| REPOSITORY | |
|---|---|
| REPOSITORY | OCA/management-system |
| GIT | |
| GIT | https://github.com/OCA/management-system.git |
| GIT FOLDER | |
| GIT FOLDER | https://github.com/OCA/management-system/tree/19.0/mgmtsystem_security_event |
| VERSION | |
| VERSION | 2.0.0 |
| CATEGORY | |
| CATEGORY | Management Systems |
| LICENSE | |
| LICENSE | AGPL-3 |
| APPLICATION | |
| APPLICATION | No |
| AUTO-INSTALLABLE | |
| AUTO-INSTALLABLE | No |
| AUTHORS | |
| AUTHORS | Odoo Community Association (OCA), Savoir-faire Linux, Gray Matter Logic |
| MAINTAINERS | |
| MAINTAINERS | Odoo Community Association (OCA), Savoir-faire Linux, Gray Matter Logic |
| COMMITTERS | |
| COMMITTERS | Maxime Chambreuil, Weblate, OCA-git-bot, oca-ci |
| WEBSITE | |
| WEBSITE | https://github.com/OCA/management-system |
| LAST TRACKING UPDATE | |
| LAST TRACKING UPDATE | 2026-07-06 19:40:49 |
| ODOO DEPENDENCIES | |
| ODOO DEPENDENCIES |
OCA/knowledge: - document_page - document_knowledge OCA/management-system: - mgmtsystem - mgmtsystem_risk odoo/odoo: - base - base_setup - web - bus - web_tour - html_editor |
| PYTHON DEPENDENCIES | |
| PYTHON DEPENDENCIES | Not have |
| SYSTEM DEPENDENCIES | |
| SYSTEM DEPENDENCIES | Not have |
| DESCRIPTION | |
| DESCRIPTION | This module allows you to manage **feared events** (security incidents) of your Information Security Management System (ISMS) and assess their risk using a configurable risk matrix. Key concepts: - **Feared Events** — Security incidents that could impact your organization, each classified by the security properties they threaten: Confidentiality, Integrity, and/or Availability (CIA triad). - **Attack Vectors** — The means by which a threat could materialize. Each vector carries three risk ratings (probability × severity): *Original* (before any control), *Current* (with controls already in place), and *Residual* (after planned remediation). A feared event's overall rating is automatically computed as the maximum across all its vectors. - **Scenarios** — Links between a feared event, an attack vector, and a threat source, with a description of how the attack could unfold. - **Threat Sources** — The origin of a threat (e.g. external attacker, malicious insider, compromised supplier). - **Security Controls** — Countermeasures applied to reduce risk, each flagged as *Prevention*, *Protection*, and/or *Recovery*. - **Assets** — Primary assets (the information or processes to protect) and Supporting assets (the infrastructure that hosts them), organized by category. - **Risk Matrix** — A visual heat-map report that plots feared events by probability and severity for a chosen risk type (original, current, or residual), with color-coded cells (green / orange / red). |
| XML ID | Name | Model | Type | Status |
|---|---|---|---|---|
report_risk_matrix |
report_risk_matrix | ir.ui.view | qweb | New |
view_mgmtsystem_category_asset_form |
mgmtsystem.security.asset.category.form | mgmtsystem.security.asset.category | form | New |
view_mgmtsystem_category_asset_tree |
mgmtsystem.security.asset.category.tree | mgmtsystem.security.asset.category | list | New |
view_mgmtsystem_primary_asset_form |
mgmtsystem.security.asset.primary.form | mgmtsystem.security.asset.primary | form | New |
view_mgmtsystem_primary_asset_tree |
mgmtsystem.security.asset.primary.tree | mgmtsystem.security.asset.primary | list | New |
view_mgmtsystem_security_control_form |
mgmtsystem.security.control.form | mgmtsystem.security.control | form | New |
view_mgmtsystem_security_control_list |
mgmtsystem.security.control.list | mgmtsystem.security.control | list | New |
view_mgmtsystem_security_event_control_form |
mgmtsystem.security.event.control.form | mgmtsystem.security.event.control | form | New |
view_mgmtsystem_security_event_control_tree |
mgmtsystem.security.event.control.tree | mgmtsystem.security.event.control | list | New |
view_mgmtsystem_security_event_form |
mgmtsystem.security.event.form | mgmtsystem.security.event | form | New |
view_mgmtsystem_security_event_scenario_form |
mgmtsystem.security.event.scenario.form | mgmtsystem.security.event.scenario | form | New |
view_mgmtsystem_security_event_scenario_list |
mgmtsystem.security.event.scenario.list | mgmtsystem.security.event.scenario | list | New |
view_mgmtsystem_security_event_search |
mgmtsystem.security.event.search | mgmtsystem.security.event | search | New |
view_mgmtsystem_security_event_tree |
mgmtsystem.security.event.tree | mgmtsystem.security.event | list | New |
view_mgmtsystem_supporting_asset_form |
mgmtsystem.security.asset.supporting.form | mgmtsystem.security.asset.supporting | form | New |
view_mgmtsystem_supporting_asset_tree |
mgmtsystem.security.asset.supporting.tree | mgmtsystem.security.asset.supporting | list | New |
view_mgmtsystem_threat_source_form |
mgmtsystem.security.threat.source.form | mgmtsystem.security.threat.source | form | New |
view_mgmtsystem_threat_source_list |
mgmtsystem.security.threat.source.list | mgmtsystem.security.threat.source | list | New |
view_mgmtsystem_vector_form |
mgmtsystem.security.vector.form | mgmtsystem.security.vector | form | New |
view_mgmtsystem_vector_list |
mgmtsystem.security.vector.list | mgmtsystem.security.vector | list | New |
view_risk_matrix_config_form |
mgmtsystem.risk.matrix.form | mgmtsystem.risk.matrix | form | New |
view_risk_matrix_level_list |
mgmtsystem.risk.matrix.level.list | mgmtsystem.risk.matrix.level | list | New |
company_id
Many2one
readonly=True
related='system_id.company_id'
store=True
system_id
Many2one → mgmtsystem.system
default=<expr>
required=True
args: 'mgmtsystem.system'
type
Selection
default='current'
required=True
selection=[('original', 'Before applying any control'), ('current', 'With current controls'), ('residual', 'After applying the planned controls')]
get_cell_color(self, severity, probability)
get_event_list(self, severity_id, probability_id)
get_events(self)
get_probabilities(self)
get_severities(self)
print_report(self)
probability_name(self, probability)
severity_name(self, severity)
color
Selection
default='green'
help='The color to display in the matrix'
required=True
selection=[('green', 'Green'), ('orange', 'Orange'), ('red', 'Red')]
probability_max
Integer
default=1
required=True
probability_min
Integer
default=1
required=True
severity_max
Integer
default=1
required=True
severity_min
Integer
default=1
required=True
No public methods.
name
Char
required=True
No public methods.
company_id
Many2one
readonly=True
related='system_id.company_id'
store=True
description
Text
name
Char
required=True
responsible_id
Many2one → res.users
system_id
Many2one → mgmtsystem.system
default=<expr>
required=True
args: 'mgmtsystem.system'
No public methods.
category_id
Many2one → mgmtsystem.security.asset.category
company_id
Many2one
readonly=True
related='system_id.company_id'
store=True
name
Char
required=True
primary_asset_ids
Many2many → mgmtsystem.security.asset.primary
system_id
Many2one → mgmtsystem.system
default=<expr>
required=True
args: 'mgmtsystem.system'
No public methods.
company_id
Many2one
readonly=True
related='system_id.company_id'
store=True
description
Text
name
Char
required=True
system_id
Many2one → mgmtsystem.system
default=<expr>
required=True
args: 'mgmtsystem.system'
work_instruction_id
Many2one → document.page
No public methods.
availability
Boolean
company_id
Many2one
readonly=True
related='system_id.company_id'
store=True
confidentiality
Boolean
control_ids
One2many → mgmtsystem.security.event.control
current_probability_id
Many2one → mgmtsystem.risk.probability
compute='_compute_ratings'
store=True
args: 'mgmtsystem.risk.probability'
current_severity_id
Many2one → mgmtsystem.risk.severity
compute='_compute_ratings'
store=True
args: 'mgmtsystem.risk.severity'
document_page_id
Many2one → document.page
ondelete='cascade'
required=True
args: 'document.page'
integrity
Boolean
original_probability_id
Many2one → mgmtsystem.risk.probability
compute='_compute_ratings'
store=True
args: 'mgmtsystem.risk.probability'
original_severity_id
Many2one → mgmtsystem.risk.severity
compute='_compute_ratings'
store=True
args: 'mgmtsystem.risk.severity'
residual_probability_id
Many2one → mgmtsystem.risk.probability
compute='_compute_ratings'
store=True
args: 'mgmtsystem.risk.probability'
residual_severity_id
Many2one → mgmtsystem.risk.severity
compute='_compute_ratings'
store=True
args: 'mgmtsystem.risk.severity'
scenario_ids
One2many → mgmtsystem.security.event.scenario
severity_id
Many2one → mgmtsystem.risk.severity
system_id
Many2one → mgmtsystem.system
default=<expr>
required=True
args: 'mgmtsystem.system'
No public methods.
control_id
Many2one → mgmtsystem.security.control
prevention
Boolean
protection
Boolean
recovery
Boolean
security_event_id
Many2one → mgmtsystem.security.event
supporting_asset_id
Many2one → mgmtsystem.security.asset.supporting
system_id
Many2one
readonly=True
related='security_event_id.system_id'
store=True
No public methods.
description
Text
probability_id
Many2one → mgmtsystem.risk.probability
security_event_id
Many2one → mgmtsystem.security.event
source_id
Many2one → mgmtsystem.security.threat.source
system_id
Many2one
readonly=True
related='security_event_id.system_id'
store=True
vector_id
Many2one → mgmtsystem.security.vector
No public methods.
company_id
Many2one
readonly=True
related='system_id.company_id'
store=True
name
Char
system_id
Many2one → mgmtsystem.system
default=<expr>
required=True
args: 'mgmtsystem.system'
No public methods.
company_id
Many2one
readonly=True
related='system_id.company_id'
store=True
current_probability_id
Many2one → mgmtsystem.risk.probability
help='Probability with existing controls'
args: 'mgmtsystem.risk.probability'
current_severity_id
Many2one → mgmtsystem.risk.severity
help='Severity with existing controls'
args: 'mgmtsystem.risk.severity'
description
Text
name
Char
required=True
original_probability_id
Many2one → mgmtsystem.risk.probability
help='Probability without any control'
args: 'mgmtsystem.risk.probability'
original_severity_id
Many2one → mgmtsystem.risk.severity
help='Severity without any control'
args: 'mgmtsystem.risk.severity'
residual_probability_id
Many2one → mgmtsystem.risk.probability
help='Probability after remediation'
args: 'mgmtsystem.risk.probability'
residual_severity_id
Many2one → mgmtsystem.risk.severity
help='Severity after remediation'
args: 'mgmtsystem.risk.severity'
supporting_asset_ids
Many2many → mgmtsystem.security.asset.supporting
system_id
Many2one → mgmtsystem.system
default=<expr>
required=True
args: 'mgmtsystem.system'
No public methods.
| REPOSITORY | |
|---|---|
| REPOSITORY | OCA/management-system |
| GIT | |
| GIT | https://github.com/OCA/management-system.git |
| GIT FOLDER | |
| GIT FOLDER | https://github.com/OCA/management-system/tree/7.0/mgmtsystem_security_event |
| VERSION | |
| VERSION | 0.0.1 |
| CATEGORY | |
| CATEGORY | Management System |
| LICENSE | |
| LICENSE | AGPL-3 |
| APPLICATION | |
| APPLICATION | No |
| AUTO-INSTALLABLE | |
| AUTO-INSTALLABLE | No |
| AUTHORS | |
| AUTHORS | Odoo Community Association (OCA), Savoir-faire Linux |
| MAINTAINERS | |
| MAINTAINERS | Odoo Community Association (OCA), Savoir-faire Linux |
| COMMITTERS | |
| COMMITTERS | Maxime Chambreuil, Stéphane Bidoul (ACSONE), OCA Transbot |
| WEBSITE | |
| WEBSITE | http://www.savoirfairelinux.com |
| LAST TRACKING UPDATE | |
| LAST TRACKING UPDATE | 2026-07-06 00:07:15 |
| ODOO DEPENDENCIES | |
| ODOO DEPENDENCIES |
OCA/knowledge: - document_page_approval OCA/management-system: - document_page_work_instructions - mgmtsystem - mgmtsystem_severity - mgmtsystem_probability odoo/odoo: - base - board - document_page - knowledge - base_setup - web_kanban - web - email_template - report_webkit |
| PYTHON DEPENDENCIES | |
| PYTHON DEPENDENCIES | Not have |
| SYSTEM DEPENDENCIES | |
| SYSTEM DEPENDENCIES | Not have |
| DESCRIPTION | |
| DESCRIPTION | Feared Events
=============
This module allows you to manage feared events of your Information Security
Management System (ISMS).
|
| XML ID | Name | Model | Type | Status |
|---|---|---|---|---|
view_mgmtsystem_category_asset_form |
mgmtsystem.security.asset.category.form | mgmtsystem.security.asset.category | form | New |
view_mgmtsystem_category_asset_tree |
mgmtsystem.security.asset.category.tree | mgmtsystem.security.asset.category | tree | New |
view_mgmtsystem_primary_asset_form |
mgmtsystem.security.asset.primary.form | mgmtsystem.security.asset.primary | form | New |
view_mgmtsystem_primary_asset_tree |
mgmtsystem.security.asset.primary.tree | mgmtsystem.security.asset.primary | tree | New |
view_mgmtsystem_security_control_form |
mgmtsystem.security.control.form | mgmtsystem.security.control | form | New |
view_mgmtsystem_security_control_tree |
mgmtsystem.security.control.form | mgmtsystem.security.control | tree | New |
view_mgmtsystem_security_event_control_form |
mgmtsystem.security.event.control.form | mgmtsystem.security.event.control | form | New |
view_mgmtsystem_security_event_control_tree |
mgmtsystem.security.event.control.tree | mgmtsystem.security.event.control | tree | New |
view_mgmtsystem_security_event_form |
mgmtsystem.security.event.form | mgmtsystem.security.event | form | New |
view_mgmtsystem_security_event_scenario_form |
mgmtsystem.security.event.scenario.form | mgmtsystem.security.event.scenario | form | New |
view_mgmtsystem_security_event_scenario_tree |
mgmtsystem.security.event.scenario.tree | mgmtsystem.security.event.scenario | tree | New |
view_mgmtsystem_security_event_tree |
mgmtsystem.security.event.tree | mgmtsystem.security.event | tree | New |
view_mgmtsystem_supporting_asset_form |
mgmtsystem.security.asset.supporting.form | mgmtsystem.security.asset.supporting | form | New |
view_mgmtsystem_supporting_asset_tree |
mgmtsystem.security.asset.supporting.tree | mgmtsystem.security.asset.supporting | tree | New |
view_mgmtsystem_threat_source_form |
mgmtsystem.security.threat.source.form | mgmtsystem.security.threat.source | form | New |
view_mgmtsystem_threat_source_tree |
mgmtsystem.security.threat.source.tree | mgmtsystem.security.threat.source | tree | New |
view_mgmtsystem_vector_form |
mgmtsystem.security.vector.form | mgmtsystem.security.vector | form | New |
view_mgmtsystem_vector_tree |
mgmtsystem.security.vector.tree | mgmtsystem.security.vector | tree | New |
view_risk_matrix_config_form |
mgmtsystem.risk.matrix.form | mgmtsystem.risk.matrix | form | New |
view_risk_matrix_level_list |
mgmtsystem.risk.matrix.level.list | mgmtsystem.risk.matrix.level | tree | New |
No new fields.
Public methods (10)get_cell_color(self, cr, uid, ids, severity, probability, context=None)
get_event_list(self, cr, uid, ids, severity, probability, context=None)
get_events(self, cr, uid, ids, context=None)
get_matrix_types(self, cr, uid, context=None)
get_probabilities(self, cr, uid, ids, context=None)
get_severities(self, cr, uid, ids, context=None)
get_type(self, cr, uid, ids, context=None)
print_report(self, cr, uid, ids, context=None)
probability_name(self, cr, uid, ids, probability, context=None)
severity_name(self, cr, uid, ids, severity, context=None)
No new fields.
Public methods (0)No public methods.
No new fields.
Public methods (0)No public methods.
No new fields.
Public methods (0)No public methods.
No new fields.
Public methods (0)No public methods.
No new fields.
Public methods (0)No public methods.
No new fields.
Public methods (0)No public methods.
No new fields.
Public methods (1)name_get(self, cr, uid, ids, context=None)
No new fields.
Public methods (1)name_get(self, cr, uid, ids, context=None)
No new fields.
Public methods (0)No public methods.
No new fields.
Public methods (0)No public methods.