Landing page and dashboard views
The landing page in the Operational Resilience Workspace provides a single-pane overview of the services, business services, and pillars in your organization. The dashboard displays resilience metrics, including operational status, completed activities, red flags, and suggestions for improvement.
The flexible data model introduced with Operational Resilience, Release 21.0.x provides a foundation for the dashboards and tracks the flow of dependent services. The data, including red flags by type, such as failed controls, incidents, and outages, and business service metrics such as number of flags, importance, and impact tolerance, is updated in the dashboard through changes to the flexible data model.
The data shown in the example is for business services such as business service by number of red flags, business service by importance, business service by impact tolerance. You can change it service offerings, business processes, or application services by configuring the sn_oper_res.top_class_name property. You can then change the top class to another object and the system shows data with respect to that specific top class.
Calculation and roll up of red flags
The dashboard shown in the earlier example displays a range of 1-30 red flags. Upon selecting, it shows a detailed breakdown, showing a total of 20 red flags, with 3 specifically attributed to the "cards and payments" level. This illustrates the roll-up functionality, which aggregates red flags beneath the selected "Cards and Payments" business service, providing a hierarchical view of the data.
The value "24" shown in the Total red flags count column is the roll-up value of the red flags for all entities under the "Cards and Payments" business service.
The Calculate red flags for CSDM and dependencies scheduled job does not create new records in the [sn_oper_res_profile] table. Instead, it recomputes the impacted objects for the existing sn_oper_res_profile records using data from the [sn_grc_m2m_profile_profile] table.
- The sn_oper_res_profile.pillar is not empty.
- The sn_oper_res_profile.applies_to field is not empty.
The red flags fetching mechanism can use either the sn_oper_res_profile.profile condition, the sn_oper_res_profile.applies_to condition, or a combination of both.
The red flags also inherit the impacted objects and impacted object classes from the [sn_oper_res_profile] record. For example if an application service's Operational Resilience profile lists Business service, Offering, and Business process as impacted objects (shown in the Impacted objects column), these objects are copied to all associated red flags for the application service and its related entities.
Conditions for calculating the red flags
This section uses the sn_oper_res_profile.profile and sn_oper_res_profile.applies_to conditions for reference. The criteria for calculating red flags and the relevant tables are detailed in the Red flags calculation table.
| Red flags | Table | Conditions | Notes |
|---|---|---|---|
| High risks - Advanced risk | [sn_risk_advanced_risk_assessment_instance] | Conditions:
|
For all these risks, staging records are created in the [sn_oper_res_risk] table. |
| Failed controls: Step 1 (Optional) | [sn_compliance_m2m_control_entity] (sn_compliance_control ← → sn_grc_profile) | Conditions:
|
A list of controls is extracted and are valid red flags. |
| Failed controls: Step 2 | [sn_compliance_control] | Conditions:
|
For all these controls, staging records are created in the [sn_oper_res_failed_control] table. |
| Issues: Step 1 (Optional) | [sn_grc_m2m_issue_to_entity] (sn_grc_issue ←→ sn_grc_profile) | Conditions:
|
A list of issues is extracted and are valid red flags. |
| Issues: Step 2 (Optional) If one of the following pillars is used, then this step is considered:
|
|
A joint query is performed using the two tables and [sn_grc_issue] is fetched for the service, business service, and offering. | These are appended in the list of issues from step 1. |
| Issues: Step 3 | [sn_grc_issue] | Conditions:
|
For all these issues, staging records are created in the [sn_oper_res_issue] table. |
| Incident: Step 1 | incident | Conditions:
|
For all these incidents, staging records are created in the [sn_oper_res_incident] table. |
| Incident: Step 2 (Optional) | [task_ci] | Conditions:
|
|
| Incident: Step 3 | [task_cmdb_ci_service] | Conditions:
|
|
| Change request: Step 1 | [change_request] | Conditions:
|
For all these change requests, staging records are created in the [sn_oper_res_change_request] table. |
| Change request: Step 2 (Optional) | [task_ci] | Conditions:
|
|
| Change request: Step 3 | [task_cmdb_ci_service] | Conditions:
|
|
| Outage |
For each record in [cmdb_ci_outage], one record is created in the [cmdb_ci_outage_ci_mtom] table. In [cmdb_ci_outage], for each affected CIs, a record is inserted in the [cmdb_ci_outage_ci_mtom] table. |
Conditions:
|
For all these outages, staging records are created in the [sn_oper_res_outage] table. |
| Task | [task] | Conditions:
|
For all these tasks, staging records are created in the [sn_oper_res_task] table. |
| Operational vulnerabilities: Step 1 (optional) | [sn_grc_case_mgmt_related_area] | Conditions:
|
For all these vulnerabilities, staging records are created in the [sn_oper_res_vulnerability_profile] table. |
| Operational vulnerabilities: Step 2 (optional) | [sn_grc_case_mgmt_impacted_area] | Conditions:
|
|
| Third party risk assessments | [sn_vdr_risk_asmt_assessment] | Conditions:
|
For all these assessments, staging records are created in the [sn_oper_res_tprm] table. |
Sample query conditions for Operational Resilience integration
The Operational Resilience application uses entities to integrate with Risk Management, Advanced Risk, and Policy and Compliance Management. Operational Resilience uses the applies_to value of an entity to integrate with other tables. To illustrate how these integrations work, the following table provides examples of query conditions for various integration types, demonstrating the role of Entity and applies_to in facilitating these connections.
| Table | Condition | Function | Integrated Application |
|---|---|---|---|
| task_ci |
|
_createIncidentAndChangeRequestsWithImpactedAndAffectedCis | Incident |
| task_ci |
|
_createIncidentAndChangeRequestsWithImpactedAndAffectedCis | Change request |
| task_cmdb_ci_service |
|
_createIncidentWithCriticalService | Incident |
| task_cmdb_ci_service |
|
_createIncidentWithCriticalService | Change request |
| cmdb_outage_ci_mtom |
|
_createOpresOutageWithAffectedCis | Outage |
| sn_grc_case_mgmt_impacted_area |
|
_createOpresVulProfileForImpactedAreas | Operational Vulnerability |
| sn_grc_case_mgmt_related_area |
|
_createOpresVulProfileForRelatedAreas | Operational Vulnerability |
| sn_grc_m2m_issue_to_entity |
|
_createServiceWithOpenIssue | Issue |
| sn_grc_issue |
|
_createServiceWithOpenIssue | Issue |
|
|||
| Task | Task | ||
| Sn_risk_risk |
|
__serviceWithHighRisk |
Risk |
| sn_risk_advanced_risk_assessment_instance |
|
_advancedServiceWithHighRisk | Advanced risk |
| sn_compliance_m2m_control_entity |
|
_createServiceWithFailedControl | Policy and compliance |
| sn_compliance_control |
|
createServiceWithFailedControl | Policy and compliance |
| sn_bcp_plan_asset | #1
|
_createServiceWithBCMPlan Otherwise, mark the Applies_to as “No plan” | Business continuity management |
| sn_recovery_activated_plan | #2
|
Otherwise, mark the Applies_to as “No exercise” | |
| sn_recovery_event_asset | #3
|
If event asset’s state is ‘not recovered’, mark the Applies_to as “No recovered”. Otherwise, mark the Applies_to as “Recovered” | |
| sn_vul_vulnerable_item |
|
_computeVulnerabilityEntities | Vulnerability response |
| sn_oper_res_tprm |
|
_createServiceWithThirdPartyRiskAsmt | Third-party risk assessment |