Page tree
Skip to end of metadata
Go to start of metadata

Summary: This page provides information about the Action Plan Recommendation feature.

This feature is currently in BETA.

Introduction

The Action Plan Recommendation is a feature designed to help you automatically build an Action Plan to improve the score of a chosen Health Factor (Business Criteria). In short, for a given Health Factor, you can configure one of the "remediation targets" listed below and the Action Plan Recommendation will automatically suggest a list of violations to be added to the Action Plan for future correction. The correction of the suggested violations will match the desired remediation target when a new snapshot is generated and therefore improve the grade of the chosen Health Factor. Available remediation targets:

  • The number of violations you want to fix, OR
  • The amount of effort in man/days you would like to "spend" on fixing the violations
  • The feature requires a login with the QUALITY_MANAGER role.
  • This feature supports Health Factors introduced by the following industry standard extensions:
  • This feature is supported only in AIP versions 8.3.29 
  • This feature does not work for old snapshots (the "APR" and "download data as excel file" icons  are disabled)

How does it work?

The Action Plan Recommendation uses an optimization algorithm to build an Action Plan according to the target you want to achieve. This algorithm functions as follows for each of the available remediation targets:

  • You select a specific number of violations to fix: the system will search for an Action Plan (i.e. a list of violations) that matches (where possible) the selected number of violations and that maximizes the grade/score of the chosen Health Factor.
  • You select a specific effort: the system will search for an Action Plan (i.e. a list of violations) that matches with the selected total effort and that maximizes the grade/score of the chosen Health Factor.

This algorithm attempts to solve a "combinatorial optimization problem". This means that the perfect solution (i.e. Action Plan or list of violations) is unknown, and the algorithm will try to find the very best solution it can by selecting the best result using the three heuristics (grade/score, number of violations and effort). As a result, the algorithm may find a solution (i.e. Action Plan or list of violations) which may differ slightly from your requested remediation target.

Notes:

  • As soon you re-select or deselect a rule in the interface the algorithm will re-compute the action plan recommendation. Depending on the rules you have already excluded, some rules may be added/removed by the algorithm compared to a previous recommendation.
  • The effort is calculated for a number of objects and does not depend on the number of objects to fix (especially for cost complexity).
  • An effort "unit" is set by a hard coded rule. The value of the effort unit depends on the parent Technical Criterion of the rule.
  • By default, all rules that belong to the same Technical Criterion are set with the same effort unit.
  • By default, an initial remediation target is set when the interface is first opened - this is to correct one violation - if you already have violations added to Action Plan, this initial remediation target will be set to correct one additional violation.

Accessing the Action Plan Recommendation

The Action Plan Recommendation feature can be accessed from the Action Plan using the icon in the top right corner:

Action Plan Recommendation interface

Click to enlarge


Select Health Measure

This option provides a drop down list of the available Health Factors to target for grade improvement. By default the Total Quality Index Health Factor will be selected. Choose the required Health Factor in the drop down:


Improve Security

This option allows you to Improve Total Security Compliance (in%).   


Compliance (in %) slider

The Compliance slider indicates the target Compliance (in %) you would like to achieve for the chosen Health Factor (Compliance percentage go from 0 (worst) to 100 (best)):


When you select Compliance (in %) from the Improve Total Quality Index drop-down, Minimize (Violations and Effort) option gets disabled.

  • You can manually move the slider by clicking the circle and dragging it to a new position - this is a quick method to build an action plan based simply on a target grade.
  • The Action Plan Recommendation will recalculate the suggested Action Plan each time you move the slider.
  • The Compliance (in %) shown in the slider will match the Target Compliance shown in the Compliance manual entry box (see below)
Select a Module

This option provides the drop down list of the available Modules, by default "All Modules" is selected. Users can specify the improvement scope to the application, which is the "All Module" option, or any particular module can be selected from the module dropdown.


Compliance manual entry

This option indicates the target Compliance you would like to achieve for the chosen Health Factor (Compliance percentage go from 0 (worst) to 100 (best)):


  • When the Compliance is selected the first time, the box will indicate a target Compliance based on the default initial remediation target to correct one violation - if you already have violations added to Action Plan, this initial remediation target will be set to correct one additional violation.
  • You can manually change the Compliance percentage in the box using the up/down buttons or by manually entering the grade - this is a quick method to build an action plan based simply on a target Compliance: 

  • The Action Plan Recommendation will recalculate the suggested Action Plan each time you change the value in the box.
  • The target Compliance shown in the box will match the target Compliance shown on the Compliance slider (see above).
Violation manual entry

This option indicates the number of violations that you want to fix:

  • When the Action Plan Recommendation is first opened, the box will indicate a default initial remediation target to correct one violation - if you already have violations added to Action Plan, this initial remediation target will be set to correct one additional violation.
  • You can manually change the number of violations in the box using the up/down buttons or by manually entering the number - this is a quick method to build an action plan based simply on the number of violations you want to correct:

  • The Action Plan Recommendation will recalculate the suggested Action Plan each time you change the value in the box.
Effort manual entry

This option indicates the amount of effort in man/days you would like to "spend" on fixing the violations:

  • When the Action Plan Recommendation is first opened, the box will indicate a target effort in man/days based on the default initial remediation target to correct one violation - if you already have violations added to Action Plan, this initial remediation target will be set to correct one additional violation.
  • You can manually change the amount of effort in the box using the up/down buttons or by manually entering the number - this is a quick method to build an action plan based simply on the amount of effort you would like to "spend" on fixing the violations:

  • The Action Plan Recommendation will recalculate the suggested Action Plan each time you change the value in the box.
FINALIZE

The FINALIZE button will add all the violations for selected rules into the Action Plan. In the following example, 7 violations have been added to the Action Plan:

Click to enlarge

Note that the Comment in the Action Plan will be populated automatically and will describe the target remediation, for example:

Action Plan Recommendation list

This section lists the rules that the Action Plan Recommendation algorithm thinks are the best match for the target remediation. You can sort each column in ascending or descending order by clicking on the column header.

Check boxes

The check boxes enable you to choose whether you want the violations for a specific rule to be added to the Action Plan or not. By default, all check boxes will be selected - meaning that all violations for all rules will be added to the Action Plan. If you do not want to fix violations for a specific rule, de-select the associated check box.

In the following example, we do not want to fix the violations of the rule Avoid using javascript or expression in the CSS file, therefore we need to deselect the corresponding check box:

Click to enlarge

  • When you deselect a rule, the Action Plan Recommendation will recalculate the suggested Action Plan, therefore you may find that the list changes since you have excluded a certain rule and the algorithm may decide that a different combination of violations will match the chosen remediation target.
  • If violations of a particular rule are already present in the Action Plan, the check box will be unselected and disabled, e.g. the four unselected rules are also disabled in the following image:

CriteriaThe name of the parent Technical Criterion for the violated rule.
RuleThe name of the violated rule.
CriticalIndicates whether the rule is critical or not (a red dot indicates a critical rule).
Effort (min)Indicates the suggested time in minutes required to fix one single violation.
ViolationsNumber of violations of the rule that will be added to the Action Plan.
TotalTotal effort in man/days required to fix all the violations of the selected rule. This value is calculated by multiplying the value in the Effort(min) column by the value in the Violations column.


  • No labels