In this article
- In this use case, we will explore how to add additional questions and answers dynamically based upon the selection of a certain asset type.
- User 1 selects Protected Health Information as an asset type and then the organization wants to capture whether or not that information is encrypted at rest on that device in a secondary questionnaire
- SYSTEM_SETTINGS_UPDATE (to create global assets)
- EDIT_RULES (creating questionnaires using the rules engine)
- DROOLS_CREATION_RULE (creating questionnaires using DROOLS)
If the preliminary asset category has not been created already, please see How to create a new asset for instructions on creating the asset that will trigger the additional questionnaire.
- Determine the asset answer that be the condition for the subsequent action of Insert question. In this example, we will use the "Stored" answer to the asset question about the storage of Protected Health Information.
- Navigate to the rules module, select a library to place the rule in, and select new rule.
- Provide a name for the rule and select the component module.
- Select the condition drop down and select "Answer is selected" for the condition and then choose the answer text for the specific question you are seeking. In this example, we will select "Protected Health Information: Stored".
- Select the new action drop down and select Insert Question.
- If you would like the question to appear on a different tab, you can specify the tab that you want this question to be added to. By default, it will add it to the same tab.
- Provide the question in the question text field and provide a unique ID for the question. Add any additional information that might be relevant for end users.
- Select save.
- Now that the supplemental question has been added, answers need to be populated.
- Select new rule and provide a rule name. This rule needs be saved in the component module.
- Select the condition drop down and select "question exists" from the drop down. Select the question that you would like to populate answers for from the question dropdown.
- Select the new action drop down and select "insert answer" from the drop down. Insert the answer "no" for one action and insert the answer "yes" for the second answer.
- Select save for this rule.
- If you go back and select this asset on a given component and select next on the component questionnaire, you would now see an additional questionnaire and additional tab added with your question and answer combination.
- Based on the answer to this secondary questionnaire, additional actions can be appended to your threat model. Those actions include the following:
- Answer Question
- Answer Question From Main Questionnaire
- Apply Security Standard
- Import Risk Pattern
- Import Specific Risk
- Import Specific Use Case
- Insert Answer
- Insert Conclusion
- Insert Notification
- Insert Question
- Mark Countermeasure as Implemented
- Mark Countermeasure as Required
- Modify Mitigation value
- Move to Trust Zone
- Set Custom Field Value
In this example, I might import a risk pattern for data exfiltration with countermeasures related to encryption of data at rest.
If you need additional assistance working with the rules engine, please see one of the following articles:
Article is closed for comments.