Feared Events

mgmtsystem_security_event
REPOSITORY
REPOSITORYOCA/management-system
GIT
GIThttps://github.com/OCA/management-system.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/management-system/tree/19.0/mgmtsystem_security_event
VERSION
VERSION 2.0.0
CATEGORY
CATEGORYManagement Systems
LICENSE
LICENSEAGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSOdoo Community Association (OCA), Savoir-faire Linux, Gray Matter Logic
MAINTAINERS
MAINTAINERSOdoo Community Association (OCA), Savoir-faire Linux, Gray Matter Logic
COMMITTERS
COMMITTERSMaxime Chambreuil, Weblate, OCA-git-bot, oca-ci
WEBSITE
WEBSITEhttps://github.com/OCA/management-system
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 19:40:49
ODOO DEPENDENCIES
ODOO DEPENDENCIES OCA/knowledge:
    - document_page
    - document_knowledge
OCA/management-system:
    - mgmtsystem
    - mgmtsystem_risk
odoo/odoo:
    - base
    - mail
    - base_setup
    - web
    - bus
    - web_tour
    - html_editor
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES Not have
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION
This module allows you to manage **feared events** (security incidents) of your
Information Security Management System (ISMS) and assess their risk using a
configurable risk matrix.

Key concepts:

- **Feared Events** — Security incidents that could impact your organization,
  each classified by the security properties they threaten: Confidentiality,
  Integrity, and/or Availability (CIA triad).

- **Attack Vectors** — The means by which a threat could materialize. Each
  vector carries three risk ratings (probability × severity): *Original* (before
  any control), *Current* (with controls already in place), and *Residual* (after
  planned remediation). A feared event's overall rating is automatically computed
  as the maximum across all its vectors.

- **Scenarios** — Links between a feared event, an attack vector, and a threat
  source, with a description of how the attack could unfold.

- **Threat Sources** — The origin of a threat (e.g. external attacker, malicious
  insider, compromised supplier).

- **Security Controls** — Countermeasures applied to reduce risk, each flagged as
  *Prevention*, *Protection*, and/or *Recovery*.

- **Assets** — Primary assets (the information or processes to protect) and
  Supporting assets (the infrastructure that hosts them), organized by category.

- **Risk Matrix** — A visual heat-map report that plots feared events by
  probability and severity for a chosen risk type (original, current, or
  residual), with color-coded cells (green / orange / red).

Code Analysis

Views touched (22)
XML IDNameModelTypeStatus
report_risk_matrix report_risk_matrix ir.ui.view qweb New
view_mgmtsystem_category_asset_form mgmtsystem.security.asset.category.form mgmtsystem.security.asset.category form New
view_mgmtsystem_category_asset_tree mgmtsystem.security.asset.category.tree mgmtsystem.security.asset.category list New
view_mgmtsystem_primary_asset_form mgmtsystem.security.asset.primary.form mgmtsystem.security.asset.primary form New
view_mgmtsystem_primary_asset_tree mgmtsystem.security.asset.primary.tree mgmtsystem.security.asset.primary list New
view_mgmtsystem_security_control_form mgmtsystem.security.control.form mgmtsystem.security.control form New
view_mgmtsystem_security_control_list mgmtsystem.security.control.list mgmtsystem.security.control list New
view_mgmtsystem_security_event_control_form mgmtsystem.security.event.control.form mgmtsystem.security.event.control form New
view_mgmtsystem_security_event_control_tree mgmtsystem.security.event.control.tree mgmtsystem.security.event.control list New
view_mgmtsystem_security_event_form mgmtsystem.security.event.form mgmtsystem.security.event form New
view_mgmtsystem_security_event_scenario_form mgmtsystem.security.event.scenario.form mgmtsystem.security.event.scenario form New
view_mgmtsystem_security_event_scenario_list mgmtsystem.security.event.scenario.list mgmtsystem.security.event.scenario list New
view_mgmtsystem_security_event_search mgmtsystem.security.event.search mgmtsystem.security.event search New
view_mgmtsystem_security_event_tree mgmtsystem.security.event.tree mgmtsystem.security.event list New
view_mgmtsystem_supporting_asset_form mgmtsystem.security.asset.supporting.form mgmtsystem.security.asset.supporting form New
view_mgmtsystem_supporting_asset_tree mgmtsystem.security.asset.supporting.tree mgmtsystem.security.asset.supporting list New
view_mgmtsystem_threat_source_form mgmtsystem.security.threat.source.form mgmtsystem.security.threat.source form New
view_mgmtsystem_threat_source_list mgmtsystem.security.threat.source.list mgmtsystem.security.threat.source list New
view_mgmtsystem_vector_form mgmtsystem.security.vector.form mgmtsystem.security.vector form New
view_mgmtsystem_vector_list mgmtsystem.security.vector.list mgmtsystem.security.vector list New
view_risk_matrix_config_form mgmtsystem.risk.matrix.form mgmtsystem.risk.matrix form New
view_risk_matrix_level_list mgmtsystem.risk.matrix.level.list mgmtsystem.risk.matrix.level list New
Models touched (11)

New fields (3)
  • company_id Many2one
    readonly=True related='system_id.company_id' store=True
  • system_id Many2one → mgmtsystem.system
    default=<expr> required=True args: 'mgmtsystem.system'
  • type Selection
    default='current' required=True selection=[('original', 'Before applying any control'), ('current', 'With current controls'), ('residual', 'After applying the planned controls')]
Public methods (8)
  • get_cell_color(self, severity, probability)
  • get_event_list(self, severity_id, probability_id)
  • get_events(self)
  • get_probabilities(self)
  • get_severities(self)
  • print_report(self)
  • probability_name(self, probability)
  • severity_name(self, severity)

New fields (5)
  • color Selection
    default='green' help='The color to display in the matrix' required=True selection=[('green', 'Green'), ('orange', 'Orange'), ('red', 'Red')]
  • probability_max Integer
    default=1 required=True
  • probability_min Integer
    default=1 required=True
  • severity_max Integer
    default=1 required=True
  • severity_min Integer
    default=1 required=True
Public methods (0)

No public methods.

New fields (1)
  • name Char
    required=True
Public methods (0)

No public methods.

New fields (5)
  • company_id Many2one
    readonly=True related='system_id.company_id' store=True
  • description Text
  • name Char
    required=True
  • responsible_id Many2one → res.users
    args: 'res.users'
  • system_id Many2one → mgmtsystem.system
    default=<expr> required=True args: 'mgmtsystem.system'
Public methods (0)

No public methods.

New fields (5)
  • category_id Many2one → mgmtsystem.security.asset.category
    args: 'mgmtsystem.security.asset.category'
  • company_id Many2one
    readonly=True related='system_id.company_id' store=True
  • name Char
    required=True
  • primary_asset_ids Many2many → mgmtsystem.security.asset.primary
    args: 'mgmtsystem.security.asset.primary', 'mgmtsystem_security_asset_primary_rel', 'supporting_asset_id', 'primary_asset_id'
  • system_id Many2one → mgmtsystem.system
    default=<expr> required=True args: 'mgmtsystem.system'
Public methods (0)

No public methods.

New fields (5)
  • company_id Many2one
    readonly=True related='system_id.company_id' store=True
  • description Text
  • name Char
    required=True
  • system_id Many2one → mgmtsystem.system
    default=<expr> required=True args: 'mgmtsystem.system'
  • work_instruction_id Many2one → document.page
    args: 'document.page'
Public methods (0)

No public methods.

New fields (15)
  • availability Boolean
  • company_id Many2one
    readonly=True related='system_id.company_id' store=True
  • confidentiality Boolean
  • control_ids One2many → mgmtsystem.security.event.control
    args: 'mgmtsystem.security.event.control', 'security_event_id'
  • current_probability_id Many2one → mgmtsystem.risk.probability
    compute='_compute_ratings' store=True args: 'mgmtsystem.risk.probability'
  • current_severity_id Many2one → mgmtsystem.risk.severity
    compute='_compute_ratings' store=True args: 'mgmtsystem.risk.severity'
  • document_page_id Many2one → document.page
    ondelete='cascade' required=True args: 'document.page'
  • integrity Boolean
  • original_probability_id Many2one → mgmtsystem.risk.probability
    compute='_compute_ratings' store=True args: 'mgmtsystem.risk.probability'
  • original_severity_id Many2one → mgmtsystem.risk.severity
    compute='_compute_ratings' store=True args: 'mgmtsystem.risk.severity'
  • residual_probability_id Many2one → mgmtsystem.risk.probability
    compute='_compute_ratings' store=True args: 'mgmtsystem.risk.probability'
  • residual_severity_id Many2one → mgmtsystem.risk.severity
    compute='_compute_ratings' store=True args: 'mgmtsystem.risk.severity'
  • scenario_ids One2many → mgmtsystem.security.event.scenario
    args: 'mgmtsystem.security.event.scenario', 'security_event_id'
  • severity_id Many2one → mgmtsystem.risk.severity
    args: 'mgmtsystem.risk.severity'
  • system_id Many2one → mgmtsystem.system
    default=<expr> required=True args: 'mgmtsystem.system'
Public methods (0)

No public methods.

New fields (7)
  • control_id Many2one → mgmtsystem.security.control
    args: 'mgmtsystem.security.control'
  • prevention Boolean
  • protection Boolean
  • recovery Boolean
  • security_event_id Many2one → mgmtsystem.security.event
    args: 'mgmtsystem.security.event'
  • supporting_asset_id Many2one → mgmtsystem.security.asset.supporting
    args: 'mgmtsystem.security.asset.supporting'
  • system_id Many2one
    readonly=True related='security_event_id.system_id' store=True
Public methods (0)

No public methods.

New fields (6)
  • description Text
  • probability_id Many2one → mgmtsystem.risk.probability
    args: 'mgmtsystem.risk.probability'
  • security_event_id Many2one → mgmtsystem.security.event
    args: 'mgmtsystem.security.event'
  • source_id Many2one → mgmtsystem.security.threat.source
    args: 'mgmtsystem.security.threat.source'
  • system_id Many2one
    readonly=True related='security_event_id.system_id' store=True
  • vector_id Many2one → mgmtsystem.security.vector
    args: 'mgmtsystem.security.vector'
Public methods (0)

No public methods.

New fields (3)
  • company_id Many2one
    readonly=True related='system_id.company_id' store=True
  • name Char
  • system_id Many2one → mgmtsystem.system
    default=<expr> required=True args: 'mgmtsystem.system'
Public methods (0)

No public methods.

New fields (11)
  • company_id Many2one
    readonly=True related='system_id.company_id' store=True
  • current_probability_id Many2one → mgmtsystem.risk.probability
    help='Probability with existing controls' args: 'mgmtsystem.risk.probability'
  • current_severity_id Many2one → mgmtsystem.risk.severity
    help='Severity with existing controls' args: 'mgmtsystem.risk.severity'
  • description Text
  • name Char
    required=True
  • original_probability_id Many2one → mgmtsystem.risk.probability
    help='Probability without any control' args: 'mgmtsystem.risk.probability'
  • original_severity_id Many2one → mgmtsystem.risk.severity
    help='Severity without any control' args: 'mgmtsystem.risk.severity'
  • residual_probability_id Many2one → mgmtsystem.risk.probability
    help='Probability after remediation' args: 'mgmtsystem.risk.probability'
  • residual_severity_id Many2one → mgmtsystem.risk.severity
    help='Severity after remediation' args: 'mgmtsystem.risk.severity'
  • supporting_asset_ids Many2many → mgmtsystem.security.asset.supporting
    args: 'mgmtsystem.security.asset.supporting', 'mgmtsystem_security_asset_supporting_rel', 'vector_id', 'supporting_asset_id'
  • system_id Many2one → mgmtsystem.system
    default=<expr> required=True args: 'mgmtsystem.system'
Public methods (0)

No public methods.

REPOSITORY
REPOSITORYOCA/management-system
GIT
GIThttps://github.com/OCA/management-system.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/management-system/tree/7.0/mgmtsystem_security_event
VERSION
VERSION 0.0.1
CATEGORY
CATEGORYManagement System
LICENSE
LICENSEAGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSOdoo Community Association (OCA), Savoir-faire Linux
MAINTAINERS
MAINTAINERSOdoo Community Association (OCA), Savoir-faire Linux
COMMITTERS
COMMITTERSMaxime Chambreuil, Stéphane Bidoul (ACSONE), OCA Transbot
WEBSITE
WEBSITEhttp://www.savoirfairelinux.com
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:07:15
ODOO DEPENDENCIES
ODOO DEPENDENCIES OCA/knowledge:
    - document_page_approval
OCA/management-system:
    - document_page_work_instructions
    - mgmtsystem
    - mgmtsystem_severity
    - mgmtsystem_probability
odoo/odoo:
    - base
    - board
    - document_page
    - knowledge
    - base_setup
    - web_kanban
    - web
    - email_template
    - mail
    - report_webkit
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES Not have
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION
Feared Events
=============

This module allows you to manage feared events of your Information Security
Management System (ISMS).
    

Code Analysis

Views touched (20)
XML IDNameModelTypeStatus
view_mgmtsystem_category_asset_form mgmtsystem.security.asset.category.form mgmtsystem.security.asset.category form New
view_mgmtsystem_category_asset_tree mgmtsystem.security.asset.category.tree mgmtsystem.security.asset.category tree New
view_mgmtsystem_primary_asset_form mgmtsystem.security.asset.primary.form mgmtsystem.security.asset.primary form New
view_mgmtsystem_primary_asset_tree mgmtsystem.security.asset.primary.tree mgmtsystem.security.asset.primary tree New
view_mgmtsystem_security_control_form mgmtsystem.security.control.form mgmtsystem.security.control form New
view_mgmtsystem_security_control_tree mgmtsystem.security.control.form mgmtsystem.security.control tree New
view_mgmtsystem_security_event_control_form mgmtsystem.security.event.control.form mgmtsystem.security.event.control form New
view_mgmtsystem_security_event_control_tree mgmtsystem.security.event.control.tree mgmtsystem.security.event.control tree New
view_mgmtsystem_security_event_form mgmtsystem.security.event.form mgmtsystem.security.event form New
view_mgmtsystem_security_event_scenario_form mgmtsystem.security.event.scenario.form mgmtsystem.security.event.scenario form New
view_mgmtsystem_security_event_scenario_tree mgmtsystem.security.event.scenario.tree mgmtsystem.security.event.scenario tree New
view_mgmtsystem_security_event_tree mgmtsystem.security.event.tree mgmtsystem.security.event tree New
view_mgmtsystem_supporting_asset_form mgmtsystem.security.asset.supporting.form mgmtsystem.security.asset.supporting form New
view_mgmtsystem_supporting_asset_tree mgmtsystem.security.asset.supporting.tree mgmtsystem.security.asset.supporting tree New
view_mgmtsystem_threat_source_form mgmtsystem.security.threat.source.form mgmtsystem.security.threat.source form New
view_mgmtsystem_threat_source_tree mgmtsystem.security.threat.source.tree mgmtsystem.security.threat.source tree New
view_mgmtsystem_vector_form mgmtsystem.security.vector.form mgmtsystem.security.vector form New
view_mgmtsystem_vector_tree mgmtsystem.security.vector.tree mgmtsystem.security.vector tree New
view_risk_matrix_config_form mgmtsystem.risk.matrix.form mgmtsystem.risk.matrix form New
view_risk_matrix_level_list mgmtsystem.risk.matrix.level.list mgmtsystem.risk.matrix.level tree New
Models touched (11)

New fields (0)

No new fields.

Public methods (10)
  • get_cell_color(self, cr, uid, ids, severity, probability, context=None)
  • get_event_list(self, cr, uid, ids, severity, probability, context=None)
  • get_events(self, cr, uid, ids, context=None)
  • get_matrix_types(self, cr, uid, context=None)
  • get_probabilities(self, cr, uid, ids, context=None)
  • get_severities(self, cr, uid, ids, context=None)
  • get_type(self, cr, uid, ids, context=None)
  • print_report(self, cr, uid, ids, context=None)
  • probability_name(self, cr, uid, ids, probability, context=None)
  • severity_name(self, cr, uid, ids, severity, context=None)

New fields (0)

No new fields.

Public methods (0)

No public methods.

New fields (0)

No new fields.

Public methods (0)

No public methods.

New fields (0)

No new fields.

Public methods (0)

No public methods.

New fields (0)

No new fields.

Public methods (0)

No public methods.

New fields (0)

No new fields.

Public methods (0)

No public methods.

New fields (0)

No new fields.

Public methods (0)

No public methods.

New fields (0)

No new fields.

Public methods (1)
  • name_get(self, cr, uid, ids, context=None)
    The method gets the name of the objects referenced by ids. This method computes the name based on the controls and supporting_assets fields. It computes the name for each ids and can be extended by subclass.

New fields (0)

No new fields.

Public methods (1)
  • name_get(self, cr, uid, ids, context=None)
    The method gets the name of the objects referenced by ids. This method computes the name based on the controls and supporting_assets fields. It computes the name for each ids and can be extended by subclass.

New fields (0)

No new fields.

Public methods (0)

No public methods.

New fields (0)

No new fields.

Public methods (0)

No public methods.