Package dev.metaschema.oscal.lib.model

Class AssessmentPlan

java.lang.Object
dev.metaschema.oscal.lib.model.AbstractOscalInstance
dev.metaschema.oscal.lib.model.AssessmentPlan
All Implemented Interfaces:
dev.metaschema.core.model.IBoundObject, IOscalInstance
@MetaschemaAssembly(formalName="Security Assessment Plan (SAP)", description="An assessment plan, such as those provided by a FedRAMP assessor.", name="assessment-plan", moduleClass=OscalApModule.class, rootName="assessment-plan", valueConstraints=@ValueConstraints(lets=@Let(name="all-imports",target="recurse-depth(\'.[import-ssp]/doc(resolve-uri(Q{http://csrc.nist.gov/ns/oscal/1.0}resolve-reference(import-ssp/@href)))/system-security-plan|.[import-profile]/resolve-profile(doc(resolve-uri(Q{http://csrc.nist.gov/ns/oscal/1.0}resolve-reference(import-profile/@href))))/catalog\')")), modelConstraints=@AssemblyConstraints(index={@Index(id="oscal-ap-index-metadata-scoped-role-id",formalName="In-Scope Role Identifiers",description="An index of role identifiers that are in-scope for the assessment-plan model. Roles are collected from imported system-securtity-plans, which in turn includes referenced profiles and catalogs. For a given role @id, a locally declared role takes precedence over a role that is imported, the role that was last imported.",level=ERROR,target="map:merge($all-imports/metadata/role ! map:entry(@id,.))?*",name="index-imports-metadata-role-id",keyFields=@KeyField(target="@id")),@Index(id="oscal-ap-index-metadata-scoped-location-uuid",level=ERROR,target="map:merge($all-imports/metadata/location ! map:entry(@uuid,.))?*",name="index-imports-metadata-location-uuid",keyFields=@KeyField(target="@uuid")),@Index(id="oscal-ap-index-metadata-scoped-party-uuid",level=ERROR,target="map:merge($all-imports/metadata/party ! map:entry(@uuid,.))?*",name="index-imports-metadata-party-uuid",keyFields=@KeyField(target="@uuid")),@Index(id="oscal-ap-index-metadata-scoped-party-organization-uuid",level=ERROR,target="map:merge($all-imports/metadata/party[@type=\'organization\'] ! map:entry(@uuid,.))?*",name="index-imports-metadata-party-organization-uuid",keyFields=@KeyField(target="@uuid")),@Index(id="oscal-ap-index-metadata-scoped-property-uuid",level=ERROR,target="map:merge($all-imports//prop[@uuid] ! map:entry(@uuid,.))?*",name="index-imports-metadata-property-uuid",keyFields=@KeyField(target="@uuid"))},unique={@IsUnique(id="oscal-unique-document-id",formalName="Unique Document Identifier",description="Ensure all document identifiers have a unique combination of @scheme and value.",level=ERROR,target="document-id",keyFields={@KeyField(target="@scheme"),@KeyField}),@IsUnique(id="oscal-unique-property-in-context-location",formalName="Unique Properties",description="Ensure all properties are unique for a given location using a unique combination of @ns, @name, @class. @group. and @value.",level=ERROR,target=".//prop",keyFields={@KeyField(target="path(..)"),@KeyField(target="@name"),@KeyField(target="@ns"),@KeyField(target="@class"),@KeyField(target="@group"),@KeyField(target="@value")}),@IsUnique(id="oscal-unique-link-in-context-location",formalName="Unique Links",description="Ensure all links are unique for a given location using a unique combination of @href, @rel, and @media-type.",level=ERROR,target=".//link",keyFields={@KeyField(target="path(..)"),@KeyField(target="@href"),@KeyField(target="@rel"),@KeyField(target="@media-type"),@KeyField(target="@resource-fragment")}),@IsUnique(id="oscal-unique-responsibility-in-context-location",formalName="Unique Responsibilities",description="Ensure all responsible-roles and responsible-parties are unique for a given location using a unique combination of @role-id and the combination of @party-uuid values.",level=ERROR,target=".//(responsible-party|responsible-role)",keyFields={@KeyField(target="path(..)"),@KeyField(target="@role-id"),@KeyField(target="@party-uuid")},remarks="Since `responsible-party` and `responsible-role` associate multiple `party-uuid` entries with a single `role-id`, each role-id must be referenced only once.")})) public class AssessmentPlan extends AbstractOscalInstance implements dev.metaschema.core.model.IBoundObject
An assessment plan, such as those provided by a FedRAMP assessor.

  • Constructor Details

    • AssessmentPlan

      public AssessmentPlan()
      Constructs a new dev.metaschema.oscal.lib.model.AssessmentPlan instance with no metadata.

    • AssessmentPlan

      public AssessmentPlan(dev.metaschema.core.model.IMetaschemaData data)
      Constructs a new dev.metaschema.oscal.lib.model.AssessmentPlan instance with the specified metadata.
      Parameters:
      data - the metaschema data, or null if none

  • Method Details

    • getMetaschemaData

      public dev.metaschema.core.model.IMetaschemaData getMetaschemaData()
      Specified by:
      getMetaschemaData in interface dev.metaschema.core.model.IBoundObject

    • getUuid

      @NonNull public UUID getUuid()
      Get the "Assessment Plan Universally Unique Identifier".

      A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment plan in this or other OSCAL instances. The locally defined UUID of the assessment plan can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.

      Specified by:
      getUuid in interface IOscalInstance
      Returns:
      the uuid value

    • setUuid

      public void setUuid(@NonNull UUID value)
      Set the "Assessment Plan Universally Unique Identifier".

      A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment plan in this or other OSCAL instances. The locally defined UUID of the assessment plan can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.

      Parameters:
      value - the uuid value to set

    • getMetadata

      @NonNull public Metadata getMetadata()
      Get the "Document Metadata".

      Provides information about the containing document, and defines concepts that are shared across the document.

      Specified by:
      getMetadata in interface IOscalInstance
      Returns:
      the metadata value

    • setMetadata

      public void setMetadata(@NonNull Metadata value)
      Set the "Document Metadata".

      Provides information about the containing document, and defines concepts that are shared across the document.

      Parameters:
      value - the metadata value to set

    • getImportSsp

      @NonNull public ImportSsp getImportSsp()
      Get the "Import System Security Plan".

      Used by the assessment plan and POA&M to import information about the system.

      Returns:
      the import-ssp value

    • setImportSsp

      public void setImportSsp(@NonNull ImportSsp value)
      Set the "Import System Security Plan".

      Used by the assessment plan and POA&M to import information about the system.

      Parameters:
      value - the import-ssp value to set

    • getLocalDefinitions

      @Nullable public AssessmentPlan.LocalDefinitions getLocalDefinitions()
      Get the "Local Definitions".

      Used to define data objects that are used in the assessment plan, that do not appear in the referenced SSP.

      Returns:
      the local-definitions value, or null if not set

    • setLocalDefinitions

      public void setLocalDefinitions(@Nullable AssessmentPlan.LocalDefinitions value)
      Set the "Local Definitions".

      Used to define data objects that are used in the assessment plan, that do not appear in the referenced SSP.

      Parameters:
      value - the local-definitions value to set, or null to clear

    • getTermsAndConditions

      @Nullable public AssessmentPlan.TermsAndConditions getTermsAndConditions()
      Get the "Assessment Plan Terms and Conditions".

      Used to define various terms and conditions under which an assessment, described by the plan, can be performed. Each child part defines a different type of term or condition.

      Returns:
      the terms-and-conditions value, or null if not set

    • setTermsAndConditions

      public void setTermsAndConditions(@Nullable AssessmentPlan.TermsAndConditions value)
      Set the "Assessment Plan Terms and Conditions".

      Used to define various terms and conditions under which an assessment, described by the plan, can be performed. Each child part defines a different type of term or condition.

      Parameters:
      value - the terms-and-conditions value to set, or null to clear

    • getReviewedControls

      @NonNull public ReviewedControls getReviewedControls()
      Get the "Reviewed Controls and Control Objectives".

      Identifies the controls being assessed and their control objectives.

      Returns:
      the reviewed-controls value

    • setReviewedControls

      public void setReviewedControls(@NonNull ReviewedControls value)
      Set the "Reviewed Controls and Control Objectives".

      Identifies the controls being assessed and their control objectives.

      Parameters:
      value - the reviewed-controls value to set

    • getAssessmentSubjects

      @NonNull public List<AssessmentSubject> getAssessmentSubjects()
      Get the "Subject of Assessment".

      Identifies system elements being assessed, such as components, inventory items, and locations. In the assessment plan, this identifies a planned assessment subject. In the assessment results this is an actual assessment subject, and reflects any changes from the plan. exactly what will be the focus of this assessment. Any subjects not identified in this way are out-of-scope.

      Returns:
      the assessment-subject value

    • setAssessmentSubjects

      public void setAssessmentSubjects(@NonNull List<AssessmentSubject> value)
      Set the "Subject of Assessment".

      Identifies system elements being assessed, such as components, inventory items, and locations. In the assessment plan, this identifies a planned assessment subject. In the assessment results this is an actual assessment subject, and reflects any changes from the plan. exactly what will be the focus of this assessment. Any subjects not identified in this way are out-of-scope.

      Parameters:
      value - the assessment-subject value to set

    • addAssessmentSubject

      public boolean addAssessmentSubject(AssessmentSubject item)
      Add a new AssessmentSubject item to the underlying collection.
      Parameters:
      item - the item to add
      Returns:
      true

    • removeAssessmentSubject

      public boolean removeAssessmentSubject(AssessmentSubject item)
      Remove the first matching AssessmentSubject item from the underlying collection.
      Parameters:
      item - the item to remove
      Returns:
      true if the item was removed or false otherwise

    • getAssessmentAssets

      @Nullable public AssessmentAssets getAssessmentAssets()
      Get the "Assessment Assets".

      Identifies the assets used to perform this assessment, such as the assessment team, scanning tools, and assumptions.

      Returns:
      the assessment-assets value, or null if not set

    • setAssessmentAssets

      public void setAssessmentAssets(@Nullable AssessmentAssets value)
      Set the "Assessment Assets".

      Identifies the assets used to perform this assessment, such as the assessment team, scanning tools, and assumptions.

      Parameters:
      value - the assessment-assets value to set, or null to clear

    • getTasks

      @NonNull public List<Task> getTasks()
      Get the "Task".

      Represents a scheduled event or milestone, which may be associated with a series of assessment actions.

      Returns:
      the task value

    • setTasks

      public void setTasks(@NonNull List<Task> value)
      Set the "Task".

      Represents a scheduled event or milestone, which may be associated with a series of assessment actions.

      Parameters:
      value - the task value to set

    • addTask

      public boolean addTask(Task item)
      Add a new Task item to the underlying collection.
      Parameters:
      item - the item to add
      Returns:
      true

    • removeTask

      public boolean removeTask(Task item)
      Remove the first matching Task item from the underlying collection.
      Parameters:
      item - the item to remove
      Returns:
      true if the item was removed or false otherwise

    • getBackMatter

      @Nullable public BackMatter getBackMatter()
      Get the "Back matter".

      A collection of resources that may be referenced from within the OSCAL document instance.

      Specified by:
      getBackMatter in interface IOscalInstance
      Returns:
      the back-matter value, or null if not set

    • setBackMatter

      public void setBackMatter(@Nullable BackMatter value)
      Set the "Back matter".

      A collection of resources that may be referenced from within the OSCAL document instance.

      Parameters:
      value - the back-matter value to set, or null to clear

    • toString

      public String toString()
      Overrides:
      toString in class Object