SYSTEM_SPECIFIC,
-            SERVICE_PROVIDER_HYBRID,
-            CONFIGURED_BY_CUSTOMER,
-            PROVIDED_BY_CUSTOMER,
-            SHARED,
-            INHERITED,
-        ]:
-            if data_row[col]:
-                selected_origination.append(col)
-        return ", ".join(selected_origination) if selected_origination else ""
-
-    def _process_row(row: pd.Series) -> dict:
-        """
-        Function to process a row from the CIS worksheet
-
-        :param pd.Series row: The row to process
-        :return: The processed row
-        :rtype: dict
-        """
-        return {
-            "control_id": row[CONTROL_ID],
-            "regscale_control_id": transform_control(row[CONTROL_ID]),
-            "implementation_status": _extract_status(row),
-            "control_origination": _extract_origination(row),
-        }
 
-    # use a threadexecutor to process the rows in parallel
+def _process_cis_row(row) -> dict:
+    """
+    Process a row from the CIS worksheet.
+
+    :param row: The row to process
+    :return: The processed row
+    :rtype: dict
+    """
+    return {
+        "control_id": row[CONTROL_ID],
+        "regscale_control_id": transform_control(row[CONTROL_ID]),
+        "implementation_status": _extract_status(row),
+        "control_origination": _extract_origination(row),
+    }
+
+
+def parse_cis_worksheet(file_path: click.Path, cis_sheet_name: str) -> dict:
+    """
+    Function to parse and format the CIS worksheet content
+
+    :param click.Path file_path: The file path to the FedRAMP CIS CRM workbook
+    :param str cis_sheet_name: The name of the CIS sheet to parse
+    :return: Formatted CIS content
+    :rtype: dict
+    """
+    logger.info("Parsing CIS worksheet...")
+
+    # Load and prepare the dataframe
+    cis_df, _ = _load_and_prepare_cis_dataframe(file_path, cis_sheet_name, skip_rows=2)
+    if cis_df is None:
+        return {}
+
+    # Get expected columns and normalize the dataframe
+    expected_columns = _get_expected_cis_columns()
+    cis_df = _normalize_cis_columns(cis_df, expected_columns)
+
+    # Process rows in parallel
     with ThreadPoolExecutor() as executor:
-        results = list(executor.map(_process_row, [row for _, row in cis_df.iterrows()]))
+        results = list(executor.map(_process_cis_row, [row for _, row in cis_df.iterrows()]))
 
-    # iterate the results and index by control_id
+    # Index by control_id
     return {clean_key(result["control_id"]): result for result in results}
 
 
@@ -1325,7 +1711,7 @@ def extract_control_name(control_string: str) -> str:
     :return: The extracted control name
     :rtype: str
     """
-    pattern = r"^[A-Za-z]{2}-\d{1,3}(?:\(\d+\))?"
+    pattern = r"^[A-Za-z]{2}-\d{1,3}(?:\s*\(\s*\d+\s*\))?"
     match = re.match(pattern, control_string.upper())
     return match.group() if match else ""
 
@@ -1338,8 +1724,8 @@ def rev_4_map(control_id: str) -> Optional[str]:
     :return: The mapped control ID or None if not found
     :rtype: Optional[str]
     """
-    # Regex pattern to match different control ID formats
-    pattern = r"^([A-Z]{2})-(\d{2})\s*(?:\((\d{2})\))?\s*(?:\(([a-z])\))?$"
+    # Regex pattern to match different control ID formats - handles extra spaces like AC-6 ( 1 ) ( a )
+    pattern = r"^([A-Z]{2})-(\d{2})\s*(?:\(\s*(\d{2})\s*\))?\s*(?:\(\s*([a-z])\s*\))?$"
 
     match = re.match(pattern, control_id, re.IGNORECASE)
 
@@ -1464,7 +1850,7 @@ def create_new_security_plan(profile_id: int, system_name: str):
 
     else:
         INITIAL_IMPORT = False
-        ret = next((plan for plan in existing_plan), None)
+        ret = next(iter(existing_plan), None)
         logger.info(f"Found existing SSP# {ret.id}")
         create_backup_file(ret.id)
         existing_imps = ControlImplementation.get_list_by_plan(ret.id)
@@ -1549,7 +1935,7 @@ def copy_and_rename_file(file_path: Path, new_name: str) -> Path:
     """
     Copy and rename a file.
     """
-    temp_folder = Path(tempfile.gettempdir()) / "regscale"
+    temp_folder = Path(gettempdir()) / "regscale"
     temp_folder.mkdir(exist_ok=True)  # Ensure directory exists
 
     new_file_path = temp_folder / new_name
@@ -1610,10 +1996,9 @@ def parse_and_import_ciscrm(
 
     if "5" in version:
         version = "rev5"
-        part_mapper_rev5.load_fedramp_version_5_mapping()
     else:
         version = "rev4"
-        part_mapper_rev4.load_fedramp_version_4_mapping()
+    # No longer loading JSON mappings - using smart algorithm only
     # parse the instructions worksheet to get the csp name, system name, and other data
     instructions_data = parse_instructions_worksheet(df=df, version=version)  # type: ignore
 
@@ -1654,7 +2039,8 @@ def parse_and_import_ciscrm(
     cis_data = parse_cis_worksheet(file_path=file_path, cis_sheet_name=cis_sheet_name)
     crm_data = {}
     if crm_sheet_name:
-        crm_data = parse_crm_worksheet(file_path=file_path, crm_sheet_name=crm_sheet_name, version=version)  # type: ignore
+        # type: ignore
+        crm_data = parse_crm_worksheet(file_path=file_path, crm_sheet_name=crm_sheet_name, version=version)
     if leveraged_auth_id == 0:
         auths = LeveragedAuthorization.get_all_by_parent(ssp.id)
         if auths: