Updating description of my Risk Statements moves retired risks back to draft

JH4
Tera Contributor

‎10-17-2022 03:35 PM

When I went in to update the description of Risk Statements, it moved all retired risks that inherits that risk statement back to draft mode.  I don't understand why it did that.  Please assist.

0 Helpfuls
  • 1,130 Views
8 REPLIES 8

Sebastien Fix
Giga Guru
Giga Guru

‎10-18-2022 11:34 PM

This is why I don't like this BR OOTB, changing a comma in Description should have no impact to existing Risks/Controls in Monitor or Retired state. My comment around Monitor being worse is because once in "monitor", it means the risk/control has been assessed; I don't want those valid risk/controls to go back to Draft and require a new assessment to be sent out. 

If a Risk is Retired and goes back to Draft, it looks a bit messy but no one needs to do any more work. Monitor to Draft means a requirement to re-assess...

In the script you can easily see which changes to which fields will impact the change to a new State (the last line). So you can easily either remove "description" from the list of fields; or add a line at the start to exclude Risks/Controls in Retired state.

SebastienFix_0-1666161109498.png

 

JH4
Tera Contributor
In response to Sebastien Fix

‎10-19-2022 06:35 AM

Thank you.  This is very helpful.  Do you see any repercussions of doing this (removing the description line or adding the line to exclude)? 

 

What would be the syntax if I wanted to "add a line at the start to exclude Risks/Controls in Retired state?"

 

Also on the Controls side, is it also called Cascade Changes BR that I would have to change as well?

0 Helpfuls

JH4
Tera Contributor
In response to Sebastien Fix

‎02-09-2023 02:32 PM

Bumping this back, could you please advise what the code would be if I wanted to exclude the retired risk to be put back into Draft?  Thank you.

0 Helpfuls

Manus_Bolton
Tera Contributor

‎03-28-2025 06:39 AM - edited ‎03-28-2025 11:01 PM

Hi @Community Alums  & @JH4 

 

Thank you for your insight pertaining to the above-mentioned business rule, I made changes to the business rule to exclude updating the Risk state 'draft' is the risk.category is 'Operational', however it does not seems to be working. Any Advise would be appreciated , please find script below: 

 
(function executeRule(current, previous) {
    var risk = new GlideRecord('sn_risk_risk');
    risk.addQuery('content', current.sys_id);
    risk.addQuery('instance', true);
    risk.query();

    while (risk.next()) {
        // Update the risk name if it matches the previous name
        if (risk.name == previous.name) {
            risk.name = current.name + '';
        }
       
        // Update other fields
        risk.description = current.description + '';
        risk.reference = current.reference + '';
        risk.category = current.category + '';
        risk.type = current.type + '';
        risk.classification = current.classification + '';
        risk.attestation = current.attestation + '';

        // Check if the risk category is not "IT risk" before setting the state to "draft"
        if (risk.category != 'Operational') {
            risk.state = 'draft'; // Set state to draft only if category is not Operational
        }

        // Update the risk record
        risk.update();
    }
})(current, previous);

 

0 Helpfuls