Skip to content
English
Submit Support Ticket Customer portal Sign in
Knowledge Base Home
  • There are no suggestions because the search field is empty.

Advanced report templates for assessments

Learn how to quickly generate reports for completed assessments based on rules

This feature is only currently available for requirement-based assessments (RBAs).

Advanced report templates let you generate assessment reports that not only populate data but also apply conditions, rules, and more, so that you can create highly tailored and meaningful reporting outputs.

Table of contents

Prerequisites

You can find the report template generator under any assessment with the status Completed.

This feature is only currently available for requirement-based assessments (RBAs).

Getting started

You can edit an existing assessment report template and replace existing tags and tables with rule-based placeholders, or start from scratch.

The advanced report builder is based on Docxtemplater.

The assessment object has the below structure.

Assessment
├─ Id
├─ Name
├─ Status
├─ Objective
├─ Description
├─ Authority
├─ Version
├─ Type
├─ CreatedDate
├─ PublishedDate
├─ CompletedDate
├─ ClosedDate
├─ Respondent
├─ ResponseUser
├─ ResponseSummary

├─ Domains[]
│   ├─ Id
│   ├─ Name
│   ├─ Description
│   ├─ IntroductionText
│   └─ Order

└─ Requirements[]
    ├─ Id
    ├─ IdRef
    ├─ Name
    ├─ Description
    ├─ Domain
    ├─ RequirementDomainName
    ├─ Type
    ├─ Order
    ├─ Questions
    ├─ ReferenceAttachments[]
    ├─ EvidenceAttachments[]
    ├─ IsEvidenceMandatory
    │
    ├─ Responses
    │   ├─ Status
    │   ├─ Control(TrustedResponse)
    │   ├─ Gap(TrustedResponse)
    │   └─ Recommendations
    │
    ├─ Risks[]
    │   ├─ Id
    │   ├─ IdRef
    │   ├─ Name
    │   ├─ Description
    │   ├─ CommonCause
    │   ├─ LikelyImpact
    │   │
    │   ├─ RiskRating
    │   ├─ RiskRatingColor
    │   ├─ RiskRatingOrder
    │   ├─ CurrentRiskRating
    │   ├─ PlannedRiskRating
    │   ├─ ResidualRiskRating
    │   │
    │   ├─ TreatmentStatus
    │   ├─ TreatmentDecision
    │   │
    │   ├─ Owners
    │   ├─ AccessMembers
    │   ├─ Tags
    │   │
    │   ├─ RiskTreatmentPlan
    │   ├─ RiskScenarios
    │   ├─ RiskRecommendation
    │   │
    │   ├─ RiskTreatmentPlanDetails[]
    │   │   ├─ Name
    │   │   ├─ Description
    │   │   ├─ Status
    │   │   ├─ DueDate
    │   │   └─ CompletionDate
    │   │
    │   └─ RiskAssessment[]
    │       ├─ Id
    │       ├─ Name
    │       ├─ AssessmentDate
    │       ├─ LikelihoodT
    │       ├─ ImpactT
    │       ├─ RiskAssessmentLabels
    │       └─ RiskRating
    │
    ├─ Issues&incidents[]
    │   ├─ Id
    │   ├─ IdRef
    │   ├─ Name
    │   ├─ Description
    │   │
    │   ├─ Status
    │   ├─ Stage
    │   ├─ Priority
    │   │
    │   ├─ ReportedBy
    │   ├─ RecordedDate
    │   ├─ DueDate
    │   │
    │   ├─ Owners
    │   ├─ Tags
    │   ├─ Type
    │   │
    │   ├─ IssueActions
    │   │
    │   └─ IssueActionsDetails[]
    │       ├─ Id
    │       ├─ IdRef
    │       ├─ Title
    │       ├─ Description
    │       ├─ Status
    │       ├─ Assignee
    │       ├─ DueDate
    │       └─ CompletedDate
    │
    └─ Assets[]
        ├─ Id
        ├─ IdRef
        ├─ Name
        ├─ Description
        │
        ├─ Status
        ├─ Stage
        │
        ├─ Owners
        ├─ Tags
        │
        ├─ Type
        │
        ├─ Confidentiality
        ├─ Integrity
        └─ Availability

Creating rule-based placeholders

Property values

For example, {Assessment.Name} will populate the report with the name of the assessment where the tag is placed, similar to Pixel Perfect tags.

Loops

Loop through arrays with #.

This is an example of looping through all requirements in the assessment.

{#Assessment.Requirements}
{IdRef} - {Name}
{/}

This is an example of a nested loop where we show all the risks under each requirement in the assessment.

{#Assessment.Requirements}
Requirement: {Name}

{#Risks}
Risk: {Name}
{/}

{/}

Collecting nested data

You can display all the data of a certain type.

This example shows all risks linked to requirements.

{#Assessment.Requirements | collect:'Risks'}
Risk: {Name}
{/}

This example shows all issues linked to requirements.

{#Assessment.Requirements | collect:'Issues&incidents'}
Issue: {Name}
{/}

Tables with placeholders

You can define tables which will dynamically populate depending on the parameters you define.

  • {#loop} must be on its own row
  • {/} closes the loop

This is an example table for requirements and responses. If your RBA has 30 requirements, it will loop for 30 rows in the final report.

Requirement Domain Status

{#Assessment.Requirements}

{IdRef}

{/}

 {Domain} {Responses.Status}

This is an example table for risks that are linked to requirements. It will loop through all the risks that are linked.

Risk Rating Treatment
{#Assessment.Requirements | collect:‘Risks’}
{Name}
{/}		 {RiskRating} {TreatmentStatus}

Aggregation placeholders

You can aggregate values e.g. number of risks.

This is an example of displaying the number of requirements in an assessment.

Total Requirements: {Assessment.Requirements | count}

This is an example of displaying the number of risks linked to all requirements in an assessment.

Total Risks: {Assessment.Requirements | count:'Risks'}

This is an example of the same but using collect.

Total Risks: {Assessment.Requirements | collect:'Risks' | count}

Bar charts

You can generate a bar chart using aggregated counts or filtered data e.g. number of risks by requirement.

 

Filtering & excluding data

You can apply filters to aggregation placeholders so that calculated values only include results that meet the given criteria e.g. number of controls that are implemented. Filters can be applied to aggregation placeholders, risks, issues, and other registers.

Filter Purpose
count Count items in an array
collect Flatten nested arrays
distinctBy Remove duplicates
where Filter data
sortBy Sort items
sortByPriority Sort by priority levels
groupBy Group items by a field

Filters support common conditions (e.g. equals, not equals, greater than, less than).

Multiple filters can be combined.

This is an example of filtering by requirements with a 'Partial Gap' response.

{#Assessment.Requirements | where:"Responses.Status == 'Partial Gap'"}

Requirement: {IdRef}
{Name}

{/}

This is an example of filtering by risks linked to requirments where they have a high risk rating.

{#Assessment.Requirements | collect:'Risks' | where:"RiskRating == '4 - High'"}

Risk: {Name}
Rating: {RiskRating}

{/}

This is an example of filtering by risks linked to requirements where they have a high risk rating and a draft treatment status.

{#Assessment.Requirements | collect:'Risks'
  | where:"RiskRating == '4 - High' && TreatmentStatus == 'Draft'"}

{Name}

{/}

Grouping data

You can group records by a selected field. Grouped data appears as distinct sections in the generated report. Grouping can be applied to linked data such as risks, issues, and other registers.

This is an example for grouping risks linked to requirements by their risk rating.

{#Assessment.Requirements | collect:'Risks' | groupBy:'RiskRating'}

Severity: {key}

{#items}
• {Name}
{/items}

{/}

This is an example for grouping issues linked to requirements by their status.

{#Assessment.Requirements | collect:'Issues&incidents' | groupBy:'Status'}

Status: {key}

{#items}
• {Name}
{/items}

{/}

This is an example for grouping assets linked to requirements by their type.

{#Assessment.Requirements | collect:'Assets' | groupBy:'Type'}

Category: {key}

{#items}
• {Name}
{/items}

{/}

Grouping works in conjunction with filtering and aggregation functions.

Configuring ordering rules

The system supports sorting by one or more fields. Sorting can be applied to linked data such as risks, issues, and other registers. Sorting supports ascending and descending order, and custom sort orders for categorical values.

This is an example of the requirements in an assessment being sorted by the order in which they appear in the assessment.

{#Assessment.Requirements | sortBy:'Order asc'}

{Order}. {Name}

{/}

This is an example of the assets linked to requirements being sorted alphabetically.

{#Assessment.Requirements | collect:'Assets' | sortBy:'Name asc'}

{Name}

{/}

This is an example of multi-field sorting where risks linked to requirements in the assessment are sorted by both their risk ratings and alphabetically.

{#Assessment.Requirements | collect:'Risks'
  | sortBy:'RiskRating desc, Name asc'}

{Name}
{/}

The custom filter sortByPriority will sort linked issues by Immediately, High, Medium and Low. In this example, we loop through all issues linked to requirements by descending priority.

{#Assessment.Requirements
   | collect:'Issues&incidents'
   | sortByPriority:'desc'}

Issue: {Name}
Priority: {Priority}

{/}

Sorting works independently and in conjunction with filtering and grouping.

Generating reports using the template

Once you are happy with the advanced tags, upload the report template and click on Generate report - advanced to generate and download a new report using the template.

To learn more about the assessment report generator, head here.