From dc67cd57c409f127b584e32484b3d105dddccef3 Mon Sep 17 00:00:00 2001
From: Ryan Wold <64987852+ryanwoldatwork@users.noreply.github.com>
Date: Wed, 13 Nov 2024 08:41:17 -0800
Subject: [PATCH 1/2] Order CxResponses API response by ID
---
app/controllers/api/v1/cx_responses_controller.rb | 1 +
spec/controllers/api/v1/cx_responses_controller_spec.rb | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/app/controllers/api/v1/cx_responses_controller.rb b/app/controllers/api/v1/cx_responses_controller.rb
index ee1160de4..1e41b0622 100644
--- a/app/controllers/api/v1/cx_responses_controller.rb
+++ b/app/controllers/api/v1/cx_responses_controller.rb
@@ -17,6 +17,7 @@ def index
cx_responses = CxResponse
.where(created_at: start_date.beginning_of_day..end_date.end_of_day)
+ .order(:id)
.page(page_number)
.per(page_size)
diff --git a/spec/controllers/api/v1/cx_responses_controller_spec.rb b/spec/controllers/api/v1/cx_responses_controller_spec.rb
index 58f2cdd42..888c8913c 100644
--- a/spec/controllers/api/v1/cx_responses_controller_spec.rb
+++ b/spec/controllers/api/v1/cx_responses_controller_spec.rb
@@ -48,7 +48,7 @@
let!(:cx_collection) { FactoryBot.create(:cx_collection, organization: organization1, service_provider: service_provider, service: service, user: user) }
let!(:cx_collection_detail) { FactoryBot.create(:cx_collection_detail, :with_cx_collection_detail_upload, cx_collection: cx_collection, service: service, transaction_point: :post_service_journey, channel: Service.channels.sample) }
let!(:cx_collection_detail_upload) { cx_collection_detail.cx_collection_detail_uploads.first }
- let!(:cx_response) { CxResponse.first }
+ let!(:cx_response) { CxResponse.order(:id).first }
describe '#index' do
before do
From b276ebae1788211905377c973d2e71a6239181c0 Mon Sep 17 00:00:00 2001
From: Ryan Wold <64987852+ryanwoldatwork@users.noreply.github.com>
Date: Wed, 13 Nov 2024 10:50:21 -0800
Subject: [PATCH 2/2] deprecate cscrm data collections
---
.../cscrm_data_collections2_controller.rb | 171 ----
.../cscrm_data_collections_controller.rb | 161 ----
.../admin/cx_collections_controller.rb | 4 +-
app/controllers/admin/users_controller.rb | 1 -
app/controllers/application_controller.rb | 7 -
app/mailers/user_mailer.rb | 14 -
app/models/cscrm_data_collection.rb | 487 -----------
app/models/cscrm_data_collection2.rb | 771 ------------------
app/models/event.rb | 15 -
app/models/organization.rb | 2 -
.../cscrm_data_collection_serializer.rb | 40 -
.../_cscrm_data_collection.html.erb | 102 ---
.../cscrm_data_collections/_form.html.erb | 563 -------------
.../_status_tag.html.erb | 3 -
.../cscrm_data_collections/edit.html.erb | 22 -
.../cscrm_data_collections/index.html.erb | 128 ---
.../admin/cscrm_data_collections/new.html.erb | 36 -
.../cscrm_data_collections/show.html.erb | 651 ---------------
.../_cscrm_data_collection.html.erb | 102 ---
.../cscrm_data_collections2/_form.html.erb | 444 ----------
.../_status_tag.html.erb | 3 -
.../cscrm_data_collections2/edit.html.erb | 27 -
.../cscrm_data_collections2/index.html.erb | 131 ---
.../cscrm_data_collections2/new.html.erb | 36 -
.../cscrm_data_collections2/show.html.erb | 541 ------------
app/views/admin/performance/index.html.erb | 9 +-
app/views/admin/users/_form.html.erb | 23 -
app/views/admin/users/show.html.erb | 5 -
app/views/components/_weekly_metrics.html.erb | 9 +-
...crm_data_collection2_notification.html.erb | 15 -
...crm_data_collection2_notification.text.erb | 5 -
...scrm_data_collection_notification.html.erb | 15 -
...scrm_data_collection_notification.text.erb | 5 -
db/migrate/20241112222412_deprecate_cscrm.rb | 7 +
db/schema.rb | 112 +--
db/seeds.rb | 101 ---
spec/factories/cscrm_data_collection.rb | 8 -
spec/factories/cscrm_data_collection2.rb | 8 -
.../admin/cscrm_data_collections2_spec.rb | 50 --
.../admin/cscrm_data_collections_spec.rb | 53 --
spec/features/admin/dashboard_spec.rb | 4 +-
spec/mailers/user_mailer_spec.rb | 44 -
spec/models/cscrm_data_collection_spec.rb | 5 -
.../admin/cscrm_data_collections_spec.rb | 141 ----
44 files changed, 23 insertions(+), 5058 deletions(-)
delete mode 100644 app/controllers/admin/cscrm_data_collections2_controller.rb
delete mode 100644 app/controllers/admin/cscrm_data_collections_controller.rb
delete mode 100644 app/models/cscrm_data_collection.rb
delete mode 100644 app/models/cscrm_data_collection2.rb
delete mode 100644 app/serializers/cscrm_data_collection_serializer.rb
delete mode 100644 app/views/admin/cscrm_data_collections/_cscrm_data_collection.html.erb
delete mode 100644 app/views/admin/cscrm_data_collections/_form.html.erb
delete mode 100644 app/views/admin/cscrm_data_collections/_status_tag.html.erb
delete mode 100644 app/views/admin/cscrm_data_collections/edit.html.erb
delete mode 100644 app/views/admin/cscrm_data_collections/index.html.erb
delete mode 100644 app/views/admin/cscrm_data_collections/new.html.erb
delete mode 100644 app/views/admin/cscrm_data_collections/show.html.erb
delete mode 100644 app/views/admin/cscrm_data_collections2/_cscrm_data_collection.html.erb
delete mode 100644 app/views/admin/cscrm_data_collections2/_form.html.erb
delete mode 100644 app/views/admin/cscrm_data_collections2/_status_tag.html.erb
delete mode 100644 app/views/admin/cscrm_data_collections2/edit.html.erb
delete mode 100644 app/views/admin/cscrm_data_collections2/index.html.erb
delete mode 100644 app/views/admin/cscrm_data_collections2/new.html.erb
delete mode 100644 app/views/admin/cscrm_data_collections2/show.html.erb
delete mode 100644 app/views/user_mailer/cscrm_data_collection2_notification.html.erb
delete mode 100644 app/views/user_mailer/cscrm_data_collection2_notification.text.erb
delete mode 100644 app/views/user_mailer/cscrm_data_collection_notification.html.erb
delete mode 100644 app/views/user_mailer/cscrm_data_collection_notification.text.erb
create mode 100644 db/migrate/20241112222412_deprecate_cscrm.rb
delete mode 100644 spec/factories/cscrm_data_collection.rb
delete mode 100644 spec/factories/cscrm_data_collection2.rb
delete mode 100644 spec/features/admin/cscrm_data_collections2_spec.rb
delete mode 100644 spec/features/admin/cscrm_data_collections_spec.rb
delete mode 100644 spec/models/cscrm_data_collection_spec.rb
delete mode 100644 spec/requests/admin/cscrm_data_collections_spec.rb
diff --git a/app/controllers/admin/cscrm_data_collections2_controller.rb b/app/controllers/admin/cscrm_data_collections2_controller.rb
deleted file mode 100644
index 5f9bf772a..000000000
--- a/app/controllers/admin/cscrm_data_collections2_controller.rb
+++ /dev/null
@@ -1,171 +0,0 @@
-# frozen_string_literal: true
-
-module Admin
- class CscrmDataCollections2Controller < AdminController
- before_action :set_cscrm_data_collection, only: %i[
- show
- edit update
- submit publish reset
- destroy
- ]
-
- def index
- respond_to do |format|
- format.html do
- if cscrm_manager_permissions?
- @cscrm_data_collections = CscrmDataCollection2.includes(:organization)
- else
- @cscrm_data_collections = current_user.organization.cscrm_data_collections2.includes(:organization)
- end
- end
- format.csv do
- if cscrm_manager_permissions?
- csv_content = CscrmDataCollection2.to_csv
- else
- []
- end
- send_data csv_content
- end
- end
- end
-
- def show; end
-
- def new
- @cscrm_data_collection = CscrmDataCollection2.new
- end
-
- def edit; end
-
- def create
- @cscrm_data_collection = CscrmDataCollection2.new(cscrm_data_collection_params)
- @cscrm_data_collection.user = current_user unless @cscrm_data_collection.user
-
- respond_to do |format|
- if @cscrm_data_collection.save
- Event.log_event(Event.names[:cscrm_data_collection_collection_created], 'CSRCM Data Collection', @cscrm_data_collection.id, "CSRCM Data Collection #{@cscrm_data_collection.id} created at #{DateTime.now}", current_user.id)
- format.html { redirect_to admin_cscrm_data_collections2_url(@cscrm_data_collection), notice: 'Cscrm data collection was successfully created.' }
- format.json { render :show, status: :created, location: @cscrm_data_collection }
- else
- format.html { render :new, status: :unprocessable_entity }
- format.json { render json: @cscrm_data_collection.errors, status: :unprocessable_entity }
- end
- end
- end
-
- def update
- @cscrm_data_collection.user = current_user unless @cscrm_data_collection.user
-
- respond_to do |format|
- if @cscrm_data_collection.update(cscrm_data_collection_params)
- Event.log_event(Event.names[:cscrm_data_collection_collection_updated], 'CSRCM Data Collection', @cscrm_data_collection.id, "CSRCM Data Collection #{@cscrm_data_collection.id} updated at #{DateTime.now}", current_user.id)
- format.html { redirect_to admin_cscrm_data_collections2_url(@cscrm_data_collection), notice: 'Cscrm data collection was successfully updated.' }
- format.json { render :show, status: :ok, location: @cscrm_data_collection }
- else
- format.html { render :edit, status: :unprocessable_entity }
- format.json { render json: @cscrm_data_collection.errors, status: :unprocessable_entity }
- end
- end
- end
-
- def submit
- @cscrm_data_collection.submit!
- Event.log_event(Event.names[:cscrm_data_collection_collection_submitted], 'CSRCM Data Collection', @cscrm_data_collection.id, "CSRCM Data Collection #{@cscrm_data_collection.id} submitted at #{DateTime.now}", current_user.id)
- UserMailer.cscrm_data_collection2_notification(collection_id: @cscrm_data_collection.id).deliver_later
- redirect_to admin_cscrm_data_collections2_path(@cscrm_data_collection), notice: 'CSRCM Data Collection has been submitted successfully.'
- end
-
- def publish
- @cscrm_data_collection.publish!
- Event.log_event(Event.names[:cscrm_data_collection_collection_published], 'CSRCM Data Collection', @cscrm_data_collection.id, "CSRCM Data Collection #{@cscrm_data_collection.id} published at #{DateTime.now}", current_user.id)
- redirect_to admin_cscrm_data_collections2_path(@cscrm_data_collection), notice: 'CSRCM Data Collection has been published successfully.'
- end
-
- def reset
- if cscrm_manager_permissions?
- @cscrm_data_collection.reset!
- Event.log_event(Event.names[:cscrm_data_collection_collection_reset], 'CSRCM Data Collection', @cscrm_data_collection.id, "CSRCM Data Collection #{@cscrm_data_collection.id} reset at #{DateTime.now}", current_user.id)
- redirect_to admin_cscrm_data_collections2_path(@cscrm_data_collection), notice: 'CSRCM Data Collection has been reset.'
- end
- end
-
- def destroy
- @cscrm_data_collection.destroy
- Event.log_event(Event.names[:cscrm_data_collection_collection_deleted], 'CSRCM Data Collection', @cscrm_data_collection.id, "CSRCM Data Collection #{@cscrm_data_collection.id} deleted at #{DateTime.now}", current_user.id)
-
- respond_to do |format|
- format.html { redirect_to admin_cscrm_data_collections2_index_url, notice: 'Cscrm data collection was successfully destroyed.' }
- format.json { head :no_content }
- end
- end
-
- private
-
- def set_cscrm_data_collection
- if cscrm_manager_permissions?
- @cscrm_data_collection = CscrmDataCollection2.find(params[:id])
- else
- @cscrm_data_collection = current_user.organization.cscrm_data_collections2.find(params[:id])
- end
- end
-
- def cscrm_data_collection_params
- params.require(:cscrm_data_collection2).permit(
- :user_id,
- :organization_id,
- :bureau_id,
- :year,
- :quarter,
- :rating,
- # Question 1
- :interdisciplinary_team,
- :interdisciplinary_team_comments,
- :pmo_established,
- :pmo_established_comments,
- :established_policy,
- :established_policy_comments,
- :supply_chain_acquisition_procedures,
- :supply_chain_acquisition_procedures_comments,
- # Question 5
- :funding,
- :funding_comments,
- :identified_staff,
- :identified_staff_comments,
- :strategy_plan,
- :strategy_plan_comments,
- :governance_structure,
- :governance_structure_comments,
- # clearly_defined_roles,
- :clearly_defined_roles_comments,
- # Question 10
- # :identified_assets_and_essential_functions,
- :identified_assets_and_essential_functions_comments,
- :prioritization_process,
- :prioritization_process_comments,
- # :considerations_in_procurement_processes,
- :considerations_in_procurement_processes_comments,
- :documented_methodology,
- :documented_methodology_comments,
- # :conducts_scra_for_prioritized_products_and_services,
- :conducts_scra_for_prioritized_products_and_services_comments,
- # Question 15
- :personnel_required_to_complete_training,
- :personnel_required_to_complete_training_comments,
- :established_process_information_sharing_with_fasc,
- :established_process_information_sharing_with_fasc_comments,
- # :cybersecurity_supply_chain_risk_considerations,
- :cybersecurity_supply_chain_risk_considerations_comments,
- :process_for_product_authenticity,
- :process_for_product_authenticity_comments,
- :cscrm_controls_incorporated_into_ssp,
- :cscrm_controls_incorporated_into_ssp_comments,
- :comments,
- clearly_defined_roles: [],
- identified_assets_and_essential_functions: [],
- considerations_in_procurement_processes: [],
- cybersecurity_supply_chain_risk_considerations: [],
- conducts_scra_for_prioritized_products_and_services: [],
- )
- end
- end
-end
diff --git a/app/controllers/admin/cscrm_data_collections_controller.rb b/app/controllers/admin/cscrm_data_collections_controller.rb
deleted file mode 100644
index 5376610ad..000000000
--- a/app/controllers/admin/cscrm_data_collections_controller.rb
+++ /dev/null
@@ -1,161 +0,0 @@
-# frozen_string_literal: true
-
-module Admin
- class CscrmDataCollectionsController < AdminController
- before_action :set_cscrm_data_collection, only: %i[
- show
- edit update
- submit publish reset
- destroy
- ]
-
- def index
- respond_to do |format|
- format.html do
- if cscrm_manager_permissions?
- @cscrm_data_collections = CscrmDataCollection.includes(:organization)
- else
- # Redirect non-admin users to CSCRM2
- redirect_to admin_cscrm_data_collections2_index_path
- end
- end
- format.csv do
- if cscrm_manager_permissions?
- csv_content = CscrmDataCollection.to_csv
- else
- []
- end
- send_data csv_content
- end
- end
- end
-
- def show; end
-
- def new
- @cscrm_data_collection = CscrmDataCollection.new
- end
-
- def edit; end
-
- def create
- @cscrm_data_collection = CscrmDataCollection.new(cscrm_data_collection_params)
- @cscrm_data_collection.user = current_user unless @cscrm_data_collection.user
-
- respond_to do |format|
- if @cscrm_data_collection.save
- Event.log_event(Event.names[:cscrm_data_collection_collection_created], 'CSRCM Data Collection', @cscrm_data_collection.id, "CSRCM Data Collection #{@cscrm_data_collection.id} created at #{DateTime.now}", current_user.id)
- format.html { redirect_to admin_cscrm_data_collection_url(@cscrm_data_collection), notice: 'Cscrm data collection was successfully created.' }
- format.json { render :show, status: :created, location: @cscrm_data_collection }
- else
- format.html { render :new, status: :unprocessable_entity }
- format.json { render json: @cscrm_data_collection.errors, status: :unprocessable_entity }
- end
- end
- end
-
- def update
- @cscrm_data_collection.user = current_user unless @cscrm_data_collection.user
-
- respond_to do |format|
- if @cscrm_data_collection.update(cscrm_data_collection_params)
- Event.log_event(Event.names[:cscrm_data_collection_collection_updated], 'CSRCM Data Collection', @cscrm_data_collection.id, "CSRCM Data Collection #{@cscrm_data_collection.id} updated at #{DateTime.now}", current_user.id)
- format.html { redirect_to admin_cscrm_data_collection_url(@cscrm_data_collection), notice: 'Cscrm data collection was successfully updated.' }
- format.json { render :show, status: :ok, location: @cscrm_data_collection }
- else
- format.html { render :edit, status: :unprocessable_entity }
- format.json { render json: @cscrm_data_collection.errors, status: :unprocessable_entity }
- end
- end
- end
-
- def submit
- @cscrm_data_collection.submit!
- Event.log_event(Event.names[:cscrm_data_collection_collection_submitted], 'CSRCM Data Collection', @cscrm_data_collection.id, "CSRCM Data Collection #{@cscrm_data_collection.id} submitted at #{DateTime.now}", current_user.id)
- UserMailer.cscrm_data_collection_notification(collection_id: @cscrm_data_collection.id).deliver_later
- redirect_to admin_cscrm_data_collection_path(@cscrm_data_collection), notice: 'CSRCM Data Collection has been submitted successfully.'
- end
-
- def publish
- @cscrm_data_collection.publish!
- Event.log_event(Event.names[:cscrm_data_collection_collection_published], 'CSRCM Data Collection', @cscrm_data_collection.id, "CSRCM Data Collection #{@cscrm_data_collection.id} published at #{DateTime.now}", current_user.id)
- redirect_to admin_cscrm_data_collection_path(@cscrm_data_collection), notice: 'CSRCM Data Collection has been published successfully.'
- end
-
- def reset
- if cscrm_manager_permissions?
- @cscrm_data_collection.reset!
- Event.log_event(Event.names[:cscrm_data_collection_collection_reset], 'CSRCM Data Collection', @cscrm_data_collection.id, "CSRCM Data Collection #{@cscrm_data_collection.id} reset at #{DateTime.now}", current_user.id)
- redirect_to admin_cscrm_data_collection_path(@cscrm_data_collection), notice: 'CSRCM Data Collection has been reset.'
- end
- end
-
- def destroy
- @cscrm_data_collection.destroy
- Event.log_event(Event.names[:cscrm_data_collection_collection_deleted], 'CSRCM Data Collection', @cscrm_data_collection.id, "CSRCM Data Collection #{@cscrm_data_collection.id} deleted at #{DateTime.now}", current_user.id)
-
- respond_to do |format|
- format.html { redirect_to admin_cscrm_data_collections_url, notice: 'Cscrm data collection was successfully destroyed.' }
- format.json { head :no_content }
- end
- end
-
- private
-
- def set_cscrm_data_collection
- if cscrm_manager_permissions?
- @cscrm_data_collection = CscrmDataCollection.find(params[:id])
- else
- @cscrm_data_collection = current_user.organization.cscrm_data_collections.find(params[:id])
- end
- end
-
- def cscrm_data_collection_params
- params.require(:cscrm_data_collection).permit(
- :user_id,
- :organization_id,
- :bureau,
- :year,
- :quarter,
- :agency_roles,
- :agency_roles_comments,
- :leadership_roles,
- :leadership_roles_comments,
- :stakeholder_champion_identified,
- :stakeholder_champion_identified_comments,
- :pmo_established,
- :pmo_established_comments,
- :interdisciplinary_team_established,
- :interdisciplinary_team_established_comments,
- :enterprise_risk_management_function_established,
- :enterprise_risk_management_function_established_comments,
- :enterprise_wide_scrm_policy_established,
- :enterprise_wide_scrm_policy_established_comments,
- :agency_wide_scrm_strategy_and_implementation_plan_established,
- :agency_wide_scrm_strategy_and_implementation_plan_comments,
- :funding_for_initial_operating_capability,
- :funding_for_initial_operating_capability_comments,
- :staffing,
- :staffing_comments,
- :personnel_required_comments,
- :cybersecurity_supply_chain_risk_comments,
- :prioritization_process,
- :prioritization_process_comments,
- :established_process_information_sharing_with_fasc,
- :established_process_information_sharing_with_fasc_comments,
- :general_comments,
- :rating,
- :roles_and_responsibilities_comments,
- :missions_identified_comments,
- :considerations_in_procurement_processes_comments,
- :conducts_scra_for_prioritized_products_and_services_comments,
- roles_and_responsibilities: [],
- missions_identified: [],
- considerations_in_procurement_processes: [],
- conducts_scra_for_prioritized_products_and_services: [],
- personnel_required_to_complete_training: [],
- cybersecurity_supply_chain_risk_considerations: [],
- )
- end
- end
-end
diff --git a/app/controllers/admin/cx_collections_controller.rb b/app/controllers/admin/cx_collections_controller.rb
index 15d175ad9..2c104ad1c 100644
--- a/app/controllers/admin/cx_collections_controller.rb
+++ b/app/controllers/admin/cx_collections_controller.rb
@@ -59,7 +59,7 @@ def create
respond_to do |format|
if @cx_collection.save
- Event.log_event(Event.names[:collection_cx_created], @cx_collection.class.to_s, @cx_collection.id, "Collection #{@cx_collection.name} created at #{DateTime.now}", current_user.id)
+ Event.log_event(Event.names[:cx_collection_created], @cx_collection.class.to_s, @cx_collection.id, "Collection #{@cx_collection.name} created at #{DateTime.now}", current_user.id)
format.html { redirect_to admin_cx_collection_url(@cx_collection), notice: "CX Data Collection was successfully created." }
format.json { render :show, status: :created, location: @cx_collection }
else
@@ -137,7 +137,7 @@ def update
respond_to do |format|
if @cx_collection.update(cx_collection_params)
- Event.log_event(Event.names[:collection_cx_updated], @cx_collection.class.to_s, @cx_collection.id, "Collection #{@cx_collection.name} updated at #{DateTime.now}", current_user.id)
+ Event.log_event(Event.names[:cx_collection_updated], @cx_collection.class.to_s, @cx_collection.id, "Collection #{@cx_collection.name} updated at #{DateTime.now}", current_user.id)
format.html { redirect_to admin_cx_collection_url(@cx_collection), notice: "CX Data Collection was successfully updated." }
format.json { render :show, status: :ok, location: @cx_collection }
else
diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb
index 85e526891..aa0b1d9bf 100644
--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@@ -156,7 +156,6 @@ def user_params
:performance_manager,
:service_manager,
:registry_manager,
- :cscrm_data_collection_manager,
:email,
:first_name,
:last_name,
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 1437263ef..2ef738514 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -161,13 +161,6 @@ def performance_manager_permissions?
current_user.performance_manager?
end
- helper_method :cscrm_manager_permissions?
- def cscrm_manager_permissions?
- return true if admin_permissions?
-
- current_user.cscrm_data_collection_manager?
- end
-
helper_method :cx_collection_permissions?
def cx_collection_permissions?(cx_collection:)
return false if cx_collection.blank?
diff --git a/app/mailers/user_mailer.rb b/app/mailers/user_mailer.rb
index 0c1ad890c..d1f2636e3 100644
--- a/app/mailers/user_mailer.rb
+++ b/app/mailers/user_mailer.rb
@@ -79,20 +79,6 @@ def cx_collection_notification(cx_collection_id:)
to: (UserMailer.touchpoints_admin_emails + User.performance_managers.collect(&:email)).uniq
end
- def cscrm_data_collection_notification(collection_id:)
- set_logo
- @cscrm_data_collection = CscrmDataCollection.find(collection_id)
- mail subject: "CSCRM Data Collection notification to #{@cscrm_data_collection.id}",
- to: (UserMailer.touchpoints_admin_emails + User.where(cscrm_data_collection_manager: true).collect(&:email)).uniq
- end
-
- def cscrm_data_collection2_notification(collection_id:)
- set_logo
- @cscrm_data_collection = CscrmDataCollection2.find(collection_id)
- mail subject: "CSCRM Data Collection 2 notification to #{@cscrm_data_collection.id}",
- to: (UserMailer.touchpoints_admin_emails + User.where(cscrm_data_collection_manager: true).collect(&:email)).uniq
- end
-
def quarterly_performance_notification(cx_collection_id:)
set_logo
@cx_collection = CxCollection.find(cx_collection_id)
diff --git a/app/models/cscrm_data_collection.rb b/app/models/cscrm_data_collection.rb
deleted file mode 100644
index aa36ae18c..000000000
--- a/app/models/cscrm_data_collection.rb
+++ /dev/null
@@ -1,487 +0,0 @@
-# frozen_string_literal: true
-require 'csv'
-
-class CscrmDataCollection < ApplicationRecord
- include AASM
-
- belongs_to :user
- belongs_to :organization
-
- validates :year, presence: true
- validates :quarter, presence: true
-
- aasm do
- state :draft, initial: true
- state :submitted
- state :published
- state :archived
-
- event :submit do
- transitions from: %i[draft], to: :submitted
- end
-
- event :publish do
- transitions from: :submitted, to: :published
- end
-
- event :archive do
- transitions from: [:published], to: :archived
- end
-
- event :reset do
- transitions to: :draft
- end
- end
-
- def self.question_1
- {
- text: "The Agency’s role in SCRM is identified and communicated",
- number: 1,
- field: :agency_roles,
- }
- end
-
- def self.question_2
- {
- text: "Senior leadership roles, responsibilities and accountability for C-SCRM are defined",
- number: 2,
- field: :leadership_roles,
- }
- end
-
- def self.question_3
- {
- text: "A CSCRM Champion has been identified for your Agency",
- number: 3,
- field: :stakeholder_champion_identified,
- }
- end
-
- def self.question_4
- {
- text: "Establishment of an interdisciplinary enterprise-wide Department or Agency team including SMEs from IT, Logistics, Procurement, Cybersecurity, Mission, Legal, ERM and CFO officials to manage and mitigate risk in the C-SCRM supply chain",
- number: 4,
- field: :interdisciplinary_team_established,
- }
- end
-
- def self.question_5
- {
- text: "Establishment of CSCRM PMO or equivalent",
- number: 5,
- field: :pmo_established,
- }
- end
-
- def self.question_6
- {
- text: "Established Enterprise-wide SCRM policy",
- number: 6,
- field: :enterprise_wide_scrm_policy_established,
- }
- end
-
- def self.question_7
- {
- text: "Identified or secured funding for CSCRM program functions for Initial Operating Capability",
- number: 7,
- field: :funding_for_initial_operating_capability,
- }
- end
-
- def self.question_8
- {
- text: "Identified and available staff",
- number: 8,
- field: :staffing,
- }
- end
-
- def self.question_9
- {
- text: "Established agency-wide SCRM strategy and implementation plan for providing the organizational context in which risk-based decisions will be made",
- number: 9,
- field: :agency_wide_scrm_strategy_and_implementation_plan_established,
- }
- end
-
- def self.question_10
- {
- text: "Governance structure has been established that integrates with the Enterprise Risk Management Function",
- number: 10,
- field: :enterprise_risk_management_function_established,
- }
- end
-
- def self.question_11
- {
- text: "C-SCRM roles and functional responsibilities clearly defined for key C-SCRM personnel (minimally, PMO, acquisition
- workforce and IT/Information Security personnel",
- number: 11,
- field: :roles_and_responsibilities,
- }
- end
-
- def self.question_12
- {
- text: "Identified missions, assets, systems, processes, data and suppliers (e.g., HVAs, critical suppliers,
- mission-essential functions)",
- number: 12,
- field: :missions_identified,
- }
- end
-
- def self.question_13
- {
- text: "Established process to prioritize by criticality",
- number: 13,
- field: :prioritization_process,
- }
- end
-
- def self.question_14
- {
- text: " C-SCRM considerations in procurement processes and actions",
- number: 14,
- field: :considerations_in_procurement_processes,
- }
- end
-
- def self.question_15
- {
- text: "Conducts Supply Chain Risk Assessments (SCRA) for prioritized products and services",
- number: 15,
- field: :conducts_scra_for_prioritized_products_and_services,
- }
- end
-
- def self.question_16
- {
- text: "Personnel required to complete general or role-based SCRM training requirements",
- number: 16,
- field: :personnel_required_to_complete_training,
- }
- end
-
- def self.question_17
- {
- text: "Established process for internal and exchanging information sharing with the Federal Acquisition Security Council (FASC)",
- number: 17,
- field: :established_process_information_sharing_with_fasc,
- }
- end
-
- def self.question_18
- {
- text: "Cybersecurity supply chain risk and resiliency considerations are incorporated into organizational COOP and Recovery Plans",
- number: 18,
- field: :cybersecurity_supply_chain_risk_considerations,
- }
- end
-
-
- def self.agency_roles_options
- [
- "No",
- "Partial/In-process",
- "Plan Developed",
- "Yes"
- ]
- end
-
- def self.leadership_roles_options
- [
- "Not defined",
- "Partially defined",
- "Defined",
- "Defined and designated"
- ]
- end
-
- def self.stakeholder_champion_identified_options
- [
- "Not identified",
- "A C-SCRM “Champion” (or, C-SCRM Executive Sponsor, C-SCRM Lead Official, etc.) is identified",
- "C-SCRM PMO is identified to provide leadership",
- "C-SCRM Team (e.g, Council, Committee (etc.) is identified to provide leadership",
- "Not applicable (implementation complete)",
- "Other"
- ]
- end
-
- def self.interdisciplinary_team_established_options
- [
- "No",
- "Partial/In-process",
- "Plan Developed",
- "Yes",
- ]
- end
-
- def self.pmo_established_options
- [
- "No",
- "Partial/In-process",
- "Plan Developed",
- "Yes",
- ]
- end
-
- def self.enterprise_wide_scrm_policy_established_options
- [
- "No",
- "Partial/In-process",
- "Plan Developed",
- "Yes",
- ]
- end
-
- def self.funding_for_initial_operating_capability_options
- [
- "Not Identified or secured",
- "Identified but not secured",
- "Partially secured",
- "Fully identified and secured",
- ]
- end
-
- def self.staffing_options
- [
- "Not Identified or secured",
- "Identified but not secured",
- "Partially secured",
- "Fully identified and secured",
- ]
- end
-
- def self.agency_wide_scrm_strategy_and_implementation_plan_options
- [
- "No",
- "Partial/In-process",
- "Plan Developed",
- "Yes",
- ]
- end
-
- def self.enterprise_risk_management_function_established_options
- [
- "Not established",
- "Executive Board evaluates risks across enterprise",
- "CSCRM program requirements are defined and managed",
- "Analysis of the likelihood and impact of potential supply chain cybersecurity threats"
- ]
- end
-
- def self.roles_and_responsibilities_options
- [
- "Not defined",
- "Partially defined for PMO",
- "Fully defined for PMO",
- "Partially defined for Acquisition Workforce Personnel",
- "Partially defined for IT/Information Security Personnel",
- "Fully defined for Acquisition Workforce Personnel",
- "Fully defined for IT/Information Security Personnel",
- "Partially or Fully Defined for Other Personnel"
- ]
- end
-
- def self.missions_identified_options
- [
- 'Not identified',
- 'Mission Functions Identified',
- 'Existing Asset Inventory',
- 'Existing Systems Inventory',
- 'Existing Supplier Inventory/List',
- 'Critical Mission Functions identified',
- 'Critical Assets Identified',
- 'Critical Systems Identified',
- 'Critical Suppliers Identified'
- ]
- end
-
- def self.prioritization_process_options
- [
- "No",
- "Partial/In-process",
- "Plan Developed",
- "Yes"
- ]
- end
-
- def self.considerations_in_procurement_processes_options
- [
- 'Not considered',
- 'Acquisition Strategy',
- 'Acquisition Plan',
- 'Requirements language',
- 'Source Selection evaluation factors',
- 'Quality Assurance Surveillance Plan (QASP)',
- 'Supplier (vendor) Risk Assessment',
- 'Compliance clauses',
- 'Other'
- ]
- end
-
- def self.conducts_scra_for_prioritized_products_and_services_options
- [
- 'Not conducted',
- 'Conducted for some prioritized products',
- 'Conducted for some prioritized services',
- 'Conducted for all prioritized products',
- 'Conducted for all prioritized services'
- ]
- end
-
- def self.personnel_required_to_complete_training_options
- [
- 'Not identified',
- 'Partially identified',
- 'Identified for “General”',
- 'Identified for “Role-based”',
- 'General training currently available',
- 'Role-based training currently available'
- ]
- end
-
- def self.established_process_information_sharing_options
- [
- "Not established",
- "Internal process partially developed/In process",
- "Internal process (only) established",
- "Internal process established",
- "FASC information sharing process planned or in process",
- "Internal and FASC information sharing processes established"
- ]
- end
-
- def self.cybersecurity_supply_chain_risk_considerations_options
- [
- 'Not considered',
- 'Critical Suppliers are identified in COOP and Recovery plans',
- 'Business Impact Analysis considers supplier and product dependency risks and resiliency requirements',
- 'SCRAs are conducted for critical suppliers',
- 'Mitigations to improve resilience/address assessed risks associated with critical suppliers are identified and implemented'
- ]
- end
-
- def self.to_csv
- collections = CscrmDataCollection.order('year, quarter')
-
- attributes = [
- "id",
- "organization_id",
- "organization_name",
- "bureau_id",
- "year",
- "quarter",
- "user_id",
- "user_email",
- "aasm_state",
- "leadership_roles",
- "stakeholder_champion_identified",
- "pmo_established",
- "interdisciplinary_team_established",
- "enterprise_risk_management_function_established",
- "enterprise_wide_scrm_policy_established",
- "agency_wide_scrm_strategy_and_implementation_plan_established",
- "funding_for_initial_operating_capability",
- "staffing",
- "roles_and_responsibilities",
- "missions_identified",
- "prioritization_process",
- "considerations_in_procurement_processes",
- "conducts_scra_for_prioritized_products_and_services",
- "personnel_required_to_complete_training",
- "established_process_information_sharing_with_fasc",
- "cybersecurity_supply_chain_risk_considerations",
- "integrity_hash",
- "reflection",
- "rating",
- "agency_roles",
- "agency_roles_comments",
- "stakeholder_champion_identified_comments",
- "interdisciplinary_team_established_comments",
- "pmo_established_comments",
- "agency_wide_scrm_strategy_and_implementation_plan_comments",
- "enterprise_risk_management_function_established_comments",
- "roles_and_responsibilities_comments",
- "enterprise_wide_scrm_policy_established_comments",
- "funding_for_initial_operating_capability_comments",
- "staffing_comments",
- "missions_identified_comments",
- "prioritization_process_comments",
- "considerations_in_procurement_processes_comments",
- "conducts_scra_for_prioritized_products_and_services_comments",
- "established_process_information_sharing_with_fasc_comments",
- "general_comments",
- "bureau",
- "leadership_roles_comments",
- "personnel_required_comments",
- "cybersecurity_supply_chain_risk_comments",
- "created_at",
- "updated_at"
- ]
-
- CSV.generate(headers: true) do |csv|
- csv << attributes
-
- collections.each do |collection|
- csv << [
- collection.id,
- collection.organization_id,
- collection.organization.name,
- collection.bureau_id,
- collection.year,
- collection.quarter,
- collection.user_id,
- collection.user.email,
- collection.aasm_state,
- collection.leadership_roles,
- collection.stakeholder_champion_identified,
- collection.pmo_established,
- collection.interdisciplinary_team_established,
- collection.enterprise_risk_management_function_established,
- collection.enterprise_wide_scrm_policy_established,
- collection.agency_wide_scrm_strategy_and_implementation_plan_established,
- collection.funding_for_initial_operating_capability,
- collection.staffing,
- collection.roles_and_responsibilities,
- collection.missions_identified,
- collection.prioritization_process,
- collection.considerations_in_procurement_processes,
- collection.conducts_scra_for_prioritized_products_and_services,
- collection.personnel_required_to_complete_training,
- collection.established_process_information_sharing_with_fasc,
- collection.cybersecurity_supply_chain_risk_considerations,
- collection.integrity_hash,
- collection.reflection,
- collection.rating,
- collection.agency_roles,
- collection.agency_roles_comments,
- collection.stakeholder_champion_identified_comments,
- collection.interdisciplinary_team_established_comments,
- collection.pmo_established_comments,
- collection.agency_wide_scrm_strategy_and_implementation_plan_comments,
- collection.enterprise_risk_management_function_established_comments,
- collection.roles_and_responsibilities_comments,
- collection.enterprise_wide_scrm_policy_established_comments,
- collection.funding_for_initial_operating_capability_comments,
- collection.staffing_comments,
- collection.missions_identified_comments,
- collection.prioritization_process_comments,
- collection.considerations_in_procurement_processes_comments,
- collection.conducts_scra_for_prioritized_products_and_services_comments,
- collection.established_process_information_sharing_with_fasc_comments,
- collection.general_comments,
- collection.bureau,
- collection.leadership_roles_comments,
- collection.personnel_required_comments,
- collection.cybersecurity_supply_chain_risk_comments,
- collection.created_at,
- collection.updated_at
- ]
- end
- end
- end
-
-end
diff --git a/app/models/cscrm_data_collection2.rb b/app/models/cscrm_data_collection2.rb
deleted file mode 100644
index ce0a70b58..000000000
--- a/app/models/cscrm_data_collection2.rb
+++ /dev/null
@@ -1,771 +0,0 @@
-
-# frozen_string_literal: true
-require 'csv'
-
-class CscrmDataCollection2 < ApplicationRecord
- self.table_name = "cscrm_data_collections2"
-
- include AASM
-
- belongs_to :user
- belongs_to :organization
-
- validates :year, presence: true
- validates :quarter, presence: true
-
- aasm do
- state :draft, initial: true
- state :submitted
- state :published
- state :archived
-
- event :submit do
- transitions from: %i[draft], to: :submitted
- end
-
- event :publish do
- transitions from: :submitted, to: :published
- end
-
- event :archive do
- transitions from: [:published], to: :archived
- end
-
- event :reset do
- transitions to: :draft
- end
- end
-
- #
- # Define the Questions
- #
-
- def self.question_1
- {
- text: "An interdisciplinary enterprise-wide Department or Agency team is established for SCRM as evidenced by periodic
-meetings and deliverables demonstrating team contributions.",
- number: 1,
- field: :interdisciplinary_team,
- options: implementation_status_options,
- }
- end
-
- def self.question_2
- {
- text: "A CSCRM PMO or equivalent exists with a defined charter.",
- number: 2,
- field: :pmo_established,
- options: implementation_status_options,
- }
- end
-
- def self.question_3
- {
- text: "Established Enterprise-wide SCRM policy.",
- number: 3,
- field: :established_policy,
- options: implementation_status_options,
- }
- end
-
- def self.question_4
- {
- text: "Acquisition procedures are documented that require cybersecurity supply chain risks are addressed throughout the procurement and contract management lifecycle for ICTS-related purchases.",
- number: 4,
- field: :supply_chain_acquisition_procedures,
- options: interdisciplinary_team_established_options,
- }
- end
-
- def self.question_5
- {
- text: "Identified or secured funding for C-SCRM program functions for Initial Operating Capability.",
- number: 5,
- field: :funding,
- options: funding_for_initial_operating_capability_options,
- }
- end
-
- def self.question_6
- {
- text: "Identified and available PMO staff (core and extended teams)",
- number: 6,
- field: :identified_staff,
- options: funding_for_initial_operating_capability_options,
- }
- end
-
- def self.question_7
- {
- text: "Established agency-wide SCRM strategy and implementation plan for providing the organizational context in which risk-based decisions will be made",
- number: 7,
- field: :strategy_plan,
- options: implementation_status_options,
- }
- end
-
- def self.question_8
- {
- text: "Governance structure has been established that integrates with the Enterprise Risk Management Function",
- number: 8,
- field: :governance_structure,
- options: enterprise_risk_management_function_established_options,
-
- }
- end
-
- def self.question_9
- {
- text: "CSCRM roles and functional responsibilities clearly defined for key personnel (minimally, PMO, the acquisition workforce and IT Security personnel) and documented in one or more official agency records (e.g., position descriptions, organizational directives)",
- number: 9,
- field: :clearly_defined_roles,
- options: roles_and_responsibilities_options,
- }
- end
-
- def self.question_10
- {
- text: "Identified missions, assets, systems,
-processes, data and suppliers (e.g., HVAs, critical suppliers, mission- essential functions)",
- number: 10,
- field: :identified_assets_and_essential_functions,
- options: missions_identified_options,
- }
- end
-
- def self.question_11
- {
- text: "Established process to prioritize by
-criticality",
- number: 11,
- field: :prioritization_process,
- options: implementation_status_options,
- }
- end
-
- def self.question_12
- {
- text: " C-SCRM considerations in procurement processes and actions",
- number: 12,
- field: :considerations_in_procurement_processes,
- options: considerations_in_procurement_processes_options,
- }
- end
-
- def self.question_13
- {
- text: "A methodology for conducting Supply Chain Risk Assessment is documented.",
- number: 13,
- field: :documented_methodology,
- options: yes_no_in_development,
- }
- end
-
- def self.question_14
- {
- text: "Conducts Supply Chain Risk Assessments (SCRA) for prioritized products and services",
- number: 14,
- field: :conducts_scra_for_prioritized_products_and_services,
- options: conducts_scra_for_prioritized_products_and_services_options,
- }
- end
-
- def self.question_15
- {
- text: "Personnel with roles and responsibilities for SCRM have completed general (basic) SCRM training or will complete training by the end of this Fiscal Year",
- number: 15,
- field: :personnel_required_to_complete_training,
- options: training_options,
- }
- end
-
- def self.question_16
- {
- text: "Established process for internal and exchanging information sharing with the Federal Acquisition Security Council (FASC)",
- number: 16,
- field: :established_process_information_sharing_with_fasc,
- options: established_process_information_sharing_options,
- }
- end
-
- def self.question_17
- {
- text: "Conducts SCRA of key suppliers of ICT systems and services identified in organizational COOP and Recovery Plans to include mitigations to improve resiliency/address accessed risk in these plans",
- number: 17,
- field: :cybersecurity_supply_chain_risk_considerations,
- options: cybersecurity_supply_chain_risk_considerations_options,
- }
- end
- def self.question_18
- {
- text: "Process to detect, report, and remediate counterfeit non-conforming ICT products prior to deployment is defined and documented",
- number: 18,
- field: :process_for_product_authenticity,
- options: implementation_status_options,
- }
- end
-
- def self.question_19
- {
- text: "C-SCRM security controls are selected, tailored as appropriate, and implements and distinctly and clearly incorporated into system security plans.",
- number: 19,
- field: :cscrm_controls_incorporated_into_ssp,
- options: cscrm_controls_incorporated_into_ssp_options,
- }
- end
-
-
-
-
- #
- # Define the Radio button text and values
- #
-
- def self.implementation_status_options
- {
- "No" => 0,
- "Partial/In-process" => 1,
- "Plan Developed" => 2,
- "Yes" => 3
- }
- end
-
- def self.cscrm_controls_incorporated_into_ssp_options
- {
- "No" => 0,
- "Selection In-process" => 1,
- "Partially implemented" => 2,
- "Yes" => 3
- }
- end
-
- def self.interdisciplinary_team_established_options
- {
- "No" => 0,
- "Procedures are being developed" => 1,
- "Procedures are in place that partially meet this benchmark" => 2,
- "Yes" => 3,
- }
- end
-
- def self.funding_for_initial_operating_capability_options
- {
- "Not Identified or secured" => 0,
- "Identified but not secured" => 1,
- "Partially secured" => 2,
- "Fully identified and secured" => 3,
- }
- end
-
- def self.missions_identified_options
- {
- 'Not identified' => 0,
- 'Mission Functions Identified' => 1,
- 'Existing Asset Inventory' => 2,
- 'Existing Systems Inventory' => 3,
- 'Existing Supplier Inventory/List' => 4,
- 'Critical Mission Functions identified' => 5,
- 'Critical Assets Identified' => 6,
- 'Critical Systems Identified' => 7,
- 'Critical Suppliers Identified' => 8
- }
- end
-
- def self.roles_and_responsibilities_options
- {
- "Not defined" => 0,
- "Partially defined for PMO" => 1,
- "Fully defined for PMO" => 2,
- "Partially defined for Acquisition Workforce Personnel" => 3,
- "Partially defined for IT/Information Security Personnel" => 4,
- "Fully defined for Acquisition Workforce Personnel" => 5,
- "Fully defined for IT/Information Security Personnel" => 6,
- "Partially or Fully Defined for Other Personnel" => 7
- }
- end
-
- def self.cybersecurity_supply_chain_risk_considerations_options
- {
- 'Not considered' => 0,
- 'Critical Suppliers are identified in COOP and Recovery plans' => 1,
- 'Business Impact Analysis considers supplier and product dependency risks and resiliency requirements' => 2,
- 'SCRAs are conducted for critical suppliers' => 3,
- 'Mitigations to improve resilience/address assessed risks associated with critical suppliers are identified and implemented' => 4
- }
- end
-
-
-
- # def self.implementation_status_options
- # {
- # 0 => "No",
- # 1 => "Partial/In-process",
- # 2 => "Plan Developed",
- # 3 => "Yes"
- # }
- # end
-
-
-
- ## OLD OPTIONS BELOW...........................................
-
- def self.agency_roles_options
- {
- "No" => 0,
- "Partial/In-process" => 1,
- "Plan Developed" => 2,
- "Yes" => 3
- }
- end
-
- def self.training_options
- {
- "No" => 0,
- "No, Training not available" => 2,
- "Partial" => 3,
- "Yes" => 1
- }
- end
-
- def self.leadership_roles_options
- {
- "Not defined" => 0,
- "Partially defined" => 1,
- "Defined" => 2,
- "Defined and designated" => 3
- }
- end
-
- def self.stakeholder_champion_identified_options
- {
- "Not identified" => 0,
- "A C-SCRM “Champion” (or, C-SCRM Executive Sponsor, C-SCRM Lead Official, etc.) is identified" => 0,
- "C-SCRM PMO is identified to provide leadership" => 0,
- "C-SCRM Team (e.g, Council, Committee (etc.) is identified to provide leadership" => 0,
- "Not applicable (implementation complete)" => 0,
- "Other" => 0
- }
- end
-
-
- def self.pmo_established_options
- {
- "No" => 0,
- "Partial/In-process" => 1,
- "Plan Developed" => 2,
- "Yes" => 3,
- }
- end
-
- def self.enterprise_risk_management_function_established_options
- {
- "Not established" => 0,
- "Executive Board evaluates risks across enterprise" => 1,
- "CSCRM program requirements are defined and managed" => 2,
- "Analysis of the likelihood and impact of potential supply chain cybersecurity threats" => 3
- }
- end
-
- def self.considerations_in_procurement_processes_options
- {
- 'Not considered' => 1,
- 'Acquisition Strategy' => 2,
- 'Acquisition Plan' => 3,
- 'Requirements language' => 4,
- 'Source Selection evaluation factors' => 5,
- 'Quality Assurance Surveillance Plan (QASP)' => 6,
- 'Supplier (vendor) Risk Assessment' => 7,
- 'Compliance clauses' => 8,
- 'Other' => 9
- }
- end
-
- def self.yes_no_in_development
- {
- 'No' => 0,
- 'In development' => 2,
- 'Yes' => 1,
- }
- end
-
- def self.conducts_scra_for_prioritized_products_and_services_options
- {
- 'Not conducted' => 0,
- 'Conducted for some prioritized products' => 1,
- 'Conducted for some prioritized services' => 2,
- 'Conducted for all prioritized products' => 3,
- 'Conducted for all prioritized services' => 4
- }
- end
-
- def self.established_process_information_sharing_options
- {
- "Not established" => 0,
- "Internal process partially developed/In process" => 1,
- "Internal process (only) established" => 2,
- "Internal process established" => 3,
- "FASC information sharing process planned or in process" => 4,
- "Internal and FASC information sharing processes established" => 5
- }
- end
-
-
- #
- #
- # Custom logic applied to fields for data export
- # example: 8 checkbox values being consolidated into a value between 1-3
- #
- #
-
- def self.export_conversion_question_9(field)
- return nil if !field || field.length == 1
-
- # 0 = Not Defined
- # 1 = All Partial
- # 2 = Partial and Full
- # 3 = All Fully defined (“Other” was included for informational purposes)
-
- question_option_selections = YAML.load(field) # parse the string encoded as an array, to an array
- question_option_selections_without_not_defined = question_option_selections - ["Not defined"] # remove Not defined option
-
- if question_option_selections_without_not_defined.include?("Fully defined for PMO") &&
- question_option_selections_without_not_defined.include?("Fully defined for Acquisition Workforce Personnel") &&
- question_option_selections_without_not_defined.include?("Fully defined for IT/Information Security Personnel")
- 3
- elsif question_option_selections_without_not_defined.include?("Partially defined for Acquisition Workforce Personnel") &&
- question_option_selections_without_not_defined.include?("Partially defined for IT/Information Security Personnel") &&
- question_option_selections_without_not_defined.include?("Partially defined for IT/Information Security Personnel") &&
- question_option_selections_without_not_defined.include?("Partially or Fully Defined for Other Personnel")
- 1
- elsif (question_option_selections_without_not_defined.include?("Partially defined for Acquisition Workforce Personnel") ||
- question_option_selections_without_not_defined.include?("Partially defined for IT/Information Security Personnel") ||
- question_option_selections_without_not_defined.include?("Partially defined for IT/Information Security Personnel") ||
- question_option_selections_without_not_defined.include?("Partially or Fully Defined for Other Personnel") ) &&
- (question_option_selections_without_not_defined.include?("Fully defined for PMO") ||
- question_option_selections_without_not_defined.include?("Fully defined for Acquisition Workforce Personnel") ||
- question_option_selections_without_not_defined.include?("Fully defined for IT/Information Security Personnel") )
- 2
- elsif question_option_selections.include?("Not defined")
- 0
- else
- "not scored"
- end
- end
-
- def self.export_conversion_question_10(field)
- return nil if !field || field.length == 1
-
- # 0 = Not Identified
- # 1 = 1 or 2 identified
- # 2 = All but suppliers identified
- # 3 = All identified
- # Note: Critical item selections not scored, for info only; however,
- # If critical items were selected, assumption was that items had been identified
-
- question_option_selections = YAML.load(field) # parse the string encoded as an array, to an array
- question_option_selections_without_not_identified = question_option_selections - ["Not identified"] # remove Not Identified option
- question_option_selections_without_suppliers = question_option_selections_without_not_identified - ["Critical Suppliers Identified"] # remove Not Identified and Suppliers option
-
- if question_option_selections_without_not_identified.size == 8 # if all are selected
- 3
- elsif question_option_selections_without_suppliers.size == 7
- 2
- elsif (1..6).include?(question_option_selections_without_suppliers.size)
- 1
- elsif question_option_selections.include?("Not identified")
- 0
- else
- "not scored"
- end
- end
-
- def self.export_conversion_question_12(field)
- return nil if !field || field.length == 1
-
- # 0 = Not Considered
- # 1 = up to 2 selections OR Other
- # 2 = 3 to 6 selections
- # 3 = All
-
- question_option_selections = YAML.load(field)
- question_option_selections_without_not_considered = question_option_selections - ["Not considered"]
- question_option_selections_without_other = question_option_selections_without_not_considered - ["Other"]
-
- if question_option_selections_without_other.size == 7 # if all are selected
- 3
- elsif (3..6).include?(question_option_selections_without_other.size)
- 2
- elsif (1..2).include?(question_option_selections_without_other.size)
- 1
- elsif question_option_selections == ["Other"]
- 1
- elsif question_option_selections.include?("Not considered")
- 0
- else
- "not scored"
- end
- end
-
- def self.export_conversion_question_14(field)
- return nil if !field || field.length == 1
-
- # 0 = Not Considered
- # 1 = Some Products and/or Services
- # 2 = Some Products/All Services or All
- # Products/Some Services
- # 3 = All Product and Services
- # Note: If 1 “all” option selected score = 2
-
- question_option_selections = YAML.load(field)
- question_option_selections_without_not_conducted = question_option_selections - ["Not conducted"]
-
- if question_option_selections_without_not_conducted.include?("Conducted for all prioritized products") &&
- question_option_selections_without_not_conducted.include?("Conducted for all prioritized services")
- 3
- elsif question_option_selections_without_not_conducted.include?("Conducted for all prioritized products") ||
- question_option_selections_without_not_conducted.include?("Conducted for all prioritized services")
- 2
- elsif question_option_selections_without_not_conducted.include?("Conducted for some prioritized products") ||
- question_option_selections_without_not_conducted.include?("Conducted for some prioritized services")
- 1
- elsif question_option_selections.include?("Not conducted")
- 0
- else
- "not scored"
- end
- end
-
- def self.export_conversion_question_16(field)
- # 0 = Not established
- # 1 = Partial/in-Process Internal process
- # 2 = Internal Process established and/or FASC process planned/in-process
- # 3 = Internal and FASC process established
-
- if field == "5"
- 3
- elsif field == "2" ||
- field == "3" ||
- field == "4"
- 2
- elsif field == "1"
- 1
- elsif field == "0"
- 0
- else
- "not scored"
- end
- end
-
- def self.export_conversion_question_17(field)
- return nil if !field || field.length == 1
-
- # 0 = Not Considered;
- # 1 = Response option(s), other than SCRAs;
- # 2 = Response options includes “SCRAs” but not “mitigations”
- # 3 = ”SCRAs” and “Mitigations” options selected
-
- question_option_selections = YAML.load(field)
-
- if question_option_selections.include?("SCRAs are conducted for critical suppliers") &&
- question_option_selections.include?("Mitigations to improve resilience/address assessed risks associated with critical suppliers are identified and implemented")
- 3
- elsif question_option_selections.include?("SCRAs are conducted for critical suppliers") &&
- !question_option_selections.include?("Mitigations to improve resilience/address assessed risks associated with critical suppliers are identified and implemented")
- 2
- elsif question_option_selections.include?("Critical Suppliers are identified in COOP and Recovery plans") ||
- question_option_selections.include?("Business Impact Analysis considers supplier and product dependency risks and resiliency requirements") ||
- question_option_selections.include?("Mitigations to improve resilience/address assessed risks associated with critical suppliers are identified and implemented")
- 1
- elsif question_option_selections.include?("Not considered")
- 0
- else
- "not scored"
- end
- end
-
- #
- # end custom export logic
- #
-
-
- def self.to_csv
- collections = CscrmDataCollection2.order('year, quarter')
-
- attributes = [
- "id",
- "organization_id",
- "organization_name",
- "bureau_id",
- "year",
- "quarter",
- "user_id",
- "user_email",
-
- "aasm_state",
- "reflection",
- "rating",
-
- "interdisciplinary_team_value",
- "interdisciplinary_team",
- "interdisciplinary_team_comments",
- "pmo_established_value",
- "pmo_established",
- "pmo_established_comments",
- "established_policy_value",
- "established_policy",
- "established_policy_comments",
- "supply_chain_acquisition_procedures_value",
- "supply_chain_acquisition_procedures",
- "supply_chain_acquisition_procedures_comments",
- "funding_value",
- "funding",
- "funding_comments",
- "identified_staff_value",
- "identified_staff",
- "identified_staff_comments",
- "strategy_plan_value",
- "strategy_plan",
- "strategy_plan_comments",
- "governance_structure_value",
- "governance_structure",
- "governance_structure_comments",
- "clearly_defined_roles_value",
- "clearly_defined_roles_translated_value",
- "clearly_defined_roles_comments",
- "identified_assets_and_essential_functions_value",
- "identified_assets_and_essential_functions_translated_value",
- "identified_assets_and_essential_functions_comments",
- "prioritization_process_value",
- "prioritization_process",
- "prioritization_process_comments",
- "considerations_in_procurement_processes",
- "considerations_in_procurement_processes_value",
- "considerations_in_procurement_processes_translated_value",
- "considerations_in_procurement_processes_comments",
- "documented_methodology_value",
- "documented_methodology",
- "documented_methodology_comments",
- "conducts_scra_for_prioritized_products_and_services",
- "conducts_scra_for_prioritized_products_and_services_value",
- "conducts_scra_for_prioritized_products_and_services_translated_value",
- "conducts_scra_for_prioritized_products_and_services_comments",
- "personnel_required_to_complete_training_value",
- "personnel_required_to_complete_training",
- "personnel_required_to_complete_training_comments",
- "established_process_information_sharing_with_fasc",
- "established_process_information_sharing_with_fasc_value",
- "established_process_information_sharing_with_fasc_translated_value",
- "established_process_information_sharing_with_fasc_comments",
- "cybersecurity_supply_chain_risk_considerations_value",
- "cybersecurity_supply_chain_risk_considerations_translated_value",
- "cybersecurity_supply_chain_risk_considerations_comments",
- "process_for_product_authenticity_value",
- "process_for_product_authenticity",
- "process_for_product_authenticity_comments",
- "cscrm_controls_incorporated_into_ssp_value",
- "cscrm_controls_incorporated_into_ssp",
- "cscrm_controls_incorporated_into_ssp_comments",
- "comments",
- "created_at",
- "updated_at"
- ]
-
- CSV.generate(headers: true) do |csv|
- csv << attributes
-
- collections.each do |collection|
- csv << [
- collection.id,
- collection.organization_id,
- collection.organization.name,
- collection.bureau_id,
- collection.year,
- collection.quarter,
- collection.user_id,
- collection.user.email,
-
- collection.aasm_state,
- # collection.integrity_hash,
- collection.reflection,
- collection.rating,
-
- CscrmDataCollection2.question_1[:options].key(collection.interdisciplinary_team.to_i),
- collection.interdisciplinary_team,
- collection.interdisciplinary_team_comments,
- CscrmDataCollection2.question_2[:options].key(collection.pmo_established.to_i),
- collection.pmo_established,
- collection.pmo_established_comments,
- CscrmDataCollection2.question_3[:options].key(collection.established_policy.to_i),
- collection.established_policy,
- collection.established_policy_comments,
- CscrmDataCollection2.question_4[:options].key(collection.supply_chain_acquisition_procedures.to_i),
- collection.supply_chain_acquisition_procedures,
- collection.supply_chain_acquisition_procedures_comments,
- CscrmDataCollection2.question_5[:options].key(collection.funding.to_i),
- collection.funding,
- collection.funding_comments,
- CscrmDataCollection2.question_6[:options].key(collection.identified_staff.to_i),
- collection.identified_staff,
- collection.identified_staff_comments,
- CscrmDataCollection2.question_7[:options].key(collection.strategy_plan.to_i),
- collection.strategy_plan,
- collection.strategy_plan_comments,
- CscrmDataCollection2.question_8[:options].key(collection.governance_structure.to_i),
- collection.governance_structure,
- collection.governance_structure_comments,
-
- collection.clearly_defined_roles,
- export_conversion_question_9(collection.clearly_defined_roles),
- collection.clearly_defined_roles_comments,
-
- collection.identified_assets_and_essential_functions,
- export_conversion_question_10(collection.identified_assets_and_essential_functions),
- collection.identified_assets_and_essential_functions_comments,
-
- CscrmDataCollection2.question_11[:options].key(collection.prioritization_process.to_i),
- collection.prioritization_process,
- collection.prioritization_process_comments,
-
- CscrmDataCollection2.question_12[:options].key(collection.considerations_in_procurement_processes.to_i),
- collection.considerations_in_procurement_processes,
- export_conversion_question_12(collection.considerations_in_procurement_processes),
- collection.considerations_in_procurement_processes_comments,
-
- CscrmDataCollection2.question_13[:options].key(collection.documented_methodology.to_i),
- collection.documented_methodology,
- collection.documented_methodology_comments,
-
- CscrmDataCollection2.question_14[:options].key(collection.conducts_scra_for_prioritized_products_and_services.to_i),
- collection.conducts_scra_for_prioritized_products_and_services,
- export_conversion_question_14(collection.conducts_scra_for_prioritized_products_and_services),
- collection.conducts_scra_for_prioritized_products_and_services_comments,
-
- CscrmDataCollection2.question_15[:options].key(collection.personnel_required_to_complete_training.to_i),
- collection.personnel_required_to_complete_training,
- collection.personnel_required_to_complete_training_comments,
-
- CscrmDataCollection2.question_16[:options].key(collection.established_process_information_sharing_with_fasc.to_i),
- collection.established_process_information_sharing_with_fasc,
- export_conversion_question_16(collection.established_process_information_sharing_with_fasc),
- collection.established_process_information_sharing_with_fasc_comments,
-
- collection.cybersecurity_supply_chain_risk_considerations,
- export_conversion_question_17(collection.cybersecurity_supply_chain_risk_considerations),
- collection.cybersecurity_supply_chain_risk_considerations_comments,
-
- CscrmDataCollection2.question_18[:options].key(collection.process_for_product_authenticity.to_i),
- collection.process_for_product_authenticity,
- collection.process_for_product_authenticity_comments,
- CscrmDataCollection2.question_19[:options].key(collection.cscrm_controls_incorporated_into_ssp.to_i),
- collection.cscrm_controls_incorporated_into_ssp,
- collection.cscrm_controls_incorporated_into_ssp_comments,
- collection.comments,
-
- collection.created_at,
- collection.updated_at,
- ]
- end
- end
- end
-
-end
diff --git a/app/models/event.rb b/app/models/event.rb
index bbc95f3cf..9002b93af 100644
--- a/app/models/event.rb
+++ b/app/models/event.rb
@@ -41,14 +41,6 @@ class Generic
collection_change_requested: 'collection_change_requested',
collection_deleted: 'collection_deleted',
- collection_cx_created: 'collection_cx_created',
- collection_cx_updated: 'collection_cx_updated',
- collection_cx_copied: 'collection_cx_copied',
- collection_cx_submitted: 'collection_cx_submitted',
- collection_cx_published: 'collection_cx_published',
- collection_cx_change_requested: 'collection_cx_change_requested',
- collection_cx_deleted: 'collection_cx_deleted',
-
cx_collection_created: 'cx_collection_created',
cx_collection_updated: 'cx_collection_updated',
cx_collection_copied: 'cx_collection_copied',
@@ -65,13 +57,6 @@ class Generic
cx_collection_detail_upload_created: 'cx_collection_detail_upload_created',
cx_collection_detail_upload_deleted: 'cx_collection_detail_upload_deleted',
- cscrm_data_collection_collection_created: 'cscrm_data_collection_collection_created',
- cscrm_data_collection_collection_updated: 'cscrm_data_collection_collection_updated',
- cscrm_data_collection_collection_submitted: 'cscrm_data_collection_collection_submitted',
- cscrm_data_collection_collection_published: 'cscrm_data_collection_collection_published',
- cscrm_data_collection_collection_reset: 'cscrm_data_collection_collection_reset',
- cscrm_data_collection_collection_deleted: 'cscrm_data_collection_collection_deleted',
-
response_flagged: 'response_flagged',
response_unflagged: 'response_unflagged',
response_archived: 'response_archived',
diff --git a/app/models/organization.rb b/app/models/organization.rb
index d8f384ca9..2fc642013 100644
--- a/app/models/organization.rb
+++ b/app/models/organization.rb
@@ -8,8 +8,6 @@ class Organization < ApplicationRecord
has_many :services
has_many :websites
has_many :cx_collections
- has_many :cscrm_data_collections
- has_many :cscrm_data_collections2, class_name: "CscrmDataCollection2"
has_many :forms
mount_uploader :logo, LogoUploader
diff --git a/app/serializers/cscrm_data_collection_serializer.rb b/app/serializers/cscrm_data_collection_serializer.rb
deleted file mode 100644
index 5109a8068..000000000
--- a/app/serializers/cscrm_data_collection_serializer.rb
+++ /dev/null
@@ -1,40 +0,0 @@
-# frozen_string_literal: true
-
-class CscrmDataCollectionSerializer < ActiveModel::Serializer
- attributes :id,
- :leadership_roles,
- :stakeholder_champion_identified,
- :pmo_established,
- :interdisciplinary_team_established,
- :enterprise_risk_management_function_established,
- :enterprise_wide_scrm_policy_established,
- :agency_wide_scrm_strategy_and_implementation_plan_established,
- :funding_for_initial_operating_capability,
- :staffing,
- :roles_and_responsibilities,
- :missions_identified,
- :prioritization_process,
- :considerations_in_procurement_processes,
- :conducts_scra_for_prioritized_products_and_services,
- :personnel_required_to_complete_training,
- :established_process_information_sharing_with_fasc,
- :cybersecurity_supply_chain_risk_considerations,
- :agency_roles,
- :agency_roles_comments,
- :stakeholder_champion_identified_comments,
- :interdisciplinary_team_established_comments,
- :pmo_established_comments,
- :agency_wide_scrm_strategy_and_implementation_plan_comments,
- :enterprise_risk_management_function_established_comments,
- :roles_and_responsibilities_comments,
- :enterprise_wide_scrm_policy_established_comments,
- :funding_for_initial_operating_capability_comments,
- :staffing_comments,
- :missions_identified_comments,
- :prioritization_process_comments,
- :considerations_in_procurement_processes_comments,
- :conducts_scra_for_prioritized_products_and_services_comments,
- :established_process_information_sharing_with_fasc_comments,
- :general_comments
-
-end
diff --git a/app/views/admin/cscrm_data_collections/_cscrm_data_collection.html.erb b/app/views/admin/cscrm_data_collections/_cscrm_data_collection.html.erb
deleted file mode 100644
index cea2f688a..000000000
--- a/app/views/admin/cscrm_data_collections/_cscrm_data_collection.html.erb
+++ /dev/null
@@ -1,102 +0,0 @@
-
-
- Organization:
- <%= cscrm_data_collection.organization.name %>
-
-
-
- Year:
- <%= cscrm_data_collection.year %>
-
-
-
- Quarter:
- <%= cscrm_data_collection.quarter %>
-
-
-
- Leadership roles:
- <%= cscrm_data_collection.leadership_roles %>
-
-
-
- Stakeholder champion identified:
- <%= cscrm_data_collection.stakeholder_champion_identified %>
-
-
-
- Pmo established:
- <%= cscrm_data_collection.pmo_established %>
-
-
-
- Interdisciplinary team established:
- <%= cscrm_data_collection.interdisciplinary_team_established %>
-
-
-
- Enterprise risk management function established:
- <%= cscrm_data_collection.enterprise_risk_management_function_established %>
-
-
-
- Enterprise wide scrm policy established:
- <%= cscrm_data_collection.enterprise_wide_scrm_policy_established %>
-
-
-
- Agency wide scrm strategy and implementation plan established:
- <%= cscrm_data_collection.agency_wide_scrm_strategy_and_implementation_plan_established %>
-
-
-
- Funding for initial operationg capability:
- <%= cscrm_data_collection.funding_for_initial_operating_capability %>
-
-
-
- Staffing:
- <%= cscrm_data_collection.staffing %>
-
-
-
- Roles and responsibilities:
- <%= cscrm_data_collection.roles_and_responsibilities %>
-
-
-
- Missions identified:
- <%= cscrm_data_collection.missions_identified %>
-
-
-
- Prioritization process:
- <%= cscrm_data_collection.prioritization_process %>
-
-
-
- Considerations in procurement processes:
- <%= cscrm_data_collection.considerations_in_procurement_processes %>
-
-
-
- Conducts scra for prioritized products and services:
- <%= cscrm_data_collection.conducts_scra_for_prioritized_products_and_services %>
-
-
-
- Personnel required to complete training:
- <%= cscrm_data_collection.personnel_required_to_complete_training %>
-
-
-
- Established process information sharing with fasc:
- <%= cscrm_data_collection.established_process_information_sharing_with_fasc %>
-
-
-
- Cybersecurity supply chain risk considerations incorporated into plans:
- <%= cscrm_data_collection.cybersecurity_supply_chain_risk_considerations %>
-
-
-
-
<%= pluralize(cscrm_data_collection.errors.count, "error") %> prohibited this cscrm_data_collection from being saved:
-
-
- <% cscrm_data_collection.errors.each do |error| %>
- <%= error.full_message %>
- <% end %>
-
-
- <%= form.label :user_id, "User ID" %>
- <%= form.text_field :user_id, class: "usa-input" , value: cscrm_data_collection.user_id || current_user.id %>
-
-
- <%= form.label :organization_id,
- "Organization" %>
- <%= form.select :organization_id, options_for_select(organization_dropdown_options, cscrm_data_collection.organization_id), { prompt: "Which Organization?" }, { class: "usa-select", required: true } %>
-
-
- <%= form.label :bureau_id,
- "Bureau" %>
- <%#= form.select :bureau_id,
- options_for_select(organization_dropdown_options, cscrm_data_collection.bureau_id),
- { prompt: "Which Bureau?" },
- { class: "usa-select" } %>
- <%= form.text_field :bureau, class: "usa-input" %>
-
-
-
- <%= form.label :year, class: "usa-label" %>
- <%= form.text_field :year, class: "usa-input", required: true %>
-
-
-
- <%= form.label :quarter, class: "usa-label" %>
- <%= form.number_field :quarter, class: "usa-input", required: true, min: 1, max: 4 %>
-
-
-
- <%= form.label :agency_roles,
- "#{CscrmDataCollection.question_1[:number]}. #{CscrmDataCollection.question_1[:text]}",
- class: "usa-label" %>
- <%= form.select :agency_roles,
- CscrmDataCollection.agency_roles_options,
- { include_blank: true },
- class: "usa-select" %>
-
-
-
- <%= form.label :agency_roles_comments,
- "Comments",
- class: "usa-label" %>
- <%= form.text_area :agency_roles_comments,
- class: "usa-textarea" %>
-
-
-
- <%= form.label :leadership_roles,
- "#{CscrmDataCollection.question_2[:number]}. #{CscrmDataCollection.question_2[:text]}",
- class: "usa-label" %>
- <%= form.select :leadership_roles,
- CscrmDataCollection.leadership_roles_options,
- { include_blank: true },
- class: "usa-select" %>
-
-
-
- <%= form.label :leadership_roles_comments, "Comments" , class: "usa-label" %>
- <%= form.text_area :leadership_roles_comments, class: "usa-textarea" %>
-
-
-
- <%= form.label :stakeholder_champion_identified,
- "#{CscrmDataCollection.question_3[:number]}. #{CscrmDataCollection.question_3[:text]}",
- class: "usa-label" %>
- <%= form.select :stakeholder_champion_identified,
- CscrmDataCollection.stakeholder_champion_identified_options,
- { include_blank: true },
- class: "usa-select" %>
-
-
-
- <%= form.label :stakeholder_champion_identified_comments,
- "Comments",
- class: "usa-label" %>
- <%= form.text_area :stakeholder_champion_identified_comments,
- class: "usa-textarea" %>
-
-
-
- <%= form.label :interdisciplinary_team_established,
- "#{CscrmDataCollection.question_4[:number]}. #{CscrmDataCollection.question_4[:text]}",
- class: "usa-label" %>
-
- Section 2 “Integration of C-SCRM into Enterprise-wide Risk Management”
- Guidance is also provided in Section 2.3 about multi-level risk management roles and responsibilities.
- Appendix G: “C-SCRM Activities in the Risk Management Process”
-
- <%= form.select :interdisciplinary_team_established,
- CscrmDataCollection.interdisciplinary_team_established_options,
- { include_blank: true },
- class: "usa-select",
- required: true
- %>
-
- <%= form.label :interdisciplinary_team_established_comments,
- "Comments",
- class: "usa-label" %>
- <%= form.text_area :interdisciplinary_team_established_comments,
- class: "usa-textarea" %>
-
-
-
- <%= form.label :pmo_established,
- "#{CscrmDataCollection.question_5[:number]}. #{CscrmDataCollection.question_5[:text]}",
- class: "usa-label" %>
-
- Section 2.3.5 “C-SCRM PMO”
-
- Numerous references to the role of a C-SCRM PMO throughout the publication, to include Appendix A” C-SCRM Security
- Controls (search on “PMO”)
-
- <%= form.select :pmo_established,
- CscrmDataCollection.pmo_established_options,
- { include_blank: true },
- class: "usa-select",
- required: true
- %>
-
- <%= form.label :pmo_established_comments,
- "Comments",
- class: "usa-label" %>
- <%= form.text_area :pmo_established_comments,
- class: "usa-textarea" %>
-
-
-
- <%= form.label :enterprise_wide_scrm_policy_established,
- "#{CscrmDataCollection.question_6[:number]}. #{CscrmDataCollection.question_6[:text]}",
- class: "usa-label" %>
-
- SR-1 “Policy and Procedures.”
-
- Refer also to C-SCRM security control supplemental guidance for policy and procedures in other control families (e.g.,
- AC-1, CP-1, SA-1, etc.)
-
- <%= form.select :enterprise_wide_scrm_policy_established,
- CscrmDataCollection.enterprise_wide_scrm_policy_established_options,
- { include_blank: true },
- class: "usa-select",
- required: true
- %>
-
- <%= form.label :enterprise_wide_scrm_policy_established_comments,
- "Comments",
- class: "usa-label" %>
- <%= form.text_area :enterprise_wide_scrm_policy_established_comments,
- class: "usa-textarea" %>
-
-
-
- <%= form.label :funding_for_initial_operating_capability,
- "#{CscrmDataCollection.question_7[:number]}. #{CscrmDataCollection.question_7[:text]}",
- class: "usa-label" %>
-
- “Critical Success Factors” Section 3.6 “Dedicated Resources”
-
- <%= form.select :funding_for_initial_operating_capability,
- CscrmDataCollection.funding_for_initial_operating_capability_options,
- { include_blank: true },
- class: "usa-select",
- required: true
- %>
-
- <%= form.label :funding_for_initial_operating_capability_comments,
- "Comments",
- class: "usa-label" %>
- <%= form.text_area :funding_for_initial_operating_capability_comments,
- class: "usa-textarea" %>
-
-
-
- <%= form.label :staffing,
- "#{CscrmDataCollection.question_8[:number]}. #{CscrmDataCollection.question_8[:text]}",
- class: "usa-label" %>
-
- Section 2.3.1-5 “Roles and Responsibilities Across the Three Levels”
-
- Section 3.3 “C-SCRM Training and Awareness”
-
- Section 3.6 “Dedicated Resources”
-
- <%= form.select :staffing,
- CscrmDataCollection.staffing_options,
- { include_blank: true },
- class: "usa-select",
- required: true
- %>
-
- <%= form.label :staffing_comments,
- "Comments",
- class: "usa-label" %>
- <%= form.text_area :staffing_comments,
- class: "usa-textarea" %>
-
-
-
- <%= form.label :agency_wide_scrm_strategy_and_implementation_plan_established,
- "#{CscrmDataCollection.question_9[:number]}. #{CscrmDataCollection.question_9[:text]}",
- class: "usa-label" %>
-
- Section 2.3 “Multi-level Risk Management”
-
- PM-30 Supply Chain Risk Management Strategy
- Appendix D.1: “C-SCRM Strategy and Implementation Plan" guidance and template
-
- <%= form.select :agency_wide_scrm_strategy_and_implementation_plan_established,
- CscrmDataCollection.agency_wide_scrm_strategy_and_implementation_plan_options,
- { include_blank: true },
- class: "usa-select",
- required: true
- %>
-
- <%= form.label :agency_wide_scrm_strategy_and_implementation_plan_comments, "Comments" , class: "usa-label" %>
- <%= form.text_area :agency_wide_scrm_strategy_and_implementation_plan_comments, class: "usa-textarea" %>
-
-
-
- <%= form.label :enterprise_risk_management_function_established,
- "#{CscrmDataCollection.question_10[:number]}. #{CscrmDataCollection.question_10[:text]}",
- class: "usa-label" %>
-
- Section 2.3.2 “Level 1 – Enterprise”
-
- Appendix G: Appendix G: “C-SCRM Activities in the Risk Management Process”: FRAME inputs and conditions
-
- <%= form.select :enterprise_risk_management_function_established,
- CscrmDataCollection.enterprise_risk_management_function_established_options,
- { include_blank: true },
- class: "usa-select",
- required: true
- %>
-
- <%= form.label :enterprise_risk_management_function_established_comments, "Comments" , class: "usa-label" %>
- <%= form.text_area :enterprise_risk_management_function_established_comments, class: "usa-textarea" %>
-
-
-
- <%= "#{CscrmDataCollection.question_11[:number]}. #{CscrmDataCollection.question_11[:text]}" %>
- <%= form.label :roles_and_responsibilities,
- "#{CscrmDataCollection.question_11[:number]}. #{CscrmDataCollection.question_11[:text]}",
- class: "usa-label" %>
-
- Section 2.3.1-5 “Roles and Responsibilities Across the Three Levels”
-
- Section 3.1 “C-SCRM in Acquisition”
-
- Appendix D.1 and D.2 “C-SCRM Strategy and Implementation Plan” and “C-SCRM Policy”
-
-
- <%= form.check_box(:roles_and_responsibilities, {
- multiple: true,
- checked: form.object.roles_and_responsibilities&.include?(option),
- class: "usa-checkbox__input2 usa-checkbox__input--tile2"
- }, option, nil) %>
-
-
- <%= form.label(option, option, class: "usa-checkbox__label2") %>
-
- <% end %>
-
-
-
- <%= form.label :roles_and_responsibilities_comments, "Comments" , class: "usa-label" %>
- <%= form.text_area :roles_and_responsibilities_comments, class: "usa-textarea" %>
-
-
-
- <%= "#{CscrmDataCollection.question_8[:number]}. #{CscrmDataCollection.question_8[:text]}" %>
- <%= form.label :missions_identified,
- "#{CscrmDataCollection.question_12[:number]}. #{CscrmDataCollection.question_12[:text]}",
- class: "usa-label" %>
-
- Section 3.1.1. Acquisition in the C-SCRM Strategy and Implementation Plan
-
-
- <%= form.check_box(:missions_identified, {
- multiple: true,
- checked: form.object.missions_identified&.include?(option),
- class: "usa-checkbox__input2 usa-checkbox__input--tile2"
- }, option, nil) %>
-
-
- <%= form.label(option, option, class: "usa-checkbox__label2") %>
-
- <% end %>
-
-
-
- <%= form.label :missions_identified_comments, "Comments" , class: "usa-label" %>
- <%= form.text_area :missions_identified_comments, class: "usa-textarea" %>
-
-
-
- <%= form.label :prioritization_process,
- "#{CscrmDataCollection.question_13[:number]}. #{CscrmDataCollection.question_13[:text]}",
- class: "usa-label" %>
-
- Section 3.1.1. Acquisition in the C-SCRM Strategy and Implementation Plan
-
- <%= form.select :prioritization_process,
- CscrmDataCollection.prioritization_process_options,
- { include_blank: true },
- class: "usa-select",
- required: true
- %>
-
- <%= form.label :prioritization_process_comments, "Comments" , class: "usa-label" %>
- <%= form.text_area :prioritization_process_comments, class: "usa-textarea" %>
-
-
-
- <%= "#{CscrmDataCollection.question_14[:number]}. #{CscrmDataCollection.question_14[:text]}" %>
- <%= form.label :considerations_in_procurement_processes,
- "#{CscrmDataCollection.question_14[:number]}. #{CscrmDataCollection.question_14[:text]}",
- class: "usa-label" %>
-
- Section 3.1. C-SCRM in Acquisition
-
-
- <%= form.check_box(:considerations_in_procurement_processes, {
- multiple: true,
- checked: form.object.considerations_in_procurement_processes&.include?(option),
- class: "usa-checkbox__input2 usa-checkbox__input--tile2"
- }, option, nil) %>
-
-
- <%= form.label(option, option, class: "usa-checkbox__label2") %>
-
- <% end %>
-
-
-
- <%= form.label :considerations_in_procurement_processes_comments, "Comments", class: "usa-label" %>
- <%= form.text_area :considerations_in_procurement_processes_comments, class: "usa-textarea" %>
-
-
-
- <%= "#{CscrmDataCollection.question_15[:number]}. #{CscrmDataCollection.question_15[:text]}" %>
- <%= form.label :conducts_scra_for_prioritized_products_and_services, "#{CscrmDataCollection.question_15[:number]}. #{CscrmDataCollection.question_15[:text]}",
- class: "usa-label" %>
-
- SR-6 “Supplier Assessments and Reviews”
-
-
-
- <%= form.check_box(:conducts_scra_for_prioritized_products_and_services, {
- multiple: true,
- checked: form.object.conducts_scra_for_prioritized_products_and_services&.include?(option),
- class: "usa-checkbox__input2 usa-checkbox__input--tile2"
- }, option, nil) %>
-
-
- <%= form.label(option, option, class: "usa-checkbox__label2") %>
-
- <% end %>
-
-
-
- <%= form.label :conducts_scra_for_prioritized_products_and_services_comments, "Comments" , class: "usa-label" %>
- <%= form.text_area :conducts_scra_for_prioritized_products_and_services_comments, class: "usa-textarea" %>
-
-
-
- <%= "#{CscrmDataCollection.question_16[:number]}. #{CscrmDataCollection.question_16[:text]}" %>
- <%= form.label :personnel_required_to_complete_training,
- "#{CscrmDataCollection.question_16[:number]}. #{CscrmDataCollection.question_16[:text]}",
- class: "usa-label" %>
-
- Section 3.3 “Training and Awareness”
-
-
- <%= form.check_box(:personnel_required_to_complete_training, {
- multiple: true,
- checked: form.object.personnel_required_to_complete_training&.include?(option),
- class: "usa-checkbox__input2 usa-checkbox__input--tile2"
- }, option, nil) %>
-
-
- <%= form.label(option, option, class: "usa-checkbox__label2") %>
-
- <% end %>
-
-
-
- <%= form.label :personnel_required_comments, "Comments", class: "usa-label" %>
- <%= form.text_area :personnel_required_comments, class: "usa-textarea" %>
-
-
-
- <%= form.label :established_process_information_sharing_with_fasc,
- "#{CscrmDataCollection.question_17[:number]}. #{CscrmDataCollection.question_17[:text]}",class: "usa-label" %>
-
- Section 1: “Introduction”
-
-
- <%= form.select :established_process_information_sharing_with_fasc,
- CscrmDataCollection.established_process_information_sharing_options,
- { include_blank: true },
- class: "usa-select" %>
-
- <%= form.label :established_process_information_sharing_with_fasc_comments, "Comments" , class: "usa-label" %>
- <%= form.text_area :established_process_information_sharing_with_fasc_comments, class: "usa-textarea" %>
-
-
-
- <%= "#{CscrmDataCollection.question_18[:number]}. #{CscrmDataCollection.question_18[:text]}" %>
- <%= form.label :cybersecurity_supply_chain_risk_considerations,
- "#{CscrmDataCollection.question_18[:number]}. #{CscrmDataCollection.question_18[:text]}",
- class: "usa-label" %>
-
- Contingency Planning Security Control Family
-
-
- <%= form.check_box(:cybersecurity_supply_chain_risk_considerations, {
- multiple: true,
- checked: form.object.cybersecurity_supply_chain_risk_considerations&.include?(option),
- class: "usa-checkbox__input2 usa-checkbox__input--tile2"
- }, option, nil) %>
-
-
- <%= form.label(option, option, class: "usa-checkbox__label2") %>
-
- <% end %>
-
-
-
- <%= form.label :cybersecurity_supply_chain_risk_comments, "Comments" , class: "usa-label" %>
- <%= form.text_area :cybersecurity_supply_chain_risk_comments, class: "usa-textarea" %>
-
-
-
- <%= form.label :general_comments,
- "19. General comments or context" , class: "usa-label" %>
-
- Overall context, challenges, obstacles, and accomplishments, etc. related to C-SCRM reporting
-
- <%= form.text_area :general_comments, class: "usa-textarea" %>
-
- <%= form.submit (cscrm_data_collection.persisted? ? "Update CSCRM Data Collection" : "Create CSCRM Data Collection"), class: "usa-button" %>
-
-<% end %>
-
\ No newline at end of file
diff --git a/app/views/admin/cscrm_data_collections/_status_tag.html.erb b/app/views/admin/cscrm_data_collections/_status_tag.html.erb
deleted file mode 100644
index 2160db9a7..000000000
--- a/app/views/admin/cscrm_data_collections/_status_tag.html.erb
+++ /dev/null
@@ -1,3 +0,0 @@
-
- <%= cscrm_data_collection.aasm_state %>
-
diff --git a/app/views/admin/cscrm_data_collections/edit.html.erb b/app/views/admin/cscrm_data_collections/edit.html.erb
deleted file mode 100644
index df2a33ba2..000000000
--- a/app/views/admin/cscrm_data_collections/edit.html.erb
+++ /dev/null
@@ -1,22 +0,0 @@
-<% content_for :navigation_title do %>
- Editing CSCRM Data Collection
-<% end %>
-
-
- <%= link_to admin_cscrm_data_collection_path(@cscrm_data_collection) do %>
-
-
-
-
- <%= render "form", cscrm_data_collection: @cscrm_data_collection %>
-
- <%- if @cscrm_data_collection.persisted? %>
- <%= button_to "Destroy", admin_cscrm_data_collection_path(@cscrm_data_collection),
- class: "usa-button usa-button--secondary float-right",
- method: :delete %>
- <% end %>
-
-
-
-
-
-
- The Office of Management and Budget (OMB) requires all executive branch agencies to report on the status of their
- implementation of C-SCRM foundational elements and practices by completing and submitting this C-SCRM self-assessment,
- in accordance with statutory requirements noted below.
-
-
-
- Pursuant to the Federal Acquisition Supply Chain Security Act of 2018, Title II of Strengthening and Enhancing
- Cyber-capabilities by Utilizing Risk Exposure (SECURE) Technology Act (P.L.115–390, December 21, 2018) (PUBL390.PS
- (congress.gov) executive branch agencies are responsible for assessing and managing their cybersecurity supply chain
- risks, consistent with NIST standards, guidelines, and practices. In addition, the statute requires agencies to report
- on C-SCRM progress and effectiveness.
-
-
-
- This initial reporting requirement is scoped and structured to limit the reporting burden while ensuring agencies
- provide information OMB needs to gain a baseline understanding of agencies’ current status in establishing a C-SCRM
- program capability. Information submitted will enable OMB to gain actionable insights into agency-specific and
- systemic
- challenges that may be hindering progress and inform the plans, actions, and decisions needed to resolve these
- challenges. Establishing and maturing a C-SCRM capability requires a transition away from a compliance-mindset and
- towards establishing, sustaining, and maturing an effective enterprise-wide C-SCRM capability that is sufficiently
- resourced, risk-based, and outcome-oriented.
-
-
-
- This integrated data collection (IDC) instruction provides the criteria, format, and mechanisms for Federal executive
- agencies to submit their bi-annual information collection submissions. The initial collection in February 2023, will
- serve as a baseline, upon which to expand in subsequent reporting cycles.
-
-
-
- To aid in the completion of their C-SCRM capability self-assessment, agency staff can refer to
- FAQs .
-
-
-
- If there are additional agency questions, please submit to MBX.OMB.FASC@omb.eop.gov .
-
-
-
-
- Direction:
- To determine the self-assessment responses for the measurement of foundational enterprise-wide C-SCRM capabilities,
- agencies shall:
-
-
-
-
-
- Take steps to ensure responses submitted reflect an appropriate level of and span of internally coordinated input;
-
-
- Assess the status of their implementation and application of the foundational practices as described in
- National Institute of Standards and Technology SP 800-161 Rev. 1 Cybersecurity Supply Chain Risk Management for Systems and
- Organizations, May 2022 ;
-
-
- Reference foundational practices and recommendations described in
- GAO-21-171 - Information Technology: Federal Agencies Need to
- Take Urgent Action to Manage Supply Chain Risks ; and
-
-
- Report self-assessment data semi-annually, here, in GSA’s Touchpoints application.
- OMB may change the vehicle for collecting this information, if changes are made,
- announcements will be communicated to the Agency C-SCRM Program Manager.
-
-
-
-
-
-
-
-
- Organization
- Year
- Quarter
- Status
-
-
-
-
- <% @cscrm_data_collections.each do |cscrm_data_collection| %>
-
-
- <%= link_to "View" , admin_cscrm_data_collection_path(cscrm_data_collection) %>
-
-
- <%= cscrm_data_collection.organization.name %>
-
-
- <%= cscrm_data_collection.year %>
-
-
- <%= cscrm_data_collection.quarter %>
-
-
- <%= cscrm_data_collection.aasm_state %>
-
-
- <% end %>
-
-
-
- <%- if cscrm_manager_permissions? %>
-
- <%= link_to "Download .csv", admin_cscrm_data_collections_path(format: :csv), class: "usa-button" %>
-
- <% end %>
-
- <%= link_to admin_cscrm_data_collections_path do %>
-
-
-
-
-
- PART 1: REPORTING REQUIREMENTS
-
-
- Agencies are required to report on select C-SCRM benchmarks. This initial cycle will be used to baseline responses,
- gauge agencies’ C-SCRM implementation progress and to inform budgetary and programmatic requirements to build an
- effective C-SCRM capability. This IDC reflects the first iteration of reporting requirements in a multi-phased,
- multi-year effort to mature C-SCRM across executive branch agencies. Data will be collected semi-annually to monitor and
- assess progress as well as identify barriers and challenges.
-
-
- ASSESSMENT
-
-
- This self-assessment is a living document and will be updated and revised as program capabilities and needs evolve,
- mature, and change. The assessment consists of benchmark factors for each of the six functions. The demonstrative
- statements were adapted from NIST guidance as well as
- GAO-21-171 .
-
-
- <%= render "form", cscrm_data_collection: @cscrm_data_collection %>
-
-
- <%= link_to admin_cscrm_data_collections_path do %>
-
-
-<%- if @cscrm_data_collection.published? %>
-
-
-
- This data collection has been published.
-
-
-
-
-
-
- User:
-
-
-
-
-
- Organization name:
-
-
-
-
-
- Bureau:
-
-
-
-
-
- Year:
-
-
-
-
-
- Quarter:
-
-
-
-
-
-
-
- <%= CscrmDataCollection.send("question_1")[:number] %>.
- <%= CscrmDataCollection.send("question_1")[:text] %>:
-
-
- <% value.each do |v| %>
-
- <%= v %>
-
- <% end %>
-
- <% end %>
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection.send("question_2")[:number] %>.
- <%= CscrmDataCollection.send("question_2")[:text] %>:
-
-
- <% value.each do |v| %>
-
- <%= v %>
-
- <% end %>
-
- <% end %>
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection.send("question_3")[:number] %>.
- <%= CscrmDataCollection.send("question_3")[:text] %>:
-
-
- <% value.each do |v| %>
-
- <%= v %>
-
- <% end %>
-
- <% end %>
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection.send("question_4")[:number] %>.
- <%= CscrmDataCollection.send("question_4")[:text] %>:
-
-
- <% value.each do |v| %>
-
- <%= v %>
-
- <% end %>
-
- <% end %>
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection.send("question_5")[:number] %>.
- <%= CscrmDataCollection.send("question_5")[:text] %>:
-
-
- <% value.each do |v| %>
-
- <%= v %>
-
- <% end %>
-
- <% end %>
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection.send("question_6")[:number] %>.
- <%= CscrmDataCollection.send("question_6")[:text] %>:
-
-
- <% value.each do |v| %>
-
- <%= v %>
-
- <% end %>
-
- <% end %>
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection.send("question_7")[:number] %>.
- <%= CscrmDataCollection.send("question_7")[:text] %>:
-
-
- <% value.each do |v| %>
-
- <%= v %>
-
- <% end %>
-
- <% end %>
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection.send("question_8")[:number] %>.
- <%= CscrmDataCollection.send("question_8")[:text] %>:
-
-
- <% value.each do |v| %>
-
- <%= v %>
-
- <% end %>
-
- <% end %>
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection.send("question_9")[:number] %>.
- <%= CscrmDataCollection.send("question_9")[:text] %>:
-
-
- <% value.each do |v| %>
-
- <%= v %>
-
- <% end %>
-
- <% end %>
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection.send("question_10")[:number] %>.
- <%= CscrmDataCollection.send("question_10")[:text] %>:
-
-
- <% value.each do |v| %>
-
- <%= v %>
-
- <% end %>
-
- <% end %>
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection.send("question_11")[:number] %>.
- <%= CscrmDataCollection.send("question_11")[:text] %>:
-
-
- <% value.each do |v| %>
-
- <%= v %>
-
- <% end %>
-
- <% end %>
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection.send("question_12")[:number] %>.
- <%= CscrmDataCollection.send("question_12")[:text] %>:
-
-
- <% value.each do |v| %>
-
- <%= v %>
-
- <% end %>
-
- <% end %>
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection.send("question_13")[:number] %>.
- <%= CscrmDataCollection.send("question_13")[:text] %>:
-
-
- <% value.each do |v| %>
-
- <%= v %>
-
- <% end %>
-
- <% end %>
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection.send("question_14")[:number] %>.
- <%= CscrmDataCollection.send("question_14")[:text] %>:
-
-
- <% value.each do |v| %>
-
- <%= v %>
-
- <% end %>
-
- <% end %>
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection.send("question_15")[:number] %>.
- <%= CscrmDataCollection.send("question_15")[:text] %>:
-
-
- <% value.each do |v| %>
-
- <%= v %>
-
- <% end %>
-
- <% end %>
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection.send("question_16")[:number] %>.
- <%= CscrmDataCollection.send("question_16")[:text] %>:
-
-
- <% value.each do |v| %>
-
- <%= v %>
-
- <% end %>
-
- <% end %>
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection.send("question_17")[:number] %>.
- <%= CscrmDataCollection.send("question_17")[:text] %>:
-
-
- <% value.each do |v| %>
-
- <%= v %>
-
- <% end %>
-
- <% end %>
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection.send("question_18")[:number] %>.
- <%= CscrmDataCollection.send("question_18")[:text] %>:
-
-
- <% value.each do |v| %>
-
- <%= v %>
-
- <% end %>
-
- <% end %>
-
-
-
-
- Comments
-
-
-
-
-
- 19. General Comments
-
-
-
-
-
- <%= render 'components/step_indicator', collection: @cscrm_data_collection %>
-
-
- <%- if !@cscrm_data_collection.submitted? && !@cscrm_data_collection.published? %>
-
-
-
- Submitting this Data Collection will send an email
- to <%= User.where(cscrm_data_collection_manager: true).collect(&:email).to_sentence %>
- who will
- 1. review the data, then
- 2. confirm the collection with you.
-
-
-
-
- <%= link_to submit_admin_cscrm_data_collection_path(@cscrm_data_collection), class: "usa-button full-width", method: "post", data: { confirm: 'Are you sure?' } do %>
- Submit this Data Collection
- <% end %>
- <% elsif !@cscrm_data_collection.published? && cscrm_manager_permissions? %>
- <%= link_to publish_admin_cscrm_data_collection_path(@cscrm_data_collection), class: "usa-button", method: "post" do %>
- Publish this Data Collection
- <% end %>
- <% elsif @cscrm_data_collection.published? && cscrm_manager_permissions? %>
- <%= link_to reset_admin_cscrm_data_collection_path(@cscrm_data_collection), class: "usa-button usa-button--secondary", method: "post" do %>
- Reset this Data Collection
- <% end %>
- <% end %>
-
-
-
-
-
- Organization:
- <%= cscrm_data_collection.organization.name %>
-
-
-
- Year:
- <%= cscrm_data_collection.year %>
-
-
-
- Quarter:
- <%= cscrm_data_collection.quarter %>
-
-
-
- Leadership roles:
- <%= cscrm_data_collection.leadership_roles %>
-
-
-
- Stakeholder champion identified:
- <%= cscrm_data_collection.stakeholder_champion_identified %>
-
-
-
- Pmo established:
- <%= cscrm_data_collection.pmo_established %>
-
-
-
- Interdisciplinary team established:
- <%= cscrm_data_collection.interdisciplinary_team_established %>
-
-
-
- Enterprise risk management function established:
- <%= cscrm_data_collection.enterprise_risk_management_function_established %>
-
-
-
- Enterprise wide scrm policy established:
- <%= cscrm_data_collection.enterprise_wide_scrm_policy_established %>
-
-
-
- Agency wide scrm strategy and implementation plan established:
- <%= cscrm_data_collection.agency_wide_scrm_strategy_and_implementation_plan_established %>
-
-
-
- Funding for initial operationg capability:
- <%= cscrm_data_collection.funding_for_initial_operating_capability %>
-
-
-
- Staffing:
- <%= cscrm_data_collection.staffing %>
-
-
-
- Roles and responsibilities:
- <%= cscrm_data_collection.roles_and_responsibilities %>
-
-
-
- Missions identified:
- <%= cscrm_data_collection.missions_identified %>
-
-
-
- Prioritization process:
- <%= cscrm_data_collection.prioritization_process %>
-
-
-
- Considerations in procurement processes:
- <%= cscrm_data_collection.considerations_in_procurement_processes %>
-
-
-
- Conducts scra for prioritized products and services:
- <%= cscrm_data_collection.conducts_scra_for_prioritized_products_and_services %>
-
-
-
- Personnel required to complete training:
- <%= cscrm_data_collection.personnel_required_to_complete_training %>
-
-
-
- Established process information sharing with fasc:
- <%= cscrm_data_collection.established_process_information_sharing_with_fasc %>
-
-
-
- Cybersecurity supply chain risk considerations incorporated into plans:
- <%= cscrm_data_collection.cybersecurity_supply_chain_risk_considerations %>
-
-
-
-
<%= pluralize(cscrm_data_collection.errors.count, "error") %> prohibited this cscrm_data_collection from being saved:
-
-
- <% cscrm_data_collection.errors.each do |error| %>
- <%= error.full_message %>
- <% end %>
-
-
- <%= form.label :user_id, "User" %>
-
-
- <%= form.label :organization_id,
- "Organization" %>
- <%= form.select :organization_id, options_for_select(organization_dropdown_options, cscrm_data_collection.organization_id), { prompt: "Which Organization?" }, { class: "usa-select", required: true } %>
-
-
- <%= form.label :bureau_id,
- "Bureau" %>
- <%#= form.select :bureau_id,
- options_for_select(organization_dropdown_options, cscrm_data_collection.bureau_id),
- { prompt: "Which Bureau?" },
- { class: "usa-select" } %>
- <%= form.text_field :bureau, class: "usa-input" %>
-
-
-
- <%= form.label :year, class: "usa-label" %>
- <%= form.text_field :year, class: "usa-input", required: true %>
-
-
-
- <%= form.label :quarter, class: "usa-label" %>
- <%= form.number_field :quarter, class: "usa-input", required: true, min: 1, max: 4 %>
-
-
-
- <%= form.label :interdisciplinary_team,
- "#{CscrmDataCollection2.question_1[:number]}. #{CscrmDataCollection2.question_1[:text]}",
- class: "usa-label" %>
- <%= form.select :interdisciplinary_team,
- CscrmDataCollection2.question_1[:options],
- { include_blank: true },
- class: "usa-select" %>
-
-
-
- <%= form.label :interdisciplinary_team_comments,
- "Comments",
- class: "usa-label" %>
- <%= form.text_area :interdisciplinary_team_comments,
- class: "usa-textarea" %>
-
-
-
- <%= form.label :pmo_established,
- "#{CscrmDataCollection2.question_2[:number]}. #{CscrmDataCollection2.question_2[:text]}",
- class: "usa-label" %>
- <%= form.select :pmo_established,
- CscrmDataCollection2.question_2[:options],
- { include_blank: true },
- class: "usa-select" %>
-
-
-
- <%= form.label :pmo_established_comments, "Comments", class: "usa-label" %>
- <%= form.text_area :pmo_established_comments, class: "usa-textarea" %>
-
-
-
- <%= form.label :established_policy,
- "#{CscrmDataCollection2.question_3[:number]}. #{CscrmDataCollection2.question_3[:text]}",
- class: "usa-label" %>
- <%= form.select :established_policy,
- CscrmDataCollection2.question_3[:options],
- { include_blank: true },
- class: "usa-select" %>
-
-
-
- <%= form.label :established_policy_comments,
- "Comments",
- class: "usa-label" %>
- <%= form.text_area :established_policy_comments,
- class: "usa-textarea" %>
-
-
-
- <%= form.label :supply_chain_acquisition_procedures,
- "#{CscrmDataCollection2.question_4[:number]}. #{CscrmDataCollection2.question_4[:text]}",
- class: "usa-label" %>
- <%= form.select :supply_chain_acquisition_procedures,
- CscrmDataCollection2.question_4[:options],
- { include_blank: true },
- class: "usa-select",
- required: true
- %>
-
-
-
- <%= form.label :supply_chain_acquisition_procedures_comments,
- "Comments",
- class: "usa-label" %>
- <%= form.text_area :supply_chain_acquisition_procedures_comments,
- class: "usa-textarea" %>
-
-
-
- <%= form.label :funding,
- "#{CscrmDataCollection2.question_5[:number]}. #{CscrmDataCollection2.question_5[:text]}",
- class: "usa-label" %>
- <%= form.select :funding,
- CscrmDataCollection2.question_5[:options],
- { include_blank: true },
- class: "usa-select",
- required: true
- %>
-
-
-
- <%= form.label :funding_comments,
- "Comments",
- class: "usa-label" %>
- <%= form.text_area :funding_comments,
- class: "usa-textarea" %>
-
-
-
- <%= form.label :identified_staff,
- "#{CscrmDataCollection2.question_6[:number]}. #{CscrmDataCollection2.question_6[:text]}",
- class: "usa-label" %>
- <%= form.select :identified_staff,
- CscrmDataCollection2.question_6[:options],
- { include_blank: true },
- class: "usa-select",
- required: true
- %>
-
-
-
- <%= form.label :identified_staff_comments,
- "Comments",
- class: "usa-label" %>
- <%= form.text_area :identified_staff_comments,
- class: "usa-textarea" %>
-
-
-
- <%= form.label :strategy_plan,
- "#{CscrmDataCollection2.question_7[:number]}. #{CscrmDataCollection2.question_7[:text]}",
- class: "usa-label" %>
- <%= form.select :strategy_plan,
- CscrmDataCollection2.question_7[:options],
- { include_blank: true },
- class: "usa-select",
- required: true
- %>
-
-
-
- <%= form.label :strategy_plan_comments,
- "Comments",
- class: "usa-label" %>
- <%= form.text_area :strategy_plan_comments,
- class: "usa-textarea" %>
-
-
-
- <%= form.label :governance_structure,
- "#{CscrmDataCollection2.question_8[:number]}. #{CscrmDataCollection2.question_8[:text]}",
- class: "usa-label" %>
- <%= form.select :governance_structure,
- CscrmDataCollection2.question_8[:options],
- { include_blank: true },
- class: "usa-select",
- required: true
- %>
-
-
-
- <%= form.label :governance_structure_comments,
- "Comments",
- class: "usa-label" %>
- <%= form.text_area :governance_structure_comments,
- class: "usa-textarea" %>
-
-
-
- <%= form.label :clearly_defined_roles,
- "#{CscrmDataCollection2.question_9[:number]}. #{CscrmDataCollection2.question_9[:text]}",
- class: "usa-label" %>
-
- <% CscrmDataCollection2.question_9[:options].each_with_index do |option, i| %>
-
- <%= form.check_box(:clearly_defined_roles, {
- multiple: true,
- checked: form.object.clearly_defined_roles&.include?(option[0]),
- class: "usa-checkbox__input2 usa-checkbox__input--tile2"
- }, option[0], nil) %>
-
-
- <%= form.label(option[0], class: "usa-checkbox__label2") %>
-
- <% end %>
-
- <%= form.label :clearly_defined_roles_comments, "Comments" , class: "usa-label" %>
- <%= form.text_area :clearly_defined_roles_comments, class: "usa-textarea" %>
-
-
-
- <%= form.label :identified_assets_and_essential_functions,
- "#{CscrmDataCollection2.question_10[:number]}. #{CscrmDataCollection2.question_10[:text]}",
- class: "usa-label" %>
-
- <% CscrmDataCollection2.question_10[:options].each_with_index do |option, i| %>
-
- <%= form.check_box(:identified_assets_and_essential_functions, {
- multiple: true,
- checked: form.object.identified_assets_and_essential_functions&.include?(option[0]),
- class: "usa-checkbox__input2 usa-checkbox__input--tile2"
- }, option[0], nil) %>
-
-
- <%= form.label(option[0], class: "usa-checkbox__label2") %>
-
- <% end %>
-
- <%= form.label :identified_assets_and_essential_functions_comments, "Comments" , class: "usa-label" %>
- <%= form.text_area :identified_assets_and_essential_functions_comments, class: "usa-textarea" %>
-
-
-
- <%= form.label :prioritization_process,
- "#{CscrmDataCollection2.question_11[:number]}. #{CscrmDataCollection2.question_11[:text]}",
- class: "usa-label" %>
- <%= form.select :prioritization_process,
- CscrmDataCollection2.question_11[:options],
- { include_blank: true },
- class: "usa-select",
- required: true
- %>
-
-
-
- <%= form.label :prioritization_process_comments, "Comments" , class: "usa-label" %>
- <%= form.text_area :prioritization_process_comments, class: "usa-textarea" %>
-
-
-
- <%= "#{CscrmDataCollection2.question_12[:number]}. #{CscrmDataCollection2.question_12[:text]}" %>
- <%= form.label :considerations_in_procurement_processes,
- "#{CscrmDataCollection2.question_12[:number]}. #{CscrmDataCollection2.question_12[:text]}",
- class: "usa-label" %>
-
- <%= form.check_box(:considerations_in_procurement_processes, {
- multiple: true,
- checked: form.object.considerations_in_procurement_processes&.include?(option[0]),
- class: "usa-checkbox__input2 usa-checkbox__input--tile2"
- }, option[0], nil) %>
-
-
- <%= form.label(option[0], class: "usa-checkbox__label2") %>
-
- <% end %>
-
-
-
- <%= form.label :considerations_in_procurement_processes_comments, "Comments" , class: "usa-label" %>
- <%= form.text_area :considerations_in_procurement_processes_comments, class: "usa-textarea" %>
-
-
-
- <%= form.label :documented_methodology,
- "#{CscrmDataCollection2.question_13[:number]}. #{CscrmDataCollection2.question_13[:text]}",
- class: "usa-label" %>
- <%= form.select :documented_methodology,
- CscrmDataCollection2.question_13[:options],
- { include_blank: true },
- class: "usa-select",
- required: true
- %>
-
-
-
- <%= form.label :documented_methodology_comments, "Comments" , class: "usa-label" %>
- <%= form.text_area :documented_methodology_comments, class: "usa-textarea" %>
-
-
-
-
- <%= "#{CscrmDataCollection2.question_14[:number]}. #{CscrmDataCollection2.question_14[:text]}" %>
- <%= form.label :conducts_scra_for_prioritized_products_and_services,
- "#{CscrmDataCollection2.question_14[:number]}. #{CscrmDataCollection2.question_14[:text]}",
- class: "usa-label" %>
-
- <%= form.check_box(:conducts_scra_for_prioritized_products_and_services, {
- multiple: true,
- checked: form.object.conducts_scra_for_prioritized_products_and_services&.include?(option[0]),
- class: "usa-checkbox__input2 usa-checkbox__input--tile2"
- }, option[0], nil) %>
-
-
- <%= form.label(option[0], class: "usa-checkbox__label2") %>
-
- <% end %>
-
-
-
- <%= form.label :conducts_scra_for_prioritized_products_and_services_comments, "Comments", class: "usa-label" %>
- <%= form.text_area :conducts_scra_for_prioritized_products_and_services_comments, class: "usa-textarea" %>
-
-
-
- <%= form.label :personnel_required_to_complete_training,
- "#{CscrmDataCollection2.question_15[:number]}. #{CscrmDataCollection2.question_15[:text]}",
- class: "usa-label" %>
- <%= form.select :personnel_required_to_complete_training,
- CscrmDataCollection2.question_15[:options],
- { include_blank: true },
- class: "usa-select" %>
-
-
-
- <%= form.label :personnel_required_to_complete_training_comments, "Comments", class: "usa-label" %>
- <%= form.text_area :personnel_required_to_complete_training_comments, class: "usa-textarea" %>
-
-
-
- <%= form.label :established_process_information_sharing_with_fasc,
- "#{CscrmDataCollection2.question_16[:number]}. #{CscrmDataCollection2.question_16[:text]}",
- class: "usa-label" %>
- <%= form.select :established_process_information_sharing_with_fasc,
- CscrmDataCollection2.question_16[:options],
- { include_blank: true },
- class: "usa-select" %>
-
-
-
- <%= form.label :established_process_information_sharing_with_fasc_comments, "Comments" , class: "usa-label" %>
- <%= form.text_area :established_process_information_sharing_with_fasc_comments, class: "usa-textarea" %>
-
-
-
- <%= "#{CscrmDataCollection2.question_17[:number]}. #{CscrmDataCollection2.question_17[:text]}" %>
- <%= form.label :cybersecurity_supply_chain_risk_considerations,
- "#{CscrmDataCollection2.question_17[:number]}. #{CscrmDataCollection2.question_17[:text]}",
- class: "usa-label" %>
-
- <%= form.check_box(:cybersecurity_supply_chain_risk_considerations, {
- multiple: true,
- checked: form.object.cybersecurity_supply_chain_risk_considerations&.include?(option[0]),
- class: "usa-checkbox__input2 usa-checkbox__input--tile2"
- }, option[0], nil) %>
-
-
- <%= form.label(option[0], class: "usa-checkbox__label2") %>
-
- <% end %>
-
-
-
- <%= form.label :cybersecurity_supply_chain_risk_considerations_comments, "Comments", class: "usa-label" %>
- <%= form.text_area :cybersecurity_supply_chain_risk_considerations_comments, class: "usa-textarea" %>
-
-
-
- <%= form.label :process_for_product_authenticity,
- "#{CscrmDataCollection2.question_18[:number]}. #{CscrmDataCollection2.question_18[:text]}", class: "usa-label" %>
- <%= form.select :process_for_product_authenticity,
- CscrmDataCollection2.question_18[:options],
- { include_blank: true },
- class: "usa-select" %>
-
-
-
- <%= form.label :process_for_product_authenticity_comments, "Comments" , class: "usa-label" %>
- <%= form.text_area :process_for_product_authenticity_comments, class: "usa-textarea" %>
-
-
-
-
- <%= form.label :cscrm_controls_incorporated_into_ssp,
- "#{CscrmDataCollection2.question_19[:number]}. #{CscrmDataCollection2.question_19[:text]}", class: "usa-label" %>
- <%= form.select :cscrm_controls_incorporated_into_ssp,
- CscrmDataCollection2.question_19[:options],
- { include_blank: true },
- class: "usa-select" %>
-
-
-
- <%= form.label :cscrm_controls_incorporated_into_ssp_comments, "Comments" , class: "usa-label" %>
- <%= form.text_area :cscrm_controls_incorporated_into_ssp_comments, class: "usa-textarea" %>
-
-
-
- <%= form.label :comments,
- "20. General comments or context" , class: "usa-label" %>
-
- Overall context, challenges, obstacles, and accomplishments, etc. related to C-SCRM reporting
-
- <%= form.text_area :comments, class: "usa-textarea" %>
-
- <%= form.submit (cscrm_data_collection.persisted? ? "Update CSCRM Data Collection" : "Create CSCRM Data Collection"), class: "usa-button" %>
-
-<% end %>
-
\ No newline at end of file
diff --git a/app/views/admin/cscrm_data_collections2/_status_tag.html.erb b/app/views/admin/cscrm_data_collections2/_status_tag.html.erb
deleted file mode 100644
index 2160db9a7..000000000
--- a/app/views/admin/cscrm_data_collections2/_status_tag.html.erb
+++ /dev/null
@@ -1,3 +0,0 @@
-
- <%= cscrm_data_collection.aasm_state %>
-
diff --git a/app/views/admin/cscrm_data_collections2/edit.html.erb b/app/views/admin/cscrm_data_collections2/edit.html.erb
deleted file mode 100644
index e9aa13f66..000000000
--- a/app/views/admin/cscrm_data_collections2/edit.html.erb
+++ /dev/null
@@ -1,27 +0,0 @@
-<% content_for :navigation_title do %>
- Editing CSCRM Data Collection 2
-<% end %>
-
-
- <%= link_to admin_cscrm_data_collections2_path(@cscrm_data_collection) do %>
-
-
-
-
- <%= render "form", cscrm_data_collection: @cscrm_data_collection %>
-
- <%- if @cscrm_data_collection.persisted? %>
- <%= button_to admin_cscrm_data_collections2_path(@cscrm_data_collection),
- class: "usa-button usa-button--secondary float-right",
- method: :delete do %>
-
- Delete this collection
-
- <% end %>
- <% end %>
-
-
-
-
-
- This is the 2nd iteration of the C-SCRM Data Collection, for August 2023.
-
-
-
- The Office of Management and Budget (OMB) requires all executive branch agencies to report on the status of their
- implementation of C-SCRM foundational elements and practices by completing and submitting this C-SCRM self-assessment,
- in accordance with statutory requirements noted below.
-
-
-
- Pursuant to the Federal Acquisition Supply Chain Security Act of 2018, Title II of Strengthening and Enhancing
- Cyber-capabilities by Utilizing Risk Exposure (SECURE) Technology Act (P.L.115–390, December 21, 2018) (PUBL390.PS
- (congress.gov) executive branch agencies are responsible for assessing and managing their cybersecurity supply chain
- risks, consistent with NIST standards, guidelines, and practices. In addition, the statute requires agencies to report
- on C-SCRM progress and effectiveness.
-
-
-
- This initial reporting requirement is scoped and structured to limit the reporting burden while ensuring agencies
- provide information OMB needs to gain a baseline understanding of agencies’ current status in establishing a C-SCRM
- program capability. Information submitted will enable OMB to gain actionable insights into agency-specific and
- systemic
- challenges that may be hindering progress and inform the plans, actions, and decisions needed to resolve these
- challenges. Establishing and maturing a C-SCRM capability requires a transition away from a compliance-mindset and
- towards establishing, sustaining, and maturing an effective enterprise-wide C-SCRM capability that is sufficiently
- resourced, risk-based, and outcome-oriented.
-
-
-
- This integrated data collection (IDC) instruction provides the criteria, format, and mechanisms for Federal executive
- agencies to submit their bi-annual information collection submissions. The initial collection in February 2023, will
- serve as a baseline, upon which to expand in subsequent reporting cycles.
-
-
-
- To aid in the completion of their C-SCRM capability self-assessment, agency staff can refer to
- FAQs .
-
-
-
- If there are additional agency questions, please submit to MBX.OMB.FASC@omb.eop.gov .
-
-
-
-
- Direction:
- To determine the self-assessment responses for the measurement of foundational enterprise-wide C-SCRM capabilities,
- agencies shall:
-
-
-
-
-
- Take steps to ensure responses submitted reflect an appropriate level of, and span of, internally coordinated input;
-
-
- Assess the status of their implementation and application of the foundational practices as described in
- National Institute of Standards and Technology SP 800-161 Rev. 1 Cybersecurity Supply Chain Risk Management for Systems and
- Organizations, May 2022 ;
-
-
- Reference foundational practices and recommendations described in
- GAO-21-171 - Information Technology: Federal Agencies Need to
- Take Urgent Action to Manage Supply Chain Risks ; and
-
-
- Report self-assessment data semi-annually, here, in GSA’s Touchpoints application.
- OMB may change the vehicle for collecting this information, if changes are made,
- announcements will be communicated to the Agency C-SCRM Program Manager.
-
-
-
-
-
-
-
-
- Organization
- Year
- Quarter
- Status
-
-
-
-
- <% @cscrm_data_collections.each do |cscrm_data_collection| %>
-
-
- <%= link_to "View" , admin_cscrm_data_collections2_path(cscrm_data_collection) %>
-
-
- <%= render "admin/organizations/badge", organization: cscrm_data_collection.organization %>
-
-
- <%= cscrm_data_collection.year %>
-
-
- <%= cscrm_data_collection.quarter %>
-
-
- <%= cscrm_data_collection.aasm_state %>
-
-
- <% end %>
-
-
-
- <%- if cscrm_manager_permissions? %>
-
- <%= link_to "Download .csv", admin_cscrm_data_collections2_index_path(format: :csv), class: "usa-button" %>
-
- <% end %>
-
- <%= link_to admin_cscrm_data_collections2_index_path do %>
-
-
-
-
-
- PART 1: REPORTING REQUIREMENTS
-
-
- Agencies are required to report on select C-SCRM benchmarks. This initial cycle will be used to baseline responses,
- gauge agencies’ C-SCRM implementation progress and to inform budgetary and programmatic requirements to build an
- effective C-SCRM capability. This IDC reflects the first iteration of reporting requirements in a multi-phased,
- multi-year effort to mature C-SCRM across executive branch agencies. Data will be collected semi-annually to monitor and
- assess progress as well as identify barriers and challenges.
-
-
- ASSESSMENT
-
-
- This self-assessment is a living document and will be updated and revised as program capabilities and needs evolve,
- mature, and change. The assessment consists of benchmark factors for each of the six functions. The demonstrative
- statements were adapted from NIST guidance as well as
- GAO-21-171 .
-
-
- <%= render "form", cscrm_data_collection: @cscrm_data_collection %>
-
-
- <%= link_to admin_cscrm_data_collections2_index_path do %>
-
-
-<%- if @cscrm_data_collection.published? %>
-
-
-
- This data collection has been published.
-
-
-
-
-
-
- User:
-
-
-
-
-
- Organization name:
-
-
-
-
-
- Bureau ID:
-
-
-
-
-
- Year:
-
-
-
-
-
- Quarter:
-
-
-
-
-
-
-
- <%= CscrmDataCollection2.send("question_1")[:number] %>.
- <%= CscrmDataCollection2.send("question_1")[:text] %>:
-
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection2.send("question_2")[:number] %>.
- <%= CscrmDataCollection2.send("question_2")[:text] %>:
-
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection2.send("question_3")[:number] %>.
- <%= CscrmDataCollection2.send("question_3")[:text] %>:
-
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection2.send("question_4")[:number] %>.
- <%= CscrmDataCollection2.send("question_4")[:text] %>:
-
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection2.send("question_5")[:number] %>.
- <%= CscrmDataCollection2.send("question_5")[:text] %>:
-
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection2.send("question_6")[:number] %>.
- <%= CscrmDataCollection2.send("question_6")[:text] %>:
-
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection2.send("question_7")[:number] %>.
- <%= CscrmDataCollection2.send("question_7")[:text] %>:
-
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection2.send("question_8")[:number] %>.
- <%= CscrmDataCollection2.send("question_8")[:text] %>:
-
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection2.send("question_9")[:number] %>.
- <%= CscrmDataCollection2.send("question_9")[:text] %>:
-
-
- <% value.each do |v| %>
-
- <%= v %>
-
- <% end %>
-
- <% end %>
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection2.send("question_10")[:number] %>.
- <%= CscrmDataCollection2.send("question_10")[:text] %>:
-
-
- <% value.each do |v| %>
-
- <%= v %>
-
- <% end %>
-
- <% end %>
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection2.send("question_11")[:number] %>.
- <%= CscrmDataCollection2.send("question_11")[:text] %>:
-
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection2.send("question_12")[:number] %>.
- <%= CscrmDataCollection2.send("question_12")[:text] %>:
-
-
- <% value.each do |v| %>
-
- <%= v %>
-
- <% end %>
-
- <% end %>
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection2.send("question_13")[:number] %>.
- <%= CscrmDataCollection2.send("question_13")[:text] %>:
-
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection2.send("question_14")[:number] %>.
- <%= CscrmDataCollection2.send("question_14")[:text] %>:
-
-
- <% value.each do |v| %>
-
- <%= v %>
-
- <% end %>
-
- <% end %>
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection2.send("question_15")[:number] %>.
- <%= CscrmDataCollection2.send("question_15")[:text] %>:
-
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection2.send("question_16")[:number] %>.
- <%= CscrmDataCollection2.send("question_16")[:text] %>:
-
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection2.send("question_17")[:number] %>.
- <%= CscrmDataCollection2.send("question_17")[:text] %>:
-
-
- <% value.each do |v| %>
-
- <%= v %>
-
- <% end %>
-
- <% end %>
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection2.send("question_18")[:number] %>.
- <%= CscrmDataCollection2.send("question_18")[:text] %>:
-
-
-
-
-
- Comments
-
-
-
-
-
- <%= CscrmDataCollection2.send("question_19")[:number] %>.
- <%= CscrmDataCollection2.send("question_19")[:text] %>:
-
-
-
-
-
- Comments
-
-
-
-
-
- 20. Comments
-
-
-
-
-
- <%= render 'components/step_indicator', collection: @cscrm_data_collection %>
-
-
- <%- if !@cscrm_data_collection.submitted? && !@cscrm_data_collection.published? %>
-
-
-
- Submitting this Data Collection will send an email
- to <%= User.where(cscrm_data_collection_manager: true).collect(&:email).to_sentence %>
- who will
- 1. review the data, then
- 2. confirm the collection with you.
-
-
-
-
- <%= link_to submit_admin_cscrm_data_collections2_path(@cscrm_data_collection), class: "usa-button full-width", method: "post", data: { confirm: 'Are you sure?' } do %>
- Submit this Data Collection
- <% end %>
- <% elsif !@cscrm_data_collection.published? && cscrm_manager_permissions? %>
- <%= link_to publish_admin_cscrm_data_collections2_path(@cscrm_data_collection), class: "usa-button", method: "post" do %>
- Publish this Data Collection
- <% end %>
- <% elsif @cscrm_data_collection.published? && cscrm_manager_permissions? %>
- <%= link_to reset_admin_cscrm_data_collections2_path(@cscrm_data_collection), class: "usa-button usa-button--secondary", method: "post" do %>
- Reset this Data Collection
- <% end %>
- <% end %>
-
-
-
-
- Touchpoints currently supports 3 Data Collections.
+ Touchpoints currently supports 2 Data Collections.
Quarterly CX Data Collections
-
- Bi-annual Cyber-security supply chain
-
Annual GSA Website Inventory
@@ -69,13 +66,13 @@
<%- if performance_manager_permissions? %>
- <%= link_to admin_cscrm_data_collections_path, class: "usa-button usa-button--outline width-full" do %>
+ <%= button_to admin_root_path, class: "usa-button usa-button--outline width-full", disabled: true do %>
Cybersecurity Supply-chain (C-SCRM) - February 2023
<% end %>
<% end %>
- <%= link_to admin_cscrm_data_collections2_index_path, class: "usa-button usa-button--outline width-full" do %>
+ <%= button_to admin_root_path, class: "usa-button usa-button--outline width-full", disabled: true do %>
Cybersecurity Supply-chain (C-SCRM) - August 2023
<% end %>
diff --git a/app/views/admin/users/_form.html.erb b/app/views/admin/users/_form.html.erb
index e0b743e81..3752b0c59 100644
--- a/app/views/admin/users/_form.html.erb
+++ b/app/views/admin/users/_form.html.erb
@@ -153,29 +153,6 @@
-
-
-
-
- CSCRM Data Collections
-
- <%= form.check_box :cscrm_data_collection_manager, class: "usa-checkbox__input" %>
- <%= form.label :cscrm_data_collection_manager, class: "usa-checkbox__label" do %>
-
- CSCRM Data Collection Manager
-
- <% end %>
-
-
-
-
-
- Manages
- <%= link_to "/admin/cscrm_data_collections", admin_cscrm_data_collections_path %>
-
-
-
-
diff --git a/app/views/admin/users/show.html.erb b/app/views/admin/users/show.html.erb
index 8b888719f..8edd6ca66 100644
--- a/app/views/admin/users/show.html.erb
+++ b/app/views/admin/users/show.html.erb
@@ -46,11 +46,6 @@
Performance manager
<% end %>
- <%- if @user.cscrm_data_collection_manager? %>
-
- CSCRM Data Collection manager
-
- <% end %>
<%- if @user.service_manager? %>
Service manager
diff --git a/app/views/components/_weekly_metrics.html.erb b/app/views/components/_weekly_metrics.html.erb
index 8220fce38..e3eed7365 100644
--- a/app/views/components/_weekly_metrics.html.erb
+++ b/app/views/components/_weekly_metrics.html.erb
@@ -97,7 +97,10 @@
CX Data Collections
- Service details
+ CX Collection Details
+
+
+ Cx Responses
@@ -109,6 +112,10 @@
<%= number_with_delimiter(CxCollectionDetail.count) %>
+
+ <%= number_with_delimiter(CxResponse.count) %>
+
+
diff --git a/app/views/user_mailer/cscrm_data_collection2_notification.html.erb b/app/views/user_mailer/cscrm_data_collection2_notification.html.erb
deleted file mode 100644
index a4d249d9d..000000000
--- a/app/views/user_mailer/cscrm_data_collection2_notification.html.erb
+++ /dev/null
@@ -1,15 +0,0 @@
-<%= render 'user_mailer/components/header' %>
-
- CSCRM Data Collection Notification
-
-
- Updates to the CSCRM Data Collection,
- <%= @cscrm_data_collection.id %>
- have occurred.
-
-
- Visit
-
- <%= admin_cscrm_data_collections2_url(@cscrm_data_collection) %>
- to view.
-
diff --git a/app/views/user_mailer/cscrm_data_collection2_notification.text.erb b/app/views/user_mailer/cscrm_data_collection2_notification.text.erb
deleted file mode 100644
index 1ae63fb9f..000000000
--- a/app/views/user_mailer/cscrm_data_collection2_notification.text.erb
+++ /dev/null
@@ -1,5 +0,0 @@
-Touchpoints.gov CSCRM Data Collection 2 Notification
-
-Updates to the CSCRM Data Collection 2, <%= @cscrm_data_collection.id %> have occurred.
-
-Visit <%= admin_cscrm_data_collections2_index_url(@cscrm_data_collection) %> to view.
diff --git a/app/views/user_mailer/cscrm_data_collection_notification.html.erb b/app/views/user_mailer/cscrm_data_collection_notification.html.erb
deleted file mode 100644
index ad759a902..000000000
--- a/app/views/user_mailer/cscrm_data_collection_notification.html.erb
+++ /dev/null
@@ -1,15 +0,0 @@
-<%= render 'user_mailer/components/header' %>
-
- CSCRM Data Collection Notification
-
-
- Updates to the CSCRM Data Collection,
- <%= @cscrm_data_collection.id %>
- have occurred.
-
-
- Visit
-
- <%= admin_cscrm_data_collection_url(@cscrm_data_collection) %>
- to view.
-
diff --git a/app/views/user_mailer/cscrm_data_collection_notification.text.erb b/app/views/user_mailer/cscrm_data_collection_notification.text.erb
deleted file mode 100644
index 41283ce21..000000000
--- a/app/views/user_mailer/cscrm_data_collection_notification.text.erb
+++ /dev/null
@@ -1,5 +0,0 @@
-Touchpoints.gov CSCRM Data Collection Notification
-
-Updates to the CSCRM Data Collection, <%= @cscrm_data_collection.id %> have occurred.
-
-Visit <%= admin_cscrm_data_collection_url(@cscrm_data_collection) %> to view.
diff --git a/db/migrate/20241112222412_deprecate_cscrm.rb b/db/migrate/20241112222412_deprecate_cscrm.rb
new file mode 100644
index 000000000..2db013bc8
--- /dev/null
+++ b/db/migrate/20241112222412_deprecate_cscrm.rb
@@ -0,0 +1,7 @@
+class DeprecateCscrm < ActiveRecord::Migration[7.2]
+ def change
+ drop_table :cscrm_data_collections
+ drop_table :cscrm_data_collections2
+ remove_column :users, :cscrm_data_collection_manager
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 7835d46bc..5d3f31495 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
#
# It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema[7.2].define(version: 2024_10_30_172438) do
+ActiveRecord::Schema[7.2].define(version: 2024_11_12_222412) do
# These are extensions that must be enabled in order to support this database
enable_extension "plpgsql"
@@ -69,115 +69,6 @@
t.index ["user_id"], name: "index_collections_on_user_id"
end
- create_table "cscrm_data_collections", comment: "Data Collection for C-SCRM in Q2 of FY 2023", force: :cascade do |t|
- t.string "leadership_roles"
- t.string "stakeholder_champion_identified"
- t.string "pmo_established"
- t.string "interdisciplinary_team_established"
- t.string "enterprise_risk_management_function_established"
- t.string "enterprise_wide_scrm_policy_established"
- t.string "agency_wide_scrm_strategy_and_implementation_plan_established"
- t.string "funding_for_initial_operating_capability"
- t.string "staffing"
- t.string "roles_and_responsibilities"
- t.text "missions_identified"
- t.text "prioritization_process"
- t.string "considerations_in_procurement_processes"
- t.string "conducts_scra_for_prioritized_products_and_services"
- t.string "personnel_required_to_complete_training"
- t.string "established_process_information_sharing_with_fasc"
- t.string "cybersecurity_supply_chain_risk_considerations"
- t.integer "organization_id"
- t.string "year"
- t.string "quarter"
- t.integer "user_id"
- t.string "integrity_hash"
- t.string "aasm_state"
- t.text "reflection"
- t.string "rating"
- t.datetime "created_at", null: false
- t.datetime "updated_at", null: false
- t.integer "bureau_id"
- t.string "agency_roles"
- t.text "agency_roles_comments"
- t.text "stakeholder_champion_identified_comments"
- t.text "interdisciplinary_team_established_comments"
- t.text "pmo_established_comments"
- t.text "agency_wide_scrm_strategy_and_implementation_plan_comments"
- t.text "enterprise_risk_management_function_established_comments"
- t.text "roles_and_responsibilities_comments"
- t.text "enterprise_wide_scrm_policy_established_comments"
- t.text "funding_for_initial_operating_capability_comments"
- t.text "staffing_comments"
- t.text "missions_identified_comments"
- t.text "prioritization_process_comments"
- t.text "considerations_in_procurement_processes_comments"
- t.text "conducts_scra_for_prioritized_products_and_services_comments"
- t.text "established_process_information_sharing_with_fasc_comments"
- t.text "general_comments"
- t.string "bureau"
- t.text "leadership_roles_comments"
- t.text "personnel_required_comments"
- t.text "cybersecurity_supply_chain_risk_comments"
- t.index ["organization_id"], name: "index_cscrm_data_collections_on_organization_id"
- t.index ["user_id"], name: "index_cscrm_data_collections_on_user_id"
- end
-
- create_table "cscrm_data_collections2", comment: "Data Collection for C-SCRM in Q4 of FY 2023", force: :cascade do |t|
- t.string "interdisciplinary_team"
- t.text "interdisciplinary_team_comments"
- t.string "pmo_established"
- t.text "pmo_established_comments"
- t.string "established_policy"
- t.text "established_policy_comments"
- t.string "supply_chain_acquisition_procedures"
- t.text "supply_chain_acquisition_procedures_comments"
- t.string "funding"
- t.text "funding_comments"
- t.string "identified_staff"
- t.text "identified_staff_comments"
- t.string "strategy_plan"
- t.text "strategy_plan_comments"
- t.string "governance_structure"
- t.text "governance_structure_comments"
- t.string "clearly_defined_roles"
- t.text "clearly_defined_roles_comments"
- t.string "identified_assets_and_essential_functions"
- t.text "identified_assets_and_essential_functions_comments"
- t.string "prioritization_process"
- t.text "prioritization_process_comments"
- t.string "considerations_in_procurement_processes"
- t.text "considerations_in_procurement_processes_comments"
- t.string "documented_methodology"
- t.text "documented_methodology_comments"
- t.string "conducts_scra_for_prioritized_products_and_services"
- t.text "conducts_scra_for_prioritized_products_and_services_comments"
- t.string "personnel_required_to_complete_training"
- t.text "personnel_required_to_complete_training_comments"
- t.string "established_process_information_sharing_with_fasc"
- t.text "established_process_information_sharing_with_fasc_comments"
- t.string "cybersecurity_supply_chain_risk_considerations"
- t.text "cybersecurity_supply_chain_risk_considerations_comments"
- t.string "process_for_product_authenticity"
- t.text "process_for_product_authenticity_comments"
- t.string "cscrm_controls_incorporated_into_ssp"
- t.text "cscrm_controls_incorporated_into_ssp_comments"
- t.text "comments"
- t.integer "organization_id"
- t.integer "bureau_id"
- t.string "year"
- t.string "quarter"
- t.integer "user_id"
- t.string "integrity_hash"
- t.string "aasm_state"
- t.text "reflection"
- t.string "rating"
- t.datetime "created_at", null: false
- t.datetime "updated_at", null: false
- t.index ["organization_id"], name: "index_cscrm_data_collections2_on_organization_id"
- t.index ["user_id"], name: "index_cscrm_data_collections2_on_user_id"
- end
-
create_table "cx_action_plans", force: :cascade do |t|
t.integer "service_provider_id"
t.integer "year"
@@ -833,7 +724,6 @@
t.string "last_name"
t.string "position_title"
t.string "profile_photo"
- t.boolean "cscrm_data_collection_manager", default: false
t.boolean "organizational_admin", default: false
t.boolean "organizational_form_approver", default: false
t.index ["confirmation_token"], name: "index_users_on_confirmation_token", unique: true
diff --git a/db/seeds.rb b/db/seeds.rb
index 7f6ee13a3..43b2759fd 100644
--- a/db/seeds.rb
+++ b/db/seeds.rb
@@ -757,107 +757,6 @@ def production_suitable_seeds
})
end
-puts 'Creating CSCRM Data Collections...'
-def random_words
- list = %w(Lorem ipsum dolor sit amet consectetur adipiscing elit sed do eiusmod tempor incididunt ut labore et dolore magna aliqua Ut enim ad minim veniam quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur Excepteur sint occaecat cupidatat non proident sunt in culpa qui officia deserunt mollit anim id est laborum)
-
- list.sample(15).join(" ")
-end
-
-for i in (1..40) do
- org = @organizations.all.sample
- user = org.users.sample || User.all.sample
-
- CscrmDataCollection.create!({
- user: user,
- organization: user.organization,
- bureau_id: "",
- year: [2022, 2023, 2024].sample,
- quarter: [1, 2, 3, 4].sample,
- agency_roles: CscrmDataCollection.agency_roles_options.sample,
- agency_roles_comments: random_words,
- leadership_roles: CscrmDataCollection.leadership_roles_options.sample,
- stakeholder_champion_identified: CscrmDataCollection.stakeholder_champion_identified_options.sample,
- stakeholder_champion_identified_comments: random_words,
- interdisciplinary_team_established: CscrmDataCollection.interdisciplinary_team_established_options.sample,
- interdisciplinary_team_established_comments: random_words,
- pmo_established: CscrmDataCollection.pmo_established_options.sample,
- pmo_established_comments: random_words,
- enterprise_wide_scrm_policy_established: CscrmDataCollection.enterprise_wide_scrm_policy_established_options.sample,
- enterprise_wide_scrm_policy_established_comments: random_words,
- funding_for_initial_operating_capability: CscrmDataCollection.funding_for_initial_operating_capability_options.sample,
- funding_for_initial_operating_capability_comments: random_words,
- staffing: CscrmDataCollection.staffing_options.sample,
- staffing_comments: random_words,
- agency_wide_scrm_strategy_and_implementation_plan_established: CscrmDataCollection.agency_wide_scrm_strategy_and_implementation_plan_options.sample,
- agency_wide_scrm_strategy_and_implementation_plan_comments: random_words,
- enterprise_risk_management_function_established: CscrmDataCollection.enterprise_risk_management_function_established_options.sample,
- enterprise_risk_management_function_established_comments: random_words,
- roles_and_responsibilities: CscrmDataCollection.roles_and_responsibilities_options.sample,
- roles_and_responsibilities_comments: random_words,
- missions_identified: CscrmDataCollection.missions_identified_options,
- missions_identified_comments: random_words,
- prioritization_process: CscrmDataCollection.prioritization_process_options.sample,
- prioritization_process_comments: random_words,
- considerations_in_procurement_processes: CscrmDataCollection.considerations_in_procurement_processes_options.sample,
- considerations_in_procurement_processes_comments: random_words,
- conducts_scra_for_prioritized_products_and_services: CscrmDataCollection.conducts_scra_for_prioritized_products_and_services_options.sample,
- conducts_scra_for_prioritized_products_and_services_comments: random_words,
- personnel_required_to_complete_training: CscrmDataCollection.personnel_required_to_complete_training_options.sample,
- established_process_information_sharing_with_fasc: CscrmDataCollection.established_process_information_sharing_options.sample,
- established_process_information_sharing_with_fasc_comments: random_words,
- cybersecurity_supply_chain_risk_considerations: CscrmDataCollection.cybersecurity_supply_chain_risk_considerations_options.sample,
- general_comments: random_words
- })
-
- CscrmDataCollection2.create!({
- user: user,
- organization: user.organization,
- bureau_id: "",
- year: [2023, 2023, 2025].sample,
- quarter: [1, 2, 3, 4].sample,
- interdisciplinary_team: CscrmDataCollection2.question_1[:options].to_a.sample[1],
- interdisciplinary_team_comments: random_words,
- pmo_established: CscrmDataCollection2.question_2[:options].to_a.sample[1],
- pmo_established_comments: random_words,
- established_policy: CscrmDataCollection2.question_3[:options].to_a.sample[1],
- established_policy_comments: random_words,
- supply_chain_acquisition_procedures: CscrmDataCollection2.question_4[:options].to_a.sample[1],
- supply_chain_acquisition_procedures_comments: random_words,
- funding: CscrmDataCollection2.question_5[:options].to_a.sample[1],
- funding_comments: random_words,
- identified_staff: CscrmDataCollection2.question_6[:options].to_a.sample[1],
- identified_staff_comments: random_words,
- strategy_plan: CscrmDataCollection2.question_7[:options].to_a.sample[1],
- strategy_plan_comments: random_words,
- governance_structure: CscrmDataCollection2.question_8[:options].to_a.sample[1],
- governance_structure_comments: random_words,
- clearly_defined_roles: CscrmDataCollection2.question_9[:options].to_a.sample[1],
- clearly_defined_roles_comments: random_words,
- identified_assets_and_essential_functions: CscrmDataCollection2.question_10[:options].to_a.sample[1],
- identified_assets_and_essential_functions_comments: random_words,
- prioritization_process: CscrmDataCollection2.question_11[:options].to_a.sample[1],
- prioritization_process_comments: random_words,
- considerations_in_procurement_processes: CscrmDataCollection2.question_12[:options].to_a.sample[1],
- considerations_in_procurement_processes_comments: random_words,
- documented_methodology: CscrmDataCollection2.question_13[:options].to_a.sample[1],
- documented_methodology_comments: random_words,
- conducts_scra_for_prioritized_products_and_services: CscrmDataCollection2.question_14[:options].to_a.sample[1],
- conducts_scra_for_prioritized_products_and_services_comments: random_words,
- personnel_required_to_complete_training: CscrmDataCollection2.question_15[:options].to_a.sample[1],
- personnel_required_to_complete_training_comments: random_words,
- established_process_information_sharing_with_fasc: CscrmDataCollection2.question_16[:options].to_a.sample[1],
- established_process_information_sharing_with_fasc_comments: random_words,
- cybersecurity_supply_chain_risk_considerations: CscrmDataCollection2.question_17[:options].to_a.sample[1],
- cybersecurity_supply_chain_risk_considerations_comments: random_words,
- process_for_product_authenticity: CscrmDataCollection2.question_18[:options].to_a.sample[1],
- process_for_product_authenticity_comments: random_words,
- cscrm_controls_incorporated_into_ssp: CscrmDataCollection2.question_19[:options].to_a.sample[1],
- cscrm_controls_incorporated_into_ssp_comments: random_words,
- comments: random_words,
- })
-end
-
for i in (1..20) do
DigitalServiceAccount.create!({
organization_list: [@gsa.id],
diff --git a/spec/factories/cscrm_data_collection.rb b/spec/factories/cscrm_data_collection.rb
deleted file mode 100644
index 70dd46dbe..000000000
--- a/spec/factories/cscrm_data_collection.rb
+++ /dev/null
@@ -1,8 +0,0 @@
-# frozen_string_literal: true
-
-FactoryBot.define do
- factory :cscrm_data_collection do
- year { 2023 }
- quarter { 2 }
- end
-end
diff --git a/spec/factories/cscrm_data_collection2.rb b/spec/factories/cscrm_data_collection2.rb
deleted file mode 100644
index 997a7bb89..000000000
--- a/spec/factories/cscrm_data_collection2.rb
+++ /dev/null
@@ -1,8 +0,0 @@
-# frozen_string_literal: true
-
-FactoryBot.define do
- factory :cscrm_data_collection2 do
- year { 2023 }
- quarter { 4 }
- end
-end
diff --git a/spec/features/admin/cscrm_data_collections2_spec.rb b/spec/features/admin/cscrm_data_collections2_spec.rb
deleted file mode 100644
index c1a8b004f..000000000
--- a/spec/features/admin/cscrm_data_collections2_spec.rb
+++ /dev/null
@@ -1,50 +0,0 @@
-# frozen_string_literal: true
-
-require 'rails_helper'
-
-feature 'CSCRM Collections 2', js: true do
- let(:organization) { FactoryBot.create(:organization) }
- let(:another_organization) { FactoryBot.create(:organization, :another) }
- let(:user) { FactoryBot.create(:user, organization:) }
- let(:admin) { FactoryBot.create(:user, :admin, organization:) }
-
- context 'as an Admin' do
- before do
- login_as(user)
- end
-
- describe 'GET /new' do
-
- before do
- visit new_admin_cscrm_data_collections2_path
-
- select(organization.name, from: 'cscrm_data_collection2_organization_id')
- fill_in("cscrm_data_collection2_bureau", with: "Bureau Name")
- fill_in("cscrm_data_collection2_year", with: "2023")
- fill_in("cscrm_data_collection2_quarter", with: "3")
-
- # Question 1
- select("Yes", from: 'cscrm_data_collection2_interdisciplinary_team')
- select("Yes", from: 'cscrm_data_collection2_supply_chain_acquisition_procedures')
- select("Fully identified and secured", from: 'cscrm_data_collection2_funding')
- select("Fully identified and secured", from: 'cscrm_data_collection2_identified_staff')
- select("Yes", from: 'cscrm_data_collection2_strategy_plan')
- select("Not established", from: 'cscrm_data_collection2_governance_structure')
- select("Yes", from: 'cscrm_data_collection2_prioritization_process')
- select("In development", from: 'cscrm_data_collection2_documented_methodology')
-
- click_on "Create CSCRM Data Collection"
- end
-
- it 'is accessible' do
- expect(page).to be_axe_clean
- end
-
- it 'creates a Collection successfully' do
- expect(page).to have_content('CSCRM Data Collection 2')
- expect(page).to have_content('Cscrm data collection was successfully created.')
- expect(page).to have_content('20. Comments')
- end
- end
- end
-end
diff --git a/spec/features/admin/cscrm_data_collections_spec.rb b/spec/features/admin/cscrm_data_collections_spec.rb
deleted file mode 100644
index 22a57941d..000000000
--- a/spec/features/admin/cscrm_data_collections_spec.rb
+++ /dev/null
@@ -1,53 +0,0 @@
-# frozen_string_literal: true
-
-require 'rails_helper'
-
-feature 'CSCRM Collections', js: true do
- let(:organization) { FactoryBot.create(:organization) }
- let(:another_organization) { FactoryBot.create(:organization, :another) }
- let(:user) { FactoryBot.create(:user, organization:) }
- let(:admin) { FactoryBot.create(:user, :admin, organization:) }
-
- context 'as an Admin' do
- before do
- login_as(user)
- end
-
- describe 'GET /new' do
-
- before do
- visit new_admin_cscrm_data_collection_path
-
- select(organization.name, from: 'cscrm_data_collection_organization_id')
- fill_in("cscrm_data_collection_bureau", with: "Bureau Name")
- fill_in("cscrm_data_collection_year", with: "2023")
- fill_in("cscrm_data_collection_quarter", with: "1")
- select("Yes", from: 'cscrm_data_collection_interdisciplinary_team_established')
- fill_in("cscrm_data_collection_interdisciplinary_team_established_comments", with: "c4")
- select("Yes", from: 'cscrm_data_collection_pmo_established')
- fill_in("cscrm_data_collection_pmo_established_comments", with: "c5")
- select("Yes", from: 'cscrm_data_collection_enterprise_wide_scrm_policy_established')
- fill_in("cscrm_data_collection_enterprise_wide_scrm_policy_established_comments", with: "c6")
- select("Partially secured", from: 'cscrm_data_collection_funding_for_initial_operating_capability')
- fill_in("cscrm_data_collection_funding_for_initial_operating_capability_comments", with: "c7")
- select("Partially secured", from: 'cscrm_data_collection_staffing')
- fill_in("cscrm_data_collection_staffing_comments", with: "c8")
- select("No", from: 'cscrm_data_collection_agency_wide_scrm_strategy_and_implementation_plan_established')
- fill_in("cscrm_data_collection_agency_wide_scrm_strategy_and_implementation_plan_comments", with: "c9")
- select("Not established", from: 'cscrm_data_collection_enterprise_risk_management_function_established')
- fill_in("cscrm_data_collection_enterprise_risk_management_function_established_comments", with: "c10")
- select("Yes", from: 'cscrm_data_collection_prioritization_process')
- fill_in("cscrm_data_collection_prioritization_process_comments", with: "c11")
- click_on "Create CSCRM Data Collection"
- end
-
- it 'is accessible' do
- expect(page).to be_axe_clean
- end
-
- it 'creates a Collection successfully' do
- expect(page).to have_content('Cscrm data collection was successfully created.')
- end
- end
- end
-end
diff --git a/spec/features/admin/dashboard_spec.rb b/spec/features/admin/dashboard_spec.rb
index 19ab040a8..16b8fa95f 100644
--- a/spec/features/admin/dashboard_spec.rb
+++ b/spec/features/admin/dashboard_spec.rb
@@ -38,8 +38,8 @@
expect(page).to have_content('Responses')
expect(page).to have_content('Services')
expect(page).to have_content('Websites')
- expect(page).to have_content('Data Collections')
- expect(page).to have_content('Service details')
+ expect(page).to have_content('CX Data Collections')
+ expect(page).to have_content('CX Collection Details')
expect(find('.reportable-users')).to have_content('1')
expect(find('.reportable-organizations')).to have_content('1')
expect(find('.reportable-forms')).to have_content('1')
diff --git a/spec/mailers/user_mailer_spec.rb b/spec/mailers/user_mailer_spec.rb
index ba3ba35f6..c0ce773f1 100644
--- a/spec/mailers/user_mailer_spec.rb
+++ b/spec/mailers/user_mailer_spec.rb
@@ -116,50 +116,6 @@
end
end
- describe 'CSCRM Data Collection' do
- let!(:organization) { FactoryBot.create(:organization) }
- let!(:user) { FactoryBot.create(:user, organization:) }
- let!(:cscrm_data_manager) { FactoryBot.create(:user, organization:, cscrm_data_collection_manager: true) }
- let!(:cscrm_data_collection) { FactoryBot.create(:cscrm_data_collection, organization:, user:) }
- let(:mail) { UserMailer.cscrm_data_collection_notification(collection_id: cscrm_data_collection.id) }
-
- before do
- ENV['ENABLE_EMAIL_NOTIFICATIONS'] = 'true'
- end
-
- it 'renders the headers' do
- expect(mail.subject).to eq("CSCRM Data Collection notification to #{cscrm_data_collection.id}")
- expect(mail.to).to eq([ENV.fetch('TOUCHPOINTS_ADMIN_EMAILS'), cscrm_data_manager.email])
- expect(mail.from).to eq([ENV.fetch('TOUCHPOINTS_EMAIL_SENDER')])
- end
-
- it 'renders the body' do
- expect(mail.body.encoded).to have_text('CSCRM Data Collection Notification')
- end
- end
-
- describe 'CSCRM Data Collection 2' do
- let!(:organization) { FactoryBot.create(:organization) }
- let!(:user) { FactoryBot.create(:user, organization:) }
- let!(:cscrm_data_manager) { FactoryBot.create(:user, organization:, cscrm_data_collection_manager: true) }
- let!(:cscrm_data_collection2) { FactoryBot.create(:cscrm_data_collection2, organization:, user:) }
- let(:mail) { UserMailer.cscrm_data_collection2_notification(collection_id: cscrm_data_collection2.id) }
-
- before do
- ENV['ENABLE_EMAIL_NOTIFICATIONS'] = 'true'
- end
-
- it 'renders the headers' do
- expect(mail.subject).to eq("CSCRM Data Collection 2 notification to #{cscrm_data_collection2.id}")
- expect(mail.to).to eq([ENV.fetch('TOUCHPOINTS_ADMIN_EMAILS'), cscrm_data_manager.email])
- expect(mail.from).to eq([ENV.fetch('TOUCHPOINTS_EMAIL_SENDER')])
- end
-
- it 'renders the body' do
- expect(mail.body.encoded).to have_text('CSCRM Data Collection 2 Notification')
- end
- end
-
describe 'account_deactivation_scheduled_notification' do
let!(:organization) { FactoryBot.create(:organization) }
let(:user) { FactoryBot.create(:user, organization:) }
diff --git a/spec/models/cscrm_data_collection_spec.rb b/spec/models/cscrm_data_collection_spec.rb
deleted file mode 100644
index 6311ba223..000000000
--- a/spec/models/cscrm_data_collection_spec.rb
+++ /dev/null
@@ -1,5 +0,0 @@
-require 'rails_helper'
-
-RSpec.describe CscrmDataCollection, type: :model do
- pending "add some examples to (or delete) #{__FILE__}"
-end
diff --git a/spec/requests/admin/cscrm_data_collections_spec.rb b/spec/requests/admin/cscrm_data_collections_spec.rb
deleted file mode 100644
index 828d96c97..000000000
--- a/spec/requests/admin/cscrm_data_collections_spec.rb
+++ /dev/null
@@ -1,141 +0,0 @@
-require 'rails_helper'
-
-# This spec was generated by rspec-rails when you ran the scaffold generator.
-# It demonstrates how one might use RSpec to test the controller code that
-# was generated by Rails when you ran the scaffold generator.
-#
-# It assumes that the implementation code is generated by the rails scaffold
-# generator. If you are using any extension libraries to generate different
-# controller code, this generated spec may or may not pass.
-#
-# It only uses APIs available in rails and/or rspec-rails. There are a number
-# of tools you can use to make these specs even more expressive, but we're
-# sticking to rails and rspec-rails APIs to keep things simple and stable.
-
-RSpec.describe "/admin/cscrm_data_collections", type: :request do
-
- # This should return the minimal set of attributes required to create a valid
- # CscrmDataCollection. As you add validations to CscrmDataCollection, be sure to
- # adjust the attributes here as well.
- let(:valid_attributes) {
- skip("Add a hash of attributes valid for your model")
- }
-
- let(:invalid_attributes) {
- skip("Add a hash of attributes invalid for your model")
- }
-
- describe "GET /index" do
- it "renders a successful response" do
- CscrmDataCollection.create! valid_attributes
- get admin_cscrm_data_collections_url
- expect(response).to be_successful
- end
- end
-
- describe "GET /show" do
- it "renders a successful response" do
- cscrm_data_collection = CscrmDataCollection.create! valid_attributes
- get admin_cscrm_data_collection_url(cscrm_data_collection)
- expect(response).to be_successful
- end
- end
-
- describe "GET /new" do
- let(:user) { FactoryBot.create(:user, :admin) }
-
- before do
- sign_in(user)
- end
-
- it "renders a successful response" do
- get new_admin_cscrm_data_collection_url
- expect(response).to be_successful
- end
- end
-
- describe "GET /edit" do
- it "renders a successful response" do
- cscrm_data_collection = CscrmDataCollection.create! valid_attributes
- get edit_admin_cscrm_data_collection_url(cscrm_data_collection)
- expect(response).to be_successful
- end
- end
-
- describe "POST /create" do
- context "with valid parameters" do
- it "creates a new CscrmDataCollection" do
- expect {
- post admin_cscrm_data_collections_url, params: { cscrm_data_collection: valid_attributes }
- }.to change(CscrmDataCollection, :count).by(1)
- end
-
- it "redirects to the created cscrm_data_collection" do
- post admin_cscrm_data_collections_url, params: { cscrm_data_collection: valid_attributes }
- expect(response).to redirect_to(admin_cscrm_data_collection_url(CscrmDataCollection.last))
- end
- end
-
- context "with invalid parameters" do
- it "does not create a new CscrmDataCollection" do
- expect {
- post admin_cscrm_data_collections_url, params: { cscrm_data_collection: invalid_attributes }
- }.to change(CscrmDataCollection, :count).by(0)
- end
-
-
- it "renders a response with 422 status (i.e. to display the 'new' template)" do
- post admin_cscrm_data_collections_url, params: { cscrm_data_collection: invalid_attributes }
- expect(response).to have_http_status(:unprocessable_entity)
- end
-
- end
- end
-
- describe "PATCH /update" do
- context "with valid parameters" do
- let(:new_attributes) {
- skip("Add a hash of attributes valid for your model")
- }
-
- it "updates the requested cscrm_data_collection" do
- cscrm_data_collection = CscrmDataCollection.create! valid_attributes
- patch admin_cscrm_data_collection_url(cscrm_data_collection), params: { cscrm_data_collection: new_attributes }
- cscrm_data_collection.reload
- skip("Add assertions for updated state")
- end
-
- it "redirects to the cscrm_data_collection" do
- cscrm_data_collection = CscrmDataCollection.create! valid_attributes
- patch admin_cscrm_data_collection_url(cscrm_data_collection), params: { cscrm_data_collection: new_attributes }
- cscrm_data_collection.reload
- expect(response).to redirect_to(admin_cscrm_data_collection_url(cscrm_data_collection))
- end
- end
-
- context "with invalid parameters" do
-
- it "renders a response with 422 status (i.e. to display the 'edit' template)" do
- cscrm_data_collection = CscrmDataCollection.create! valid_attributes
- patch admin_cscrm_data_collection_url(cscrm_data_collection), params: { cscrm_data_collection: invalid_attributes }
- expect(response).to have_http_status(:unprocessable_entity)
- end
-
- end
- end
-
- describe "DELETE /destroy" do
- it "destroys the requested cscrm_data_collection" do
- cscrm_data_collection = CscrmDataCollection.create! valid_attributes
- expect {
- delete admin_cscrm_data_collection_url(cscrm_data_collection)
- }.to change(CscrmDataCollection, :count).by(-1)
- end
-
- it "redirects to the cscrm_data_collections list" do
- cscrm_data_collection = CscrmDataCollection.create! valid_attributes
- delete admin_cscrm_data_collection_url(cscrm_data_collection)
- expect(response).to redirect_to(admin_cscrm_data_collections_url)
- end
- end
-end