# Data import wizard

### Overview <a href="#overview" id="overview"></a>

If the object supports the domain column, the wizard will attempt to add the object to it, given you have the permission to do so. If the domain is not set, the wizard will default to the fallback domain set on the wizard form.

Fields with (\*) are mandatory and don't have any supported fallback.

Unless marked as mandatory, ref\_id fields can be left blank but the column must still exist.

### 📦 Assets <a href="#assets" id="assets"></a>

#### Template <a href="#template" id="template"></a>

{% file src="<https://1046614898-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FC8wgIUmBg6X6I4FG20jk%2Fuploads%2FrmuF6D9vNUtwoWjHtYWZ%2Fsample001.xlsx?alt=media&token=0c48a4eb-5680-478d-a645-33067e34e553>" %}

#### Supported fields <a href="#supported-fields" id="supported-fields"></a>

* ref\_id
* name\*
* description
* domain
* type
  * `PR` : primary
  * `SP` : supporting

#### Special considerations <a href="#special-considerations" id="special-considerations"></a>

* type will default to `supporting` if the column does not exist

### ⚙️ Applied controls <a href="#applied-controls" id="applied-controls"></a>

#### Template <a href="#template-1" id="template-1"></a>

{% file src="<https://1046614898-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FC8wgIUmBg6X6I4FG20jk%2Fuploads%2FiY6SNBRvJUPqYLhM3maN%2Fsample002.xlsx?alt=media&token=e7110e62-ce42-4273-a09b-bc7ee194a173>" %}

#### Supported fields <a href="#supported-fields-1" id="supported-fields-1"></a>

* ref\_id
* name\*
* description
* domain
* status
  * `to_do`
  * `in_progress`
  * `on_hold`
  * `active`
  * `deprecated`
* category
  * `policy`
  * `process`
  * `technical`
  * `physical`
  * `procedure`
* priority
  * integer from `1 to 4`
* csf\_function
  * `govern`
  * `identify`
  * `protect`
  * `detect`
  * `respond`
  * `recover`

#### Special considerations <a href="#special-considerations-1" id="special-considerations-1"></a>

* status will default to `to_do`
* csf\_function will default to `govern`

### 📦 Perimeters <a href="#perimeters" id="perimeters"></a>

#### Template <a href="#template-2" id="template-2"></a>

{% file src="<https://1046614898-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FC8wgIUmBg6X6I4FG20jk%2Fuploads%2FLC8Dufw395zUaJz43rFw%2Fsample003.xlsx?alt=media&token=e44a8255-c17e-49a5-97bc-355b2967edb3>" %}

#### Supported fields <a href="#supported-fields-2" id="supported-fields-2"></a>

* ref\_id
* name\*
* description
* domain
* status
  * `undefined`
  * `in_design`
  * `in_dev`
  * `in_prod`
  * `eol`
  * `dropped`

### 📃 Audits <a href="#audits" id="audits"></a>

#### Template <a href="#template-3" id="template-3"></a>

To avoid any mixup on the expected fields and the requirements reference, you can get a template for the expected framework by going into `Catalog/Frameworks`

The framework needs to be loaded and when clicking on it, you'll see a button to get the excel file.

#### Supported fields <a href="#supported-fields-3" id="supported-fields-3"></a>

* urn\*
* assessable
* ref\_id\*
* name
* description
* compliance\_result
  * `not_assessed`
  * `partially_compliant`
  * `non_compliant`
  * `compliant`
  * `not_applicable`
* requirement\_progress
  * `to_do`
  * `in_progress`
  * `in_review`
  * `done`
* score
  * integer from `0 to 100`
* observations

#### Special considerations <a href="#special-considerations-2" id="special-considerations-2"></a>

* The wizard will attempt to match based on the ref\_id and fallback to the urn otherwise. If none could be used, the row will be skipped.
* name and description columns are not used but serve as an anchor point for reference.
* Assessable will fallback to false
* Unassessable rows are skipped.

### 🐞 Findings followup (eg. pentest) <a href="#findings-followup-eg.-pentest" id="findings-followup-eg.-pentest"></a>

#### Template <a href="#template-4" id="template-4"></a>

{% file src="<https://1046614898-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FC8wgIUmBg6X6I4FG20jk%2Fuploads%2Fl8Sw7WUtWOGoFmdtDOPJ%2Fsample004.xlsx?alt=media&token=c68fee22-b8c1-4d41-a98a-bcb145f4e6e3>" %}

**Supported fields**

* ref\_id
* name\*
* description
* severity
  * `low`
  * `medium`
  * `high`
  * `critical`
* status\*
  * `identified`
  * `confirmed`
  * `dismissed`
  * `assigned`
  * `in_progress`
  * `mitigated`
  * `resolved`
  * `deprecated`

#### 👥 Users <a href="#users" id="users"></a>

#### Template <a href="#template-5" id="template-5"></a>

{% file src="<https://1046614898-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FC8wgIUmBg6X6I4FG20jk%2Fuploads%2FSm5YvmhPrBrGnYjCRXg8%2Fsample005.xlsx?alt=media&token=a5210de4-32fa-46fa-ad87-6c4c85b1e788>" %}

#### **Supported fields** <a href="#supported-fields-5" id="supported-fields-5"></a>

* email\*
* first\_name
* last\_name

#### ☣️ Risk assessment <a href="#risk-assessment" id="risk-assessment"></a>

The risk assessment is an advanced object that needs special considerations. Make sure to pick the matrix that will be used to map your labels to the values on CISO Assistant. If you have a specific matrix, you should start by including it as a custom library.

inherent\_level, current\_level and residual\_level are kept on the excel sample just for visual aid. The application computes them based on impact and probability to ensure consistency with the matrix definition.

Controls are created on picked based on the perimeter's domain. Line breaks are used as seperator.

Supported fields:

* ref\_id
* name\*
* description
* inherent\_impact
* inherent\_proba
* *existing\_controls*
* current\_impact
* current\_proba
* *additional\_controls*
* residual\_impact
* residual\_proba

{% file src="<https://1046614898-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FC8wgIUmBg6X6I4FG20jk%2Fuploads%2FMOPC3rGN6UuhiQKJ1GNq%2Frisk_assessment_template.xlsx?alt=media&token=d70117fd-bae8-4873-b8ac-b9322a9e7b51>" %}

#### ⚙️ Elementary actions <a href="#elementary-actions" id="elementary-actions"></a>

Elementary actions are useful to model a killchain during the 4th workshop of an EBIOS RM study.

Supported fields:

* ref\_id
* name\*
* description
* attack\_stage\*
  * (in English)
    * know
    * enter
    * *discover*
    * *exploit*
  * (in Fr*ench)*
    * *connaitre*
    * *entrer*
    * *trouver*
    * *exploiter*
* icon
  * *server*
  * *computer*
  * *cloud*
  * *file*
  * *diamond*
  * *phone*
  * *cube*
  * *blocks*
  * *shapes*
  * *network*
  * *database*
  * *key*
  * *search*
  * *carrot*
  * *money*
  * *skull*
  * *globe*
  * *usb*
* domain

{% file src="<https://1046614898-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FC8wgIUmBg6X6I4FG20jk%2Fuploads%2F6MbShtxWq9yV8DPi0upl%2Fsample007.xlsx?alt=media&token=6b6dd169-1164-4c92-a504-666d76b63c53>" %}

#### Reference controls <a href="#reference-controls" id="reference-controls"></a>

Reference controls are templates of the controls to apply. The supported fields are:

* ref\_id
* name
* description
* category
* function
* domain

{% file src="<https://1046614898-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FC8wgIUmBg6X6I4FG20jk%2Fuploads%2FuAbH5OQ9gHKZ5mTHZc1R%2Fsample_reference_controls.xlsx?alt=media&token=b26db512-c11a-4943-ab22-12c9d35c5fb0>" %}

Reference controls can be bundled also as a library.

#### Threats <a href="#threats" id="threats"></a>

* ref\_id
* name
* description
* domain

{% file src="<https://1046614898-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FC8wgIUmBg6X6I4FG20jk%2Fuploads%2FDIP3PTZ3BRM4oYhzvvrj%2Fsample_threats.xlsx?alt=media&token=e0f0de6a-8dbb-4053-9db2-0ccd49c42213>" %}

#### Third parties ecosystems <a href="#third-parties-ecosystems" id="third-parties-ecosystems"></a>

Adding entities, solutions and contracts go through the same file to be able to keep consistent relationships. Each concept needs to be on a separate tab of the excel sheet.

{% file src="<https://1046614898-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FC8wgIUmBg6X6I4FG20jk%2Fuploads%2FFjQ4MOll9cvOsXuTrqKp%2Fthird_parties_ecosystem_template.xlsx?alt=media&token=f95775de-d020-4978-957c-24328af9125d>" %}