PyPI - regscale-cli - Versions diffs - 6.27.2.0__py3-none-any.whl → 6.27.3.0__py3-none-any.whl - Mend

regscale-cli 6.27.2.0py3-none-any.whl → 6.27.3.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of regscale-cli might be problematic. Click here for more details.

Files changed (40) hide show

regscale/_version.py +1 -1
regscale/core/app/application.py +1 -0
regscale/core/app/internal/control_editor.py +73 -21
regscale/core/app/internal/login.py +4 -1
regscale/core/app/internal/model_editor.py +219 -64
regscale/core/login.py +21 -4
regscale/core/utils/date.py +77 -1
regscale/integrations/commercial/aws/scanner.py +4 -1
regscale/integrations/commercial/synqly/query_builder.py +4 -1
regscale/integrations/control_matcher.py +78 -23
regscale/integrations/public/csam/csam.py +572 -763
regscale/integrations/public/csam/csam_agency_defined.py +179 -0
regscale/integrations/public/csam/csam_common.py +154 -0
regscale/integrations/public/csam/csam_controls.py +432 -0
regscale/integrations/public/csam/csam_poam.py +124 -0
regscale/integrations/public/fedramp/click.py +17 -4
regscale/integrations/public/fedramp/fedramp_cis_crm.py +271 -62
regscale/integrations/public/fedramp/poam/scanner.py +74 -7
regscale/integrations/scanner_integration.py +16 -1
regscale/models/integration_models/cisa_kev_data.json +49 -19
regscale/models/integration_models/synqly_models/capabilities.json +1 -1
regscale/models/integration_models/synqly_models/connectors/vulnerabilities.py +35 -2
regscale/models/integration_models/synqly_models/ocsf_mapper.py +41 -12
regscale/models/platform.py +3 -0
regscale/models/regscale_models/__init__.py +5 -0
regscale/models/regscale_models/component.py +1 -1
regscale/models/regscale_models/control_implementation.py +55 -24
regscale/models/regscale_models/organization.py +3 -0
regscale/models/regscale_models/regscale_model.py +17 -5
regscale/models/regscale_models/security_plan.py +1 -0
regscale/regscale.py +11 -1
{regscale_cli-6.27.2.0.dist-info → regscale_cli-6.27.3.0.dist-info}/METADATA +1 -1
{regscale_cli-6.27.2.0.dist-info → regscale_cli-6.27.3.0.dist-info}/RECORD +40 -36
tests/regscale/core/test_login.py +171 -4
tests/regscale/integrations/test_control_matcher.py +24 -0
tests/regscale/models/test_control_implementation.py +118 -3
{regscale_cli-6.27.2.0.dist-info → regscale_cli-6.27.3.0.dist-info}/LICENSE +0 -0
{regscale_cli-6.27.2.0.dist-info → regscale_cli-6.27.3.0.dist-info}/WHEEL +0 -0
{regscale_cli-6.27.2.0.dist-info → regscale_cli-6.27.3.0.dist-info}/entry_points.txt +0 -0
{regscale_cli-6.27.2.0.dist-info → regscale_cli-6.27.3.0.dist-info}/top_level.txt +0 -0

regscale/integrations/public/csam/csam.py CHANGED Viewed

@@ -4,8 +4,7 @@
 # standard python imports
 import logging
-from typing import List, Optional, Tuple, Any, Dict
-from urllib.parse import urljoin
+from typing import List, Optional
 from rich.progress import track
 import click
 from rich.console import Console
@@ -13,22 +12,31 @@ from regscale.core.app.api import Api
 from regscale.core.app.application import Application
 from regscale.core.utils.date import format_to_regscale_iso, date_obj
 from regscale.core.app.utils.app_utils import error_and_exit, filter_list
-from regscale.core.app.utils.parser_utils import safe_date_str
 from regscale.models.regscale_models import (
-    Catalog,
-    ControlImplementation,
-    InheritedControl,
-    Inheritance,
-    Issue,
     Organization,
-    SecurityControl,
     SecurityPlan,
     User,
 )
-from regscale.models.regscale_models.regscale_model import RegScaleModel
 from regscale.models.regscale_models.module import Module
 from regscale.models.regscale_models.form_field_value import FormFieldValue
-from regscale.core.app.utils.regscale_utils import normalize_controlid
+from regscale.integrations.public.csam.csam_poam import import_csam_poams
+from regscale.integrations.public.csam.csam_controls import (
+    import_csam_controls,
+    set_inheritable,
+    import_csam_inheritance,
+)
+from regscale.integrations.public.csam.csam_agency_defined import update_ssp_agency_details
+from regscale.integrations.public.csam.csam_common import (
+    retrieve_ssps_custom_form_map,
+    retrieve_custom_form_ssps_map,
+    retrieve_from_csam,
+    set_custom_fields,
+    fix_form_field_value,
+    CSAM_FIELD_NAME,
+    FISMA_FIELD_NAME,
+    SSP_BASIC_TAB,
+)
 logger = logging.getLogger("regscale")
 console = Console()
@@ -40,14 +48,30 @@ console = Console()
 #
 ####################################################################################################
-SSP_BASIC_TAB = "Basic Info"
 SSP_SYSTEM_TAB = "System Information"
 SSP_FINANCIAL_TAB = "Financial Info"
 SSP_PRIVACY_TAB = "Privacy-Details"
-CSAM_FIELD_NAME = "CSAM Id"
-FISMA_FIELD_NAME = "FISMA Id"
-POAM_ID = "POAM Id"
-SYSTEM_ID = "System ID"
+SSP_CONTINGENCY_TAB = "Continuity and Incident Response"
+CUSTOM_FIELDS_BASIC_LIST = [
+    "acronym",
+    "Classification",
+    "FISMA Reportable",
+    "Contractor System",
+    "Authorization Process",
+    "ATO Date",
+    "ATO Status",
+    "Critical Infrastructure",
+    "Mission Essential",
+    "uiiCode",
+    "HVA Identifier",
+    "External Web Interface",
+    "CFO Designation",
+    "Law Enforcement Sensitive",
+    CSAM_FIELD_NAME,
+    FISMA_FIELD_NAME,
+]
 @click.group()
@@ -77,48 +101,19 @@ def import_poam():
 def import_csam_ssp():
     """
-    Import an SSP from CSAM
+    Import SSPs from CSAM
     Into RegScale
+    According to a filter in init.yaml
     """
-    custom_fields_basic_list = [
-        "acronym",
-        "Financial System",
-        "Classification",
-        "FISMA Reportable",
-        "Contractor System",
-        "Authorization Process",
-        "ATO Date",
-        "Critical Infrastructure",
-        "Mission Essential",
-        "uui Code",
-        "HVA Identifier",
-        "External Web Interface",
-        "CFO Designation",
-        "AI/ML Components",
-        "Law Enforcement Sensitive",
-        CSAM_FIELD_NAME,
-        FISMA_FIELD_NAME,
-    ]
-    custom_fields_financial_list = [
-        "omb Exhibit",
-        "Investment Name",
-        "Portfolio",
-        "Prior Fy Funding",
-        "Current Fy Funding",
-        "Next Fy Funding",
-        "Funding Import Status",
-    ]
+    logger.info("Gathering reference info...")
     # Check Custom Fields exist
     custom_fields_basic_map = FormFieldValue.check_custom_fields(
-        custom_fields_basic_list, "securityplans", SSP_BASIC_TAB
-    )
-    custom_fields_financial_map = FormFieldValue.check_custom_fields(
-        custom_fields_financial_list, "securityplans", SSP_FINANCIAL_TAB
+        CUSTOM_FIELDS_BASIC_LIST, "securityplans", SSP_BASIC_TAB
     )
     # Get a map of existing custom forms
-    ssp_map = retrieve_ssps_custom_form_map(
+    ssp_map = retrieve_custom_form_ssps_map(
         tab_name=SSP_BASIC_TAB, field_form_id=custom_fields_basic_map[FISMA_FIELD_NAME]
     )
@@ -128,16 +123,18 @@ def import_csam_ssp():
     # Grab the data from CSAM
     app = Application()
-    csam_token = app.config.get("csamToken")
-    csam_url = app.config.get("csamURL")
     csam_filter = app.config.get("csamFilter", None)
+    logger.info("Retrieving systems from CSAM...")
     results = retrieve_from_csam(
-        csam_token=csam_token,
-        csam_url=csam_url,
         csam_endpoint="/CSAM/api/v1/systems",
     )
+    if not results:
+        error_and_exit("Failure to retrieve plans from CSAM")
+    else:
+        logger.info("Retrieved plans from CSAM, parsing results...")
     results = filter_list(results, csam_filter)
     if not results:
         error_and_exit(
@@ -145,22 +142,28 @@ def import_csam_ssp():
                        Please check your CSAM configuration."
         )
+    logger.info("Importing systems... ")
     # Parse the results
     updated_ssps = []
     updated_ssps = save_ssp_front_matter(
         results=results,
         ssp_map=ssp_map,
         custom_fields_basic_map=custom_fields_basic_map,
-        custom_fields_financial_map=custom_fields_financial_map,
         org_map=org_map,
     )
     # Now have to get the system details for each system
-    update_ssp_agency_details(updated_ssps, csam_token, csam_url, custom_fields_basic_map)
+    update_ssp_agency_details(updated_ssps, custom_fields_basic_map)
+    # Import the authorization process and status
+    import_csam_authorization(import_ids=[ssp.id for ssp in updated_ssps])
     # Import the Privacy date
     import_csam_privacy_info(import_ids=[ssp.id for ssp in updated_ssps])
+    # Import the Contingency & IR data
+    import_csam_contingency(import_ids=[ssp.id for ssp in updated_ssps])
     # Import the controls
     import_csam_controls(import_ids=[ssp.id for ssp in updated_ssps])
@@ -177,7 +180,7 @@ def import_csam_ssp():
                 continue
             # Set the inheritable flag
-            set_inheritable(regscale_id=result.get("id"))
+            set_inheritable(regscale_id=program_id)
     # Import the Inheritance
     import_csam_inheritance(import_ids=[ssp.id for ssp in updated_ssps])
@@ -186,164 +189,59 @@ def import_csam_ssp():
     import_csam_pocs(import_ids=[ssp.id for ssp in updated_ssps])
-def import_csam_controls(import_ids: Optional[List[int]] = None):
-    """
-    Import Controls from CSAM
+def sync_csam_ssps():
-    :param list import_ids: Filtered list of SSPs
-    :return: None
-    """
-    # Grab the data from CSAM
-    app = Application()
-    csam_token = app.config.get("csamToken")
-    csam_url = app.config.get("csamURL")
-    # Get existing ssps by CSAM Id
-    custom_fields_basic_map = FormFieldValue.check_custom_fields([CSAM_FIELD_NAME], "securityplans", SSP_BASIC_TAB)
-    ssp_map = retrieve_custom_form_ssp_map(
-        tab_name=SSP_BASIC_TAB, field_form_id=custom_fields_basic_map[CSAM_FIELD_NAME]
-    )
-    plans = import_ids if import_ids else list(ssp_map.keys())
-    # Find the Catalogs
-    rev5_catalog_id, rev4_catalog_id = get_catalogs()
-    # Get the list of controls for each catalog
-    rev5_controls = SecurityControl.get_list_by_catalog(catalog_id=rev5_catalog_id)
-    rev4_controls = SecurityControl.get_list_by_catalog(catalog_id=rev4_catalog_id)
-    control_implementations = []
-    for regscale_ssp_id in plans:
-        results = []
-        system_id = ssp_map.get(regscale_ssp_id)
-        # Get the Implementation for AC-1
-        # Check the controlSet
-        # Match the catalog
-        imp = retrieve_from_csam(
-            csam_token=csam_token,
-            csam_url=csam_url,
-            csam_endpoint=f"/CSAM/api/v1/systems/{system_id}/controls/AC-1",
-        )
-        # Get the controls
-        if imp[0].get("controlSet") in ["NIST 800-53 Rev4", "NIST 800-53 Rev5"]:
-            results = retrieve_controls(
-                csam_token=csam_token,
-                csam_url=csam_url,
-                csam_id=system_id,
-                controls=rev4_controls if imp[0].get("controlSet") == "NIST 800-53 Rev4" else rev5_controls,
-                regscale_id=regscale_ssp_id,
-            )
-        else:
-            logger.warning(
-                f"System framework {imp.get('controlSet')} \
-                           for system {system_id} is not supported"
-            )
-            continue
-        if not results:
-            logger.warning(f"No controls found for system id: {system_id}")
-            continue
-        # Build the controls
-        control_implementations = build_implementations(results=results, csam_id=system_id, regscale_id=regscale_ssp_id)
-        # Save the control implementations
-        for index in track(
-            range(len(control_implementations)),
-            description=f"Saving {len(control_implementations)} control implementations...",
-        ):
-            control_implementation = control_implementations[index]
-            control_implementation.create() if control_implementation.id == 0 else control_implementation.save()
-def import_csam_poams():
-    # Check Custom Fields
+    logger.info("Gathering reference info...")
+    # Check Custom Fields exist
     custom_fields_basic_map = FormFieldValue.check_custom_fields(
-        fields_list=[FISMA_FIELD_NAME, CSAM_FIELD_NAME], module_name="securityplans", tab_name=SSP_BASIC_TAB
+        CUSTOM_FIELDS_BASIC_LIST, "securityplans", SSP_BASIC_TAB
     )
-    # Get the SSPs
-    ssp_map = retrieve_ssps_custom_form_map(
+    # Get a map of existing custom forms
+    ssp_map = retrieve_custom_form_ssps_map(
+        tab_name=SSP_BASIC_TAB, field_form_id=custom_fields_basic_map[FISMA_FIELD_NAME]
+    )
+    csam_map = retrieve_custom_form_ssps_map(
         tab_name=SSP_BASIC_TAB, field_form_id=custom_fields_basic_map[CSAM_FIELD_NAME]
     )
-    # Get a list of users and create a map to id
-    users = User.get_all()
-    user_map = {user.userName: user.id for user in users}
+    # Get a list of orgs and create a map to id
+    orgs = Organization.get_list()
+    org_map = {org.name: org.id for org in orgs}
-    # Grab the data from CSAM
-    app = Application()
-    csam_token = app.config.get("csamToken")
-    csam_url = app.config.get("csamURL")
+    csam_list = []
+    for id in csam_map.keys():
+        csam_list.append(int(id))
+    csam_filter = {"id": csam_list}
+    logger.info("Retrieving systems from CSAM...")
     results = retrieve_from_csam(
-        csam_token=csam_token, csam_url=csam_url, csam_endpoint="/CSAM/api/v1/reports/POAM_Details_Report_CBP"
+        csam_endpoint="/CSAM/api/v1/systems",
     )
+    results = filter_list(results, csam_filter)
+    logger.info("Syncing systems... ")
     # Parse the results
-    poam_list = []
-    for index in track(
-        range(len(results)),
-        description=f"Importing {len(results)} POA&Ms...",
-    ):
-        result = results[index]
+    updated_ssps = []
+    updated_ssps = save_ssp_front_matter(
+        results=results,
+        ssp_map=ssp_map,
+        custom_fields_basic_map=custom_fields_basic_map,
+        org_map=org_map,
+    )
-        # Get the existing SSP:
-        ssp_id = ssp_map.get(str(result[SYSTEM_ID]))
-        if not ssp_id:
-            logger.error(
-                f"A RegScale Security Plan does not exist for CSAM id: {result[SYSTEM_ID]}\
-             create or import the Security Plan prior to importing POA&Ms"
-            )
-            continue
+    # Now have to get the system details for each system
+    update_ssp_agency_details(updated_ssps, custom_fields_basic_map)
-        # Check if the POAM exists:
-        existing_issue = Issue.find_by_other_identifier(result[POAM_ID])
-        if existing_issue:
-            new_issue = existing_issue
-        else:
-            new_issue = Issue()
-        # Update the issue
-        new_issue.isPoam = True
-        new_issue.parentId = ssp_id
-        new_issue.parentModule = "securityplans"
-        new_issue.otherIdentifier = result[POAM_ID]
-        new_issue.title = result["POAM Title"]
-        new_issue.affectedControls = result["Controls"]
-        new_issue.securityPlanId = ssp_id
-        new_issue.identification = "Vulnerability Assessment"
-        new_issue.description = result["Detailed Weakness Description"]
-        new_issue.poamComments = f"{result['Weakness Comments']}\n \
-            {result['POA&M Delayed Comments']}\n \
-            {result['POA&M Comments']}"
-        new_issue.dateFirstDetected = safe_date_str(result["Create Date"])
-        new_issue.dueDate = safe_date_str(result["Planned Finish Date"])
-        # Need to convert cost to a int
-        # new_issue.costEstimate = result['Cost']
-        new_issue.issueOwnerId = (
-            user_map.get(result["Email"]) if user_map.get(result["Email"]) else RegScaleModel.get_user_id()
-        )
-        # Update with IssueSeverity String
-        new_issue.severityLevel = result["Severity"]
-        # Update with IssueStatus String
-        new_issue.status = result["Status"]
+    # Import the authorization process and status
+    import_csam_authorization(import_ids=[ssp.id for ssp in updated_ssps])
-        poam_list.append(new_issue)
+    # Import the Privacy date
+    import_csam_privacy_info(import_ids=[ssp.id for ssp in updated_ssps])
-    for index in track(
-        range(len(poam_list)),
-        description=f"Updating RegScale with {len(poam_list)} POA&Ms...",
-    ):
-        poam = poam_list[index]
-        if poam.id == 0:
-            poam.create()
-        else:
-            poam.save()
-    logger.info(f"Added or updated {len(poam_list)} POA&Ms in RegScale")
+    # Import the Contingency & IR data
+    import_csam_contingency(import_ids=[ssp.id for ssp in updated_ssps])
 def import_csam_pocs(import_ids: Optional[List[int]] = None):
@@ -351,19 +249,19 @@ def import_csam_pocs(import_ids: Optional[List[int]] = None):
     Import the Points of Contact from CSAM
     Into RegScale
     """
-    custom_fields_system_list = [
+    custom_fields_pocs_list = [
         "Certifying Official",
         "Alternate Information System Security Manager",
         "Alternate Information System Security Officer",
     ]
     # Check Custom Fields exist
-    custom_fields_system_map = FormFieldValue.check_custom_fields(
-        custom_fields_system_list, "securityplans", SSP_SYSTEM_TAB
+    custom_fields_pocs_map = FormFieldValue.check_custom_fields(
+        custom_fields_pocs_list, "securityplans", "Points of Contact"
     )
     # Get existing ssps by CSAM Id
     custom_fields_basic_map = FormFieldValue.check_custom_fields([CSAM_FIELD_NAME], "securityplans", SSP_BASIC_TAB)
-    ssp_map = retrieve_custom_form_ssp_map(
+    ssp_map = retrieve_ssps_custom_form_map(
         tab_name=SSP_BASIC_TAB, field_form_id=custom_fields_basic_map[CSAM_FIELD_NAME]
     )
@@ -375,7 +273,7 @@ def import_csam_pocs(import_ids: Optional[List[int]] = None):
     # TO DO... Add the rest of the logic
     # Delete these lines: Added to shut up sonarqube
-    logger.debug(f"Custom Fields Map: {custom_fields_system_map}, User Map: {user_map}")
+    logger.debug(f"Custom Fields Map: {custom_fields_pocs_map}, User Map: {user_map}")
     logger.debug(f"SSP Map: {ssp_map}, Plans: {plans}")
@@ -384,62 +282,72 @@ def import_csam_privacy_info(import_ids: Optional[List[int]] = None):
     Import the Privacy Info from CSAM
     Into RegScale
     """
-    custom_fields_privacy_list = ["PIA Date", "PTA Date", "SORN Date", "SORN Id"]
-    # Check for custom fields
-    custom_fields_privacy_map = FormFieldValue.check_custom_fields(
-        custom_fields_privacy_list, "securityplans", SSP_PRIVACY_TAB
-    )
-    # Grab the data from CSAM
-    app = Application()
-    csam_token = app.config.get("csamToken")
-    csam_url = app.config.get("csamURL")
     # Get existing ssps by CSAM Id
     custom_fields_basic_map = FormFieldValue.check_custom_fields([CSAM_FIELD_NAME], "securityplans", SSP_BASIC_TAB)
-    ssp_map = retrieve_custom_form_ssp_map(
+    ssp_map = retrieve_ssps_custom_form_map(
         tab_name=SSP_BASIC_TAB, field_form_id=custom_fields_basic_map[CSAM_FIELD_NAME]
     )
-    plans = import_ids if import_ids else list(ssp_map.keys())
+    ssps = import_ids if import_ids else list(ssp_map.keys())
-    for regscale_ssp_id in plans:
-        system_id = ssp_map.get(regscale_ssp_id)
+    updated_ssps = []
+    if len(ssps) == 0:
+        return
+    for index in track(
+        range(len(ssps)),
+        description=f"Importing {len(ssps)} SSP privacy...",
+    ):
+        ssp = ssps[index]
+        system_id = ssp_map.get(ssp)
+        if not system_id:
+            logger.error(f"Could not find CSAM ID for SSP id: {ssp}")
+            continue
+        else:
+            updated_ssps.append(ssp)
-        # Get Privacy Status
-        privacy_status = retrieve_from_csam(
-            csam_token=csam_token,
-            csam_url=csam_url,
-            csam_endpoint=f"/CSAM/api/v1/systems/{system_id}/privacy",
-        )
-        pia_date = privacy_status.get("privacyImpactAssessmentDateCompleted")
-        pta_date = privacy_status.get("privacyThresholdAnalysisDateCompleted")
+        result = retrieve_from_csam(csam_endpoint=f"/CSAM/api/v1/systems/{system_id}/privacy")
+        if len(result) == 0:
+            logger.error(f"Could not retrieve privacy for CSAM ID {system_id}. RegScale SSP id: {ssp}")
+            continue
+        pia_date = result.get("privacyImpactAssessmentDateCompleted")
+        pta_date = result.get("privacyThresholdAnalysisDateCompleted")
         # Get SORN Status
-        sorn_statuses = retrieve_from_csam(
-            csam_token=csam_token,
-            csam_url=csam_url,
+        result = retrieve_from_csam(
             csam_endpoint=f"/CSAM/api/v1/systems/{system_id}/sorn",
         )
+        if len(result) == 0:
+            logger.debug(f"Could not retrieve SORN for CSAM ID {system_id}. RegScale SSP id: {ssp}")
+            continue
         sorn_date = 0
         sorn_id = ""
-        for sorn_status in sorn_statuses:
+        for sorn_status in result:
             if date_obj(sorn_status.get("publishedDate")) > date_obj(sorn_date):
                 sorn_date = sorn_status.get("publishedDate")
                 sorn_id = sorn_status.get("systemOfRecordsNoticeId").strip()
         # Set the records
         record = {"pia_date": pia_date, "pta_date": pta_date, "sorn_date": sorn_date, "sorn_id": sorn_id}
-        save_privacy_records(regscale_id=regscale_ssp_id, custom_fields_map=custom_fields_privacy_map, record=record)
+        save_privacy_records(regscale_id=ssp, record=record)
+        logger.info(f"Updated {len(updated_ssps)} Security Plans with privacy data")
-def save_privacy_records(regscale_id: int, custom_fields_map: dict, record: dict):
+def save_privacy_records(regscale_id: int, record: dict):
+    custom_fields_privacy_list = ["PIA Date", "PTA Date", "SORN Date", "SORN Id"]
+    # Check for custom fields
+    custom_fields_map = FormFieldValue.check_custom_fields(custom_fields_privacy_list, "securityplans", SSP_PRIVACY_TAB)
     privacy_fields = []
     if record.get("pia_date"):
         privacy_fields.append(
             {
                 "record_id": regscale_id,
+                "record_module": "securityplans",
                 "form_field_id": custom_fields_map["PIA Date"],
                 "field_value": format_to_regscale_iso(record.get("pia_date")),
             }
@@ -448,6 +356,7 @@ def save_privacy_records(regscale_id: int, custom_fields_map: dict, record: dict
         privacy_fields.append(
             {
                 "record_id": regscale_id,
+                "record_module": "securityplans",
                 "form_field_id": custom_fields_map["PTA Date"],
                 "field_value": format_to_regscale_iso(record.get("pta_date")),
             }
@@ -456,6 +365,7 @@ def save_privacy_records(regscale_id: int, custom_fields_map: dict, record: dict
         privacy_fields.append(
             {
                 "record_id": regscale_id,
+                "record_module": "securityplans",
                 "form_field_id": custom_fields_map["SORN Date"],
                 "field_value": format_to_regscale_iso(record.get("sorn_date")),
             }
@@ -464,149 +374,368 @@ def save_privacy_records(regscale_id: int, custom_fields_map: dict, record: dict
         privacy_fields.append(
             {
                 "record_id": regscale_id,
+                "record_module": "securityplans",
                 "form_field_id": custom_fields_map["SORN Id"],
-                "field_value": record.get("sorn_id"),
+                "field_value": str(record.get("sorn_id")),
             }
         )
     if len(privacy_fields) > 0:
+        privacy_fields = fix_form_field_value(privacy_fields)
         FormFieldValue.save_custom_fields(privacy_fields)
-def import_csam_status():
+def import_csam_authorization(import_ids: Optional[List[int]] = None):
     """
-    Import the Status Info from CSAM
-    Into RegScale
+    Update the Authorization of the SSPs
+    This requires a call to the /system/{id}/securityauthorization
+    endpoint
+    :param list import_ids: Filtered list of SSPs
+    :return: None
     """
-    # TO DO... Add the rest of the logic
-    pass
+    # Get existing ssps by CSAM Id
+    custom_fields_basic_map = FormFieldValue.check_custom_fields([CSAM_FIELD_NAME], "securityplans", SSP_BASIC_TAB)
+    ssp_map = retrieve_ssps_custom_form_map(
+        tab_name=SSP_BASIC_TAB, field_form_id=custom_fields_basic_map[CSAM_FIELD_NAME]
+    )
+    ssps = import_ids if import_ids else list(ssp_map.keys())
-def import_csam_inheritance(import_ids: Optional[List[int]] = None):
+    updated_ssps = []
+    field_values = []
+    if len(ssps) == 0:
+        return
+    for index in track(
+        range(len(ssps)),
+        description=f"Importing {len(ssps)} SSP authorization...",
+    ):
+        ssp = ssps[index]
+        csam_id = ssp_map.get(ssp)
+        if not csam_id:
+            logger.error(f"Could not find CSAM ID for SSP id: {ssp}")
+            continue
+        else:
+            updated_ssps.append(ssp)
+        result = retrieve_from_csam(
+            csam_endpoint=f"/CSAM/api/v1/systems/{csam_id}/securityauthorization",
+        )
+        if len(result) == 0:
+            logger.error(f"Could not retrieve details for CSAM ID {csam_id}. RegScale SSP id: {ssp}")
+            continue
+        # Set the authorization expiration date
+        ssp_obj = SecurityPlan.get_object(object_id=ssp)
+        if ssp_obj:
+            ssp_obj.authorizationTerminationDate = result.get("authorizationExpirationDate")
+            ssp_obj.save()
+        else:
+            logger.debug(f"Failed to retrieve Security Plan id: {ssp}")
+        # Get the custom fields
+        field_values.append(
+            {
+                "record_id": ssp,
+                "record_module": "securityplans",
+                "form_field_id": custom_fields_basic_map["Authorization Process"],
+                "field_value": str(result.get("authorizationProcess")),
+            }
+        )
+        field_values.append(
+            {
+                "record_id": ssp,
+                "record_module": "securityplans",
+                "form_field_id": custom_fields_basic_map["ATO Date"],
+                "field_value": str(result.get("lastAuthorizationDate")),
+            }
+        )
+        field_values.append(
+            {
+                "record_id": ssp,
+                "record_module": "securityplans",
+                "form_field_id": custom_fields_basic_map["ATO Status"],
+                "field_value": str(result.get("authorizationStatus")),
+            }
+        )
+    # Save the Custom Fields
+    if len(field_values) > 0:
+        field_values = fix_form_field_value(field_values)
+        FormFieldValue.save_custom_fields(field_values)
+    logger.info(f"Updated {len(updated_ssps)} Security Plans with authorization data")
+def import_csam_contingency(import_ids: Optional[List[int]] = None):
     """
-    Import control inheritance from CSAM
+    Update the Contingency & IR of the SSPs
+    This requires a call to the /systems/<system_id>/continuityresponse
+    endpoint
-    :param list import_ids: List of SSPs to import
+    :param list import_ids: Filtered list of SSPs
     :return: None
     """
+    # Continuity & IR Fields
+    # Goes to "Continuity and Incident Response" Tab
+    # /CSAM/api/v1/systems/<system_id>/continuityresponse
+    continuity_map = {
+        "maximumTolerableDowntime": "MTD",
+        "recoveryTimeObjective": "RTO",
+        "recoveryPointObjective": "RPO",
+        "businessImpactAnalysisDateCompleted": "BIA Completed",
+        "businessImpactAnalysisNextDueDate": "BIA Next Due Date",
+        "contingencyPlanDateCompleted": "CP Completed",
+        "contingencyPlanNextDueDate": "CP Next Due Date",
+        "contingencyPlanTrainingDateCompleted": "CP Training Completed",
+        "contingencyPlanTrainingNextDueDate": "CP Training Next Due Date",
+        "contingencyPlanTestNextDueDate": "CP Test Next Due Date",
+        "incidentResponsePlanDateCompleted": "IRP Completed",
+        "incidentResponsePlanNextDueDate": "IRP Next Due Date",
+        "incidentResponsePlanTrainingDateCompleted": "IRP Training Completed",
+        "incidentResponsePlanTrainingNextDueDate": "IRP Training Next Due Date",
+        "incidentResponsePlanTestNextDueDate": "IRP Test Next Due Date",
+    }
-    # Get list of existing SSPs in RegScale
-    existing_ssps = SecurityPlan.get_ssp_list()
-    ssp_map = {ssp["title"]: ssp["id"] for ssp in existing_ssps}
+    # /CSAM/api/v1/systems/<system_id>/continuitytest
+    # testItem == "Contingency Plan (CP)""
+    continuity_test_map = {"testType": "CP Test Type", "dateTested": "CP Date Tested", "outcome": "CP Test Outcome"}
+    # testItem == "Incident Response Plan (IRP)"
+    irp_test_map = {"testType": "IRP Test Type", "dateTested": "IRP Date Tested", "outcome": "IRP Test Outcome"}
+    # /CSAM/api/v1/systems/{system_id}/additionalstatus
+    # name == "Contingency Plan Review"
+    contingency_plan_map = {
+        "dateCompleted": "CPR Completed",
+        "nextDueDate": "CPR Next Due Date",
+        "expirationDate": "CPR Expiration Date",
+    }
+    continuity_ir_fields = []
+    continuity_ir_fields = continuity_ir_fields + list(continuity_map.values())
+    continuity_ir_fields = continuity_ir_fields + list(continuity_test_map.values())
+    continuity_ir_fields = continuity_ir_fields + list(irp_test_map.values())
+    continuity_ir_fields = continuity_ir_fields + list(contingency_plan_map.values())
+    continuity_ir_fields_map = FormFieldValue.check_custom_fields(
+        continuity_ir_fields, "securityplans", "Continuity and Incident Response"
+    )
-    if not import_ids:
-        import_ids = [ssp["id"] for ssp in existing_ssps]
+    # name == "Document Review Approval"
+    # goes to "Document Review" Tab
+    doc_approv_map = {
+        "dateCompleted": "Doc Review Completed",
+        "nextDueDate": "Doc Review Next Due Date",
+        "expirationDate": "Doc Review Expiration Date",
+    }
+    doc_approv_fields = list(doc_approv_map.values())
+    doc_approv_fields_map = FormFieldValue.check_custom_fields(doc_approv_fields, "securityplans", "Document Review")
-    # Get Inheritance data from CSAM
-    app = Application()
+    # Get existing ssps by CSAM Id
+    custom_fields_basic_map = FormFieldValue.check_custom_fields([CSAM_FIELD_NAME], "securityplans", SSP_BASIC_TAB)
+    ssp_map = retrieve_ssps_custom_form_map(
+        tab_name=SSP_BASIC_TAB, field_form_id=custom_fields_basic_map[CSAM_FIELD_NAME]
+    )
+    ssps = import_ids if import_ids else list(ssp_map.keys())
+    updated_ssps = []
+    field_values = []
+    if len(ssps) == 0:
+        return
     for index in track(
-        range(len(import_ids)),
-        description=f"Importing inheritance for {len(import_ids)} Systems...",
+        range(len(ssps)),
+        description=f"Importing {len(ssps)} SSP contingency data...",
     ):
-        ssp = SecurityPlan.get_object(object_id=import_ids[index])
-        linked_ssps = []
-        # Get the inheritance data from CSAM
-        inheritances = retrieve_from_csam(
-            csam_url=app.config.get("csamURL"),
-            csam_token=app.config.get("csamToken"),
-            csam_endpoint=f"/CSAM/api/v1/systems/{ssp.otherIdentifier}/inheritedcontrols",
-        )
-        if not inheritances:
-            logger.debug(f"No inheritance data found for SSP {ssp.systemName} (ID: {ssp.id})")
+        ssp = ssps[index]
+        csam_id = ssp_map.get(ssp)
+        if not csam_id:
+            logger.error(f"Could not find CSAM ID for SSP id: {ssp}")
             continue
-        # Process each inheritance record
-        imp_map = ControlImplementation.get_control_label_map_by_plan(plan_id=ssp.id)
+        else:
+            updated_ssps.append(ssp)
-        process_inheritances(
-            inheritances=inheritances, ssp=ssp, ssp_map=ssp_map, imp_map=imp_map, linked_ssps=linked_ssps
+        continuity_response = get_continuity_response_fields(
+            ssp=ssp, csam_id=csam_id, continuity_ir_fields_map=continuity_ir_fields_map, continuity_map=continuity_map
         )
+        field_values = field_values + continuity_response
+        continuity_test = get_continuity_test_fields(
+            ssp=ssp,
+            csam_id=csam_id,
+            continuity_ir_fields_map=continuity_ir_fields_map,
+            continuity_test_map=continuity_test_map,
+            irp_test_map=irp_test_map,
+        )
+        field_values = field_values + continuity_test
-def retrieve_from_csam(csam_url: str, csam_token: str, csam_endpoint: str) -> list:
-    """
-    Connect to CSAM and retrieve data
+        additional_status = get_additional_status_fields(
+            ssp=ssp,
+            csam_id=csam_id,
+            continuity_ir_fields_map=continuity_ir_fields_map,
+            contingency_plan_map=contingency_plan_map,
+            doc_approv_fields_map=doc_approv_fields_map,
+            doc_approv_map=doc_approv_map,
+        )
+        field_values = field_values + additional_status
-    :param str csam_url: URL of CSAM System
-    :param str csam_token: Bearer Token
-    :param str csam_endpoint: API Endpoint
-    :return: List of dict objects
-    :return_type: list
-    """
-    logger.debug("Retrieving data from CSAM")
-    reg_api = Api()
-    if "Bearer" not in csam_token:
-        csam_token = f"Bearer {csam_token}"
-    url = urljoin(csam_url, csam_endpoint)
-    headers = {
-        "Content-Type": "application/json",
-        "Accept": "application/json",
-        "Authorization": csam_token,
+    # Save the Custom Fields
+    if len(field_values) > 0:
+        field_values = fix_form_field_value(field_values)
+        FormFieldValue.save_custom_fields(field_values)
+    logger.info(f"Updated {len(updated_ssps)} Security Plans with contingency data")
+def get_continuity_response_fields(ssp: int, csam_id: int, continuity_map: dict, continuity_ir_fields_map: dict):
+    # Get the data from /continuityresponse
+    result = retrieve_from_csam(
+        csam_endpoint=f"/CSAM/api/v1/systems/{csam_id}/continuityresponse",
+    )
+    if not result:
+        logger.error(f"Could not retrieve details for CSAM ID {csam_id}. RegScale SSP id: {ssp}")
+        return []
+    response_data = result[0]
+    # Pre-compute the field mapping to avoid nested lookups
+    field_mapping = {
+        field: continuity_ir_fields_map[mapped_name]
+        for field, mapped_name in continuity_map.items()
+        if mapped_name in continuity_ir_fields_map
+    }
+    # Build field values with single-level lookup
+    return [
+        {
+            "record_id": ssp,
+            "record_module": "securityplans",
+            "form_field_id": field_id,
+            "field_value": str(response_data[field]),
+        }
+        for field, field_id in field_mapping.items()
+        if field in response_data
+    ]
+def get_continuity_test_fields(
+    ssp: int, csam_id: int, continuity_ir_fields_map: dict, continuity_test_map: dict, irp_test_map: dict
+):
+    # Get the data from continuitytest
+    results = retrieve_from_csam(csam_endpoint=f"/CSAM/api/v1/systems/{csam_id}/continuitytest")
+    if not results:
+        logger.error(f"Could not retrieve details for CSAM ID {csam_id}. RegScale SSP id: {ssp}")
+        return []
+    # Pre-compute field mappings to avoid nested lookups
+    cp_field_mapping = {
+        field: continuity_ir_fields_map[mapped_name]
+        for field, mapped_name in continuity_test_map.items()
+        if mapped_name in continuity_ir_fields_map
+    }
+    irp_field_mapping = {
+        field: continuity_ir_fields_map[mapped_name]
+        for field, mapped_name in irp_test_map.items()
+        if mapped_name in continuity_ir_fields_map
     }
-    issue_response = reg_api.get(url=url, headers=headers)
-    if not issue_response or issue_response.status_code in [204, 404]:
-        logger.warning(f"Call to {url} Returned error: {issue_response.text}")
+    field_values = []
+    for result in results:
+        test_item = result.get("testItem")
+        # Process Contingency Plan (CP) fields
+        if test_item == "Contingency Plan (CP)":
+            field_values.extend(
+                [
+                    {
+                        "record_id": ssp,
+                        "record_module": "securityplans",
+                        "form_field_id": field_id,
+                        "field_value": str(result[field]),
+                    }
+                    for field, field_id in cp_field_mapping.items()
+                    if field in result
+                ]
+            )
+        # Process Incident Response Plan (IRP) fields
+        elif test_item == "Incident Response Plan (IRP)":
+            field_values.extend(
+                [
+                    {
+                        "record_id": ssp,
+                        "record_module": "securityplans",
+                        "form_field_id": field_id,
+                        "field_value": str(result[field]),
+                    }
+                    for field, field_id in irp_field_mapping.items()
+                    if field in result
+                ]
+            )
+    return field_values
+def get_additional_status_fields(
+    ssp: int,
+    csam_id: int,
+    continuity_ir_fields_map: dict,
+    contingency_plan_map: dict,
+    doc_approv_fields_map: dict,
+    doc_approv_map: dict,
+):
+    # Get the data from additional status
+    results = retrieve_from_csam(csam_endpoint=f"/CSAM/api/v1/systems/{csam_id}/additionalstatus")
+    if not results:
+        logger.error(f"Could not retrieve details for CSAM ID {csam_id}. RegScale SSP id: {ssp}")
         return []
-    if issue_response and issue_response.ok:
-        return issue_response.json()
-    return []
+    # Pre-compute field mappings to avoid nested lookups
+    cp_field_mapping = {
+        field: continuity_ir_fields_map[mapped_name]
+        for field, mapped_name in contingency_plan_map.items()
+        if mapped_name in continuity_ir_fields_map
+    }
+    doc_field_mapping = {
+        field: doc_approv_fields_map[mapped_name]
+        for field, mapped_name in doc_approv_map.items()
+        if mapped_name in doc_approv_fields_map
+    }
-def retrieve_ssps_custom_form_map(tab_name: str, field_form_id: int) -> dict:
-    """
-    Retreives a list of the SSPs in RegScale
-    Returns a map of Custom Field Value: RegScale Id
-    :param str tab_name: The RegScale tab name where the custom field is located
-    :param int field_form_id: The RegScale Form Id of custom field
-    :param int tab_id: The RegScale tab id
-    :return: dictionary of FieldForm Id: regscale_ssp_id
-    :return_type: dict
-    """
-    tab = Module.get_tab_by_name(regscale_module_name="securityplans", regscale_tab_name=tab_name)
-    field_form_map = {}
-    ssps = SecurityPlan.get_ssp_list()
-    form_values = []
-    for ssp in ssps:
-        form_values = FormFieldValue.get_field_values(
-            record_id=ssp["id"], module_name=SecurityPlan.get_module_slug(), form_id=tab.id
-        )
+    field_values = []
+    for result in results:
+        result_name = result.get("name")
-        for form in form_values:
-            if form.formFieldId == field_form_id and form.data:
-                field_form_map[form.data] = ssp["id"]
-        form_values = []
-    return field_form_map
+        # Process Contingency Plan Review fields
+        if result_name == "Contingency Plan Review":
+            field_values.extend(
+                [
+                    {
+                        "record_id": ssp,
+                        "record_module": "securityplans",
+                        "form_field_id": field_id,
+                        "field_value": str(result[field]),
+                    }
+                    for field, field_id in cp_field_mapping.items()
+                    if field in result
+                ]
+            )
+        # Process Document Review Approval fields
+        elif result_name == "Document Review Approval":
+            field_values.extend(
+                [
+                    {
+                        "record_id": ssp,
+                        "record_module": "securityplans",
+                        "form_field_id": field_id,
+                        "field_value": str(result[field]),
+                    }
+                    for field, field_id in doc_field_mapping.items()
+                    if field in result
+                ]
+            )
-def retrieve_custom_form_ssp_map(tab_name: str, field_form_id: int) -> dict:
-    """
-    Retreives a list of the SSPs in RegScale
-    Returns a map of RegScale ID: Custom Field Value
-    :param str tab_name: The RegScale tab name where the custom field is located
-    :param int field_form_id: The RegScale Form Id of custom field
-    :param int tab_id: The RegScale tab id
-    :return: dictionary of FieldForm Id: regscale_ssp_id
-    :return_type: dict
-    """
-    tab = Module.get_tab_by_name(regscale_module_name="securityplans", regscale_tab_name=tab_name)
-    field_form_map = {}
-    ssps = SecurityPlan.get_ssp_list()
-    form_values = []
-    for ssp in ssps:
-        form_values = FormFieldValue.get_field_values(
-            record_id=ssp["id"], module_name=SecurityPlan.get_module_slug(), form_id=tab.id
-        )
-        for form in form_values:
-            if form.formFieldId == field_form_id and form.data:
-                field_form_map[ssp["id"]] = form.data
-        form_values = []
-    return field_form_map
+    return field_values
 def update_ssp_general(ssp: SecurityPlan, record: dict, org_map: dict) -> SecurityPlan:
@@ -629,6 +758,7 @@ def update_ssp_general(ssp: SecurityPlan, record: dict, org_map: dict) -> Securi
     ssp.status = record["operationalStatus"]
     ssp.systemType = record["systemType"]
     ssp.description = record["purpose"]
+    ssp.defaultAssessmentDays = 0
     if record["organization"] and org_map.get(record["organization"]):
         ssp.orgId = org_map.get(record["organization"])
@@ -640,20 +770,18 @@ def update_ssp_general(ssp: SecurityPlan, record: dict, org_map: dict) -> Securi
     return new_ssp
-def save_ssp_front_matter(
-    results: list, ssp_map: dict, custom_fields_basic_map: dict, custom_fields_financial_map: dict, org_map: dict
-) -> list:
+def save_ssp_front_matter(results: list, ssp_map: dict, custom_fields_basic_map: dict, org_map: dict) -> list:
     """
     Save the SSP data from the /systems endpoint
     :param list results: list of results from CSAM
     :param dict ssp_map: map of existing SSPs in RegScale
     :param dict custom_fields_basic_map: map of custom fields in RegScale
-    :param dict custom_fields_financial_map: map of custom fields in RegScale
     :param dict org_map: map of existing orgs in RegScale
     :return: list of updated SSPs
     :return_type: List[SecurityPlan]
     """
     updated_ssps = []
     for index in track(
         range(len(results)),
@@ -671,107 +799,17 @@ def save_ssp_front_matter(
         ssp = update_ssp_general(ssp, result, org_map)
         # Grab the Custom Fields
-        field_values = set_front_matter_fields(
-            ssp=ssp,
-            result=result,
-            custom_fields_basic_map=custom_fields_basic_map,
-            custom_fields_financial_map=custom_fields_financial_map,
-        )
+        field_values = set_front_matter_fields(ssp=ssp, result=result, custom_fields_basic_map=custom_fields_basic_map)
         # System Custom Fields
+        field_values = fix_form_field_value(field_values)
         FormFieldValue.save_custom_fields(field_values)
         updated_ssps.append(ssp)
     logger.info(f"Updated {len(results)} Security Plans Front Matter")
     return updated_ssps
-def update_ssp_agency_details(ssps: list, csam_token: str, csam_url: str, custom_fields_basic_map: dict) -> list:
-    """
-    Update the Agency Details of the SSPs
-    This requires a call to the /system/{id}/agencydefineddataitems
-    endpoint
-    :param list ssps: list of RegScale SSPs
-    :param str csam_token: CSAM Bearer Token
-    :param str csam_url: CSAM URL
-    :param dict custom_fields_basic_map: map of custom fields in RegScale
-    :return: list of updated SSPs
-    :return_type: List[SecurityPlan]
-    """
-    updated_ssps = []
-    if len(ssps) == 0:
-        return updated_ssps
-    for index in track(
-        range(len(ssps)),
-        description=f"Importing {len(ssps)} SSP agency details...",
-    ):
-        ssp = ssps[index]
-        csam_id = ssp.otherIdentifier
-        if not csam_id:
-            logger.error(f"Could not find CSAM ID for SSP {ssp.systemName} id: {ssp.id}")
-            continue
-        else:
-            updated_ssps.append(ssp)
-        result = retrieve_from_csam(
-            csam_token=csam_token,
-            csam_url=csam_url,
-            csam_endpoint=f"/CSAM/api/v1/systems/{csam_id}/agencydefineddataitems",
-        )
-        if len(result) == 0:
-            logger.error(
-                f"Could not retrieve details for CSAM ID {csam_id}. RegScale SSP: Name: {ssp.systemName} id: {ssp.id}"
-            )
-            continue
-        # Get the custom fields
-        set_agency_details(result, ssp, custom_fields_basic_map)
-    logger.info(f"Updated {len(updated_ssps)} Security Plans with Agency Details")
-    return updated_ssps
-def set_agency_details(result: list, ssp: SecurityPlan, custom_fields_basic_map: dict):
-    """
-    Loop through results of agencydefineddataitems
-    and set the custom fields in RegScale
-    :param list result: list of dict objects from CSAM
-    :param SecurityPlan ssp: RegScale Security Plan
-    :param dict custom_fields_basic_map: map of custom field names to ids
-    """
-    field_values = []
-    # Update the fields we need
-    for item in result:
-        if item.get("attributeName") == "High Value Asset":
-            ssp.hva = True if item.get("value") == "1" else False
-        # Binary Values
-        if item.get("attributeName") in [
-            "External Web Interface",
-            "CFO Designation",
-            "Law Enforcement Sensitive",
-            "AI/ML Components",
-        ]:
-            field_values.append(set_binary_fields(item, ssp, custom_fields_basic_map))
-        if item.get("attributeName") == "Cloud System":
-            ssp = set_cloud_system(ssp, item)
-        if item.get("attributeName") == "Cloud Service Model":
-            ssp = set_cloud_service(ssp, item)
-        if item.get("attributeName") == "HVA Identifier":
-            field_values.append(set_custom_fields(item, ssp, custom_fields_basic_map))
-    # Save the SSP & Custom Fields
-    ssp.save()
-    if len(field_values) > 0:
-        FormFieldValue.save_custom_fields(field_values)
-def set_front_matter_fields(
-    ssp: SecurityPlan, result: dict, custom_fields_basic_map: dict, custom_fields_financial_map: dict
-) -> list:
+def set_front_matter_fields(ssp: SecurityPlan, result: dict, custom_fields_basic_map: dict) -> list:
     """
     parse the front matter custom fields
     and return a list of field values to be saved
@@ -779,351 +817,122 @@ def set_front_matter_fields(
     :param SecurityPlan ssp: RegScale Security Plan object
     :param dict result: response from CSAM
     :param dict custom_fields_basic_map: map of basic custom fields
-    :param dict custom_fields_financial_map: map of financial custom fields
     :return: list of dictionaries with field values
     :return_type: list
     """
-    field_values = []
-    # FISMA ID
-    field_values.append(
+    custom_fields_financial_list = [
+        "Financial System",
+        "omb Exhibit",
+        "Investment Name",
+        "Portfolio",
+        "Prior Fy Funding",
+        "Current Fy Funding",
+        "Next Fy Funding",
+        "Funding Import Status",
+    ]
+    custom_fields_financial_map = FormFieldValue.check_custom_fields(
+        custom_fields_financial_list, "securityplans", SSP_FINANCIAL_TAB
+    )
+    custom_fields_map = {
+        "acronym": "acronym",
+        "classification": "Classification",
+        "fismaReportable": "FISMA Reportable",
+        "contractorSystem": "Contractor System",
+        "criticalInfrastructure": "Critical Infrastructure",
+        "missionCritical": "Mission Essential",
+        "uiiCode": "uiiCode",
+    }
+    custom_fields_fin_map = {
+        "financialSystem": "Financial System",
+        "ombExhibit": "omb Exhibit",
+        "investmentName": "Investment Name",
+        "portfolio": "Portfolio",
+        "priorFyFunding": "Prior Fy Funding",
+        "currentFyFunding": "Current Fy Funding",
+        "nextFyFunding": "Next Fy Funding",
+        "fundingImportStatus": "Funding Import Status",
+    }
+    # Pre-compute field mappings to avoid nested lookups
+    basic_field_mapping = {
+        field: custom_fields_basic_map[mapped_name]
+        for field, mapped_name in custom_fields_map.items()
+        if mapped_name in custom_fields_basic_map and field in result
+    }
+    financial_field_mapping = {
+        field: custom_fields_financial_map[mapped_name]
+        for field, mapped_name in custom_fields_fin_map.items()
+        if mapped_name in custom_fields_financial_map and field in result
+    }
+    # Start with required ID fields
+    field_values = [
         {
             "record_id": ssp.id,
+            "record_module": "securityplans",
             "form_field_id": custom_fields_basic_map[FISMA_FIELD_NAME],
             "field_value": str(result["externalId"]),
-        }
-    )
-    # CSAM ID
-    field_values.append(
+        },
         {
             "record_id": ssp.id,
+            "record_module": "securityplans",
             "form_field_id": custom_fields_basic_map[CSAM_FIELD_NAME],
             "field_value": str(result["id"]),
-        }
-    )
-    # Basic Tab
-    for key in result.keys():
-        if key in custom_fields_basic_map.keys() and key not in [CSAM_FIELD_NAME, FISMA_FIELD_NAME]:
-            if isinstance(result.get(key), bool):
-                field_values.append(
-                    {
-                        "record_id": ssp.id,
-                        "form_field_id": custom_fields_basic_map[key],
-                        "field_value": "Yes" if result.get(key) else "No",
-                    }
-                )
-            else:
-                field_values.append(
-                    {
-                        "record_id": ssp.id,
-                        "form_field_id": custom_fields_basic_map[key],
-                        "field_value": str(result.get(key)),
-                    }
-                )
-    # Financial Info Tab
-    # custom fields and csam values match
-    for key in result.keys():
-        if key in custom_fields_financial_map.keys():
-            field_values.append(
-                {
-                    "record_id": ssp.id,
-                    "form_field_id": custom_fields_financial_map[key],
-                    "field_value": str(result.get(key)),
-                }
-            )
-    return field_values
-def set_cloud_system(ssp: SecurityPlan, item: dict) -> SecurityPlan:
-    """
-    Set the cloud system values in the SSP
-    :param SeucrityPlan ssp: RegScale Security Plan
-    :param dict item: record from CSAM
-    :return: SecurityPlan object with updated cloud system values
-    :return_type: SecurityPlan
-    """
-    ssp.bDeployPublic = True if item.get("value") == "Public" else False
-    ssp.bDeployPrivate = True if item.get("value") == "Private" else False
-    ssp.bDeployHybrid = True if item.get("value") == "Hybrid" else False
-    ssp.bDeployGov = True if item.get("value") == "GovCloud" else False
-    ssp.bDeployOther = True if item.get("value") == "Community" else False
-    if ssp.bDeployHybrid or ssp.bDeployOther:
-        ssp.deployOtherRemarks = "Hybrid or Community"
-    return ssp
-def set_cloud_service(ssp: SecurityPlan, item: dict) -> SecurityPlan:
-    """
-    Set the cloud service model values in the SSP
-    :param SecurityPlan ssp: RegScale Security Plan
-    :param dict item: record from CSAM
-    :return: Updated SecurityPlan object
-    :return_type: SecurityPlan
-    """
-    ssp.bModelIaaS = True if "IaaS" in item.get("value") else False
-    ssp.bModelPaaS = True if "PaaS" in item.get("value") else False
-    ssp.bModelSaaS = True if "SaaS" in item.get("value") else False
-    return ssp
-def set_binary_fields(item: dict, ssp: SecurityPlan, custom_fields_map: dict) -> dict:
-    return {
-        "record_id": ssp.id,
-        "form_field_id": custom_fields_map[item.get("attributeName")],
-        "field_value": "Yes" if (item.get("value")) == "1" else "No",
-    }
-def set_custom_fields(item: dict, ssp: SecurityPlan, custom_fields_map: dict) -> dict:
-    """
-    Set the custom fields for the SSP
-    :param dict item: record from CSAM
-    :param SecurityPlan ssp: RegScale Security Plan
-    :param dict custom_fields_map: map of custom fields in RegScale
-    :return: dictionary of field values to be saved
-    :return_type: dict
-    """
-    return {
-        "record_id": ssp.id,
-        "form_field_id": custom_fields_map[item.get("attributeName")],
-        "field_value": str(item.get("value")),
-    }
-def get_catalogs() -> Tuple[Optional[int], Optional[int]]:
-    """
-    Get the catalog ids for NIST SP 800-53 Rev 5 and Rev 4
-    :return: tuple of catalog ids
-    :return_type: Tuple[Optional[int], Optional[int]]
-    """
-    # Find the Catalogs
-    rev5_catalog = Catalog.find_by_guid("b0c40faa-fda4-4ed3-83df-368908d9e9b2")  # NIST SP 800-53 Rev 5
-    rev5_catalog_id = rev5_catalog.id if rev5_catalog else None
-    rev4_catalog = Catalog.find_by_guid("02158108-e491-49de-b9a8-3cb1cb8197dd")  # NIST SP 800-53 Rev 4
-    rev4_catalog_id = rev4_catalog.id if rev4_catalog else None
+        },
+    ]
-    return rev5_catalog_id, rev4_catalog_id
+    # Process basic tab fields
+    field_values.extend(_create_basic_field_values(ssp.id, result, basic_field_mapping))
+    # Process financial tab fields
+    field_values.extend(_create_financial_field_values(ssp.id, result, financial_field_mapping))
-def build_implementations(results: list, csam_id: str, regscale_id: int) -> list:
-    """
-    Build out the control implementations
-    from the results returned from CSAM
+    return field_values
-    :param list results: records from CSAM
-    :param int csam_id: CSAM System Id
-    :param int regscale_id: RegScale SSP Id
-    :return: list of ControlImplementation objects
-    :return_type: list
-    """
-    existing_implementations = ControlImplementation.get_list_by_parent(
-        regscale_id=regscale_id, regscale_module="securityplans"
-    )
-    implementations_map = {normalize_controlid(impl["controlId"]): impl["id"] for impl in existing_implementations}
-    control_implementations = []
-    # Loop through the results and create or update the controls
-    for index in track(
-        range(len(results)),
-        description=f"Importing {len(results)} controls for system id: {csam_id}...",
-    ):
-        result = results[index]
-        # Debug
-        imp_id = (
-            implementations_map.get(normalize_controlid(result["controlId"]))
-            if normalize_controlid(result["controlId"]) in implementations_map
-            else 0
-        )
-        control_implementations.append(
-            ControlImplementation(
-                id=imp_id,
-                status=(
-                    "Fully Implemented" if result["statedImplementationStatus"] == "Implemented" else "Not Implemented"
-                ),  # Implemented
-                responsibility=(
-                    result["applicability"]
-                    if result["applicability"] in ["Hybrid", "Inherited"]
-                    else "Provider (System Specific)"
-                ),  # Hybrid, Applicable
-                controlSource="Baseline",
-                implementation=result["implementationStatement"],
-                controlID=result["controlID"],
-                parentId=result["securityPlanId"],
-                parentModule="securityplans",
-            )
-        )
-    return control_implementations
+def _create_basic_field_values(record_id: int, result: dict, field_mapping: dict) -> list:
+    """Helper function to create basic field values with proper type handling"""
+    field_values = []
+    for field, field_id in field_mapping.items():
+        value = result.get(field)
+        if isinstance(value, bool):
+            field_value = "Yes" if value else "No"
+        else:
+            field_value = str(value)
-def retrieve_controls(csam_token: str, csam_url: str, csam_id: int, controls: list, regscale_id: int) -> list:
-    """
-    Takes a system id and list of controls
-    returns a list of implmentations for
-    that system id and framework
-    :param str csam_token: access token for CSAM
-    :param str csam_url: url for CSAM API
-    :param int system_id: CSAM system id
-    :param str framework: Framework name
-    :param list controls: list of possible controls
-    :param int regscale_id: RegScale SSP Id
-    :return: list of control implementations
-    :return_type: list
-    """
-    imps = []
-    # Loop through the controls and get the implementations
-    for index in track(
-        range(len(controls)),
-        description=f"Retrieving implementations for system id: {csam_id}...",
-    ):
-        control = controls[index]
-        implementations = retrieve_from_csam(
-            csam_token=csam_token,
-            csam_url=csam_url,
-            csam_endpoint=f"/CSAM/api/v1/systems/{csam_id}/controls/{control.controlId}",
+        field_values.append(
+            {
+                "record_id": record_id,
+                "record_module": "securityplans",
+                "form_field_id": field_id,
+                "field_value": field_value,
+            }
         )
+    return field_values
-        if len(implementations) == 0:
-            logger.debug(f"No implementations found for control {control.controlId} in system id: {csam_id}")
-            continue
-        # Add the RegScale SSP Id and controlID to the implementation
-        for impl in implementations:
-            if "NotApplicable" in impl["applicability"]:
-                continue
-            impl["securityPlanId"] = regscale_id
-            impl["controlID"] = control.id
-            imps.append(impl)
-    return imps
-def set_inheritable(regscale_id: int):
-    """
-    Given a RegScale SSP Id
-    Sets the inheritable flag on all control implementations
-    :param int regscale_id: id of Security Plan
-    :return: None
-    """
-    # Get list of existing controlimplementations
-    implementations = ControlImplementation.get_list_by_parent(regscale_id=regscale_id, regscale_module="securityplans")
-    for index in track(
-        range(len(implementations)),
-        description="Setting controls Inheritable...",
-    ):
-        implementation = implementations[index]
-        imp = ControlImplementation.get_object(object_id=implementation["id"])
-        imp.inheritable = True
-        imp.save()
-def process_inheritances(
-    inheritances: List[Dict[str, Any]],
-    ssp: SecurityPlan,
-    ssp_map: Dict[str, int],
-    imp_map: Dict[str, int],
-    linked_ssps: List[SecurityPlan],
-):
-    for inheritance in inheritances:
-        # Check if the control exists in plan
-        control_id = normalize_controlid(inheritance.get("controlId"))
-        if control_id not in imp_map:
-            logger.debug(f"Control {control_id} not found in RegScale for SSP {ssp.systemName} (ID: {ssp.id})")
-            continue
-        # Find the baseControl in RegScale
-        # Find the SSP
-        base_ssp = ssp_map.get(inheritance.get("offeringSystemName"))
-        if not base_ssp:
-            logger.debug(f"Base SSP {inheritance.get('offeringSystemName')} not found in RegScale, skipping")
-            continue
-        base_control_map = ControlImplementation.get_control_label_map_by_plan(plan_id=base_ssp)
-        base_control_id = base_control_map.get(normalize_controlid(inheritance.get("controlId")))
+def _create_financial_field_values(record_id: int, result: dict, field_mapping: dict) -> list:
+    """Helper function to create financial field values with proper handling of funding fields"""
+    funding_fields = ["priorFyFunding", "currentFyFunding", "nextFyFunding"]
-        # Create or update the inheritance record
-        if inheritance.get("isInherited") is False:
-            continue
-        # Add the parent if not already linked
-        if base_ssp not in linked_ssps:
-            linked_ssps.append(base_ssp)
-        # Create the records
-        create_inheritance(
-            parent_id=ssp.id,
-            parent_module="securityplans",
-            hybrid=inheritance.get("isHybrid", True),
-            base_id=base_ssp,
-            control_id=imp_map[control_id],
-            base_control_id=base_control_id,
-        )
+    field_values = []
+    for field, field_id in field_mapping.items():
+        value = result.get(field)
+        # Handle blank dollar values
+        if field in funding_fields:
+            field_value = str(value) if value else "0"
+        else:
+            field_value = str(value)
-    # Create the Inheritance Record(s)
-    for inheritance_ssp in linked_ssps:
-        create_inheritance_linage(
-            parent_id=ssp.id,
-            parent_module="securityplans",
-            base_id=inheritance_ssp,
+        field_values.append(
+            {
+                "record_id": record_id,
+                "record_module": "securityplans",
+                "form_field_id": field_id,
+                "field_value": field_value,
+            }
         )
-def create_inheritance(
-    parent_id: int, parent_module: str, base_id: int, hybrid: bool, control_id: int, base_control_id: int
-):
-    """
-    Creates the records for inheritance
-    :param int parent_id: Id of inheriting record
-    :param str parent_module: Module of inheriting record
-    :param int base_id: Id of inherited record
-    :param bool hybrid: Is the control hybrid
-    :param int control_id: Id of inheriting control
-    :param int base_control_id: Id of inherited control
-    :return: None
-    """
-    # Update the control implementation
-    control_impl = ControlImplementation.get_object(object_id=control_id)
-    if control_impl:
-        control_impl.bInherited = True
-        control_impl.responsibility = "Hybrid" if hybrid else "Inherited"
-        control_impl.inheritedControlId = base_control_id
-        control_impl.inheritedSecurityPlanId = base_id
-        control_impl.save()
-    # Check if the Inherited Control already exists
-    existing = InheritedControl.get_all_by_control(control_id=control_id)
-    for exists in existing:
-        if exists["inheritedControlId"] == base_control_id:
-            return
-    InheritedControl(
-        parentId=parent_id, parentModule=parent_module, baseControlId=control_id, inheritedControlId=base_control_id
-    ).create()
-def create_inheritance_linage(parent_id: int, parent_module: str, base_id: int):
-    """
-    Creates a RegScale Inheritance Record
-    :param int parent_id: Id of inheriting record
-    :param str parent_module: Module of inheriting record
-    :param int base_control_id: Id of inherited control
-    :return: None
-    """
-    # Check if the Inheritance already exists
-    existing = Inheritance.get_all_by_parent(parent_id=parent_id, parent_module=parent_module)
-    for exists in existing:
-        if exists.planId == base_id:
-            return
-    # Update Lineage (no way to update.. only create)
-    Inheritance(recordId=parent_id, recordModule=parent_module, planId=base_id).create()
+    return field_values

regscale-cli 6.27.2.0__py3-none-any.whl → 6.27.3.0__py3-none-any.whl

Potentially problematic release.

regscale-cli 6.27.2.0py3-none-any.whl → 6.27.3.0py3-none-any.whl