Summary: This page provides information about the Action Plan Recommendation feature.
This feature is currently in BETA.
The Action Plan Recommendation is a feature designed to help you automatically build an Action Plan to improve the score of a chosen Health Factor (Business Criteria). In short, for a given Health Factor, you can configure one of the "remediation targets" listed below and the Action Plan Recommendation will automatically suggest a list of violations to be added to the Action Plan for future correction. The correction of the suggested violations will match the desired remediation target when a new snapshot is generated and therefore improve the grade of the chosen Health Factor. Available remediation targets:
- The number of violations you want to fix, OR
- The amount of effort in man/days you would like to "spend" on fixing the violations
- The feature requires a login with the QUALITY_MANAGER role.
- This feature supports Health Factors introduced by the following industry standard extensions:
- This feature is supported only in AIP versions ≥8.3.29
- This feature does not work for old snapshots (the "APR" and "download data as excel file" icons are disabled)
How does it work?
The Action Plan Recommendation uses an optimization algorithm to build an Action Plan according to the target you want to achieve. This algorithm functions as follows for each of the available remediation targets:
- You select a specific number of violations to fix: the system will search for an Action Plan (i.e. a list of violations) that matches (where possible) the selected number of violations and that maximizes the grade/score of the chosen Health Factor.
- You select a specific effort: the system will search for an Action Plan (i.e. a list of violations) that matches with the selected total effort and that maximizes the grade/score of the chosen Health Factor.
This algorithm attempts to solve a "combinatorial optimization problem". This means that the perfect solution (i.e. Action Plan or list of violations) is unknown, and the algorithm will try to find the very best solution it can by selecting the best result using the three heuristics (grade/score, number of violations and effort). As a result, the algorithm may find a solution (i.e. Action Plan or list of violations) which may differ slightly from your requested remediation target.
- As soon you re-select or deselect a rule in the interface the algorithm will re-compute the action plan recommendation. Depending on the rules you have already excluded, some rules may be added/removed by the algorithm compared to a previous recommendation.
- The effort is calculated for a number of objects and does not depend on the number of objects to fix (especially for cost complexity).
- An effort "unit" is set by a hard coded rule. The value of the effort unit depends on the parent Technical Criterion of the rule.
- By default, all rules that belong to the same Technical Criterion are set with the same effort unit.
- By default, an initial remediation target is set when the interface is first opened - this is to correct one violation - if you already have violations added to Action Plan, this initial remediation target will be set to correct one additional violation.
Accessing the Action Plan Recommendation
The Action Plan Recommendation feature can be accessed from the Action Plan using the icon in the top right corner:
Action Plan Recommendation interface
Click to enlarge
|Select Health Measure|
This option provides a drop down list of the available Health Factors to target for grade improvement. By default the Total Quality Index Health Factor will be selected. Choose the required Health Factor in the drop down:
This option allows you to Improve Total Security Compliance (in%).
|Compliance (in %) slider|
The Compliance slider indicates the target Compliance (in %) you would like to achieve for the chosen Health Factor (Compliance percentage go from 0 (worst) to 100 (best)):
When you select Compliance (in %) from the Improve Total Quality Index drop-down, Minimize (Violations and Effort) option gets disabled.
|Select a Module|
This option provides the drop down list of the available Modules, by default "All Modules" is selected. Users can specify the improvement scope to the application, which is the "All Module" option, or any particular module can be selected from the module dropdown.
|Compliance manual entry|
This option indicates the target Compliance you would like to achieve for the chosen Health Factor (Compliance percentage go from 0 (worst) to 100 (best)):
|Violation manual entry|
This option indicates the number of violations that you want to fix:
|Effort manual entry|
This option indicates the amount of effort in man/days you would like to "spend" on fixing the violations:
The FINALIZE button will add all the violations for selected rules into the Action Plan. In the following example, 7 violations have been added to the Action Plan:
Click to enlarge
Note that the Comment in the Action Plan will be populated automatically and will describe the target remediation, for example:
|Action Plan Recommendation list|
This section lists the rules that the Action Plan Recommendation algorithm thinks are the best match for the target remediation. You can sort each column in ascending or descending order by clicking on the column header.