Control Editor
Control Editor CLI
This CLI feature will allow you to edit Control Implementations inside of a Microsoft Excel spreadsheet, save those changes, and update them to the RegScale database. Its purpose to create a familiar user experience for control attestation based on Excel workflows while allows seamless upload of edits to the database without any duplicate data entry.
Problem to Solve
Executives want the benefits of a real-time compliance system but practitioners want the familiar user experience and simplicity offered by Excel.
Solution
The control editor was designed to provide a simple, repeatable, and consistent process for using Microsoft Excel to bulk edit security controls. This process is as follows:
- Run a command to pull down all available controls for a given security plan or component
- The system then builds a templated and validated Excel file and loads the data for editing
- The practitioner then makes their edits in Excel
- Run a command to bulk update all records in the system in seconds
Details
The following fields are required to utilize this feature:
regscale_id
- The ID (primary key) of the parent record housing the controls (NOTE: this is typically a Security Plan or a Component)regscale_module
- The name for the parent module you would like to view for the Control Implementations (NOTE: this is typically 'securityplans' or 'components'), please view RegScale Modules for options.path
- A temporary file path for where you will edit and save the excel file in your current working directory--path
- this value is already set as a default
The purpose of this CLI feature is to provide the ability to pull all Control Implementations, using a given rescale_id
and regscale_module
, into an Excel spreadsheet and allow clients with appropriate access to update the following fields:
-
status
- This field may be one of the following: Not Implemented, Fully Implemented, In Remediation, Not Applicable, Inherited, Planned -
policy
- This field is a string value describing the policy for what the outcome or success criteria for the implementation must achieve -
implementation
- This field is a string value describing how the policy will be implemented -
responsibility
- who is responsible for this control (Cloud Service Provider, Shared Responsibility, Customer Responsibility, etc.) -
inheritable
- this is a Boolean value that determines if the control can be inherited in other security plans or components
The CLI feature will analyze any differences made to these fields and make bulk updates where necessary in the RegScale database.
Control Editor Workflow
- Log into RegScale to set the token, which is good for 24 hours, and will secure all future RegScale API calls. (NOTE: You can skip this step if you are using a RegScale Service Account.)
regscale login
- Execute data_download command.
- Open "artifacts" folder located in current working directory and make changes to "all_implementations" workbook.
- Save changes to "all_implementations" workbook.
- Execute data_upload command.
- Check "artifacts" folder for file "differences.txt" to view a detailed listing of all changes that were made.
- Execute delete_files command.
(NOTE: It is important to follow steps as listed to ensure data accuracy and efficient loading. Always complete all steps and in the proper order.)
Example Commands
Enter the parameters below with your desired information
Create the excel file structure and load the current data from RegScale database into your workbook.
regscale control_editor generate
--regscale_id
- The desired Parent ID--regscale_module
- The desired RegScale Module--path
- the path for the export file
Make all edits necessary directly in Excel and save the workbook.
Upload any changes made to your excel workbook to the RegScale database.
regscale control_editor load
and confirm that all data has been saved prior to upload--path
- the path to the import file--skip_prompt
- To skip prompt asking if data has been saved.
Delete all files from folder "artifacts" created in current working directory.
regscale control_editor delete_files
Updated 10 months ago