manage_compliance_assessments
Conduct compliance assessments against frameworks like HITRUST, ISO27001, and SOC2 to generate detailed regulatory adherence and security control reports.
Instructions
Conduct compliance assessments and generate detailed reports on regulatory adherence and security controls.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| action | Yes | Compliance assessment action | |
| assessmentId | No | Assessment ID for tracking | |
| framework | Yes | Framework to assess against | |
| scope | Yes | Assessment scope | |
| settings | No | Assessment settings |
Implementation Reference
- Main handler function implementing the manage_compliance_assessments tool. Handles actions: create, execute, get_results, schedule, cancel compliance assessments.// Compliance Assessment Handler export async function handleComplianceAssessments( graphClient: Client, args: ComplianceAssessmentArgs ): Promise<{ content: { type: string; text: string }[] }> { let result: any; switch (args.action) { case 'create': // Create new compliance assessment const assessmentId = `assessment-${Date.now()}`; result = { id: assessmentId, framework: args.framework, scope: args.scope, settings: args.settings, status: 'created', createdDate: new Date().toISOString() }; break; case 'execute': if (!args.assessmentId) { throw new McpError(ErrorCode.InvalidParams, 'assessmentId is required for execute action'); } // Execute assessment result = await executeAssessment(graphClient, args.assessmentId, args.framework); break; case 'get_results': if (!args.assessmentId) { throw new McpError(ErrorCode.InvalidParams, 'assessmentId is required for get_results action'); } result = await getAssessmentResults(graphClient, args.assessmentId); break; case 'schedule': result = { assessmentId: args.assessmentId, scheduledDate: args.settings?.scheduledDate, status: 'scheduled', message: 'Assessment scheduled successfully' }; break; case 'cancel': result = { assessmentId: args.assessmentId, status: 'cancelled', message: 'Assessment cancelled successfully' }; break; default: throw new McpError(ErrorCode.InvalidParams, `Invalid action: ${args.action}`); } return { content: [{ type: 'text', text: JSON.stringify(result, null, 2) }] }; }
- src/tool-definitions.ts:407-413 (schema)Zod schema defining input parameters for the manage_compliance_assessments tool, used for validation in MCP server registration.export const complianceAssessmentSchema = z.object({ action: z.enum(['create', 'update', 'execute', 'schedule', 'cancel', 'get_results']).describe('Compliance assessment action'), assessmentId: z.string().optional().describe('Assessment ID for tracking'), framework: z.enum(['hitrust', 'iso27001', 'soc2']).describe('Framework to assess against'), scope: z.record(z.string(), z.unknown()).describe('Assessment scope'), settings: z.record(z.string(), z.unknown()).optional().describe('Assessment settings'), });
- src/server.ts:920-938 (registration)MCP server tool registration for manage_compliance_assessments, mapping name to handler function with input schema and annotations.this.server.tool( "manage_compliance_assessments", "Conduct compliance assessments and generate detailed reports on regulatory adherence and security controls.", complianceAssessmentSchema.shape, {"readOnlyHint":true,"destructiveHint":false,"idempotentHint":true}, wrapToolHandler(async (args: ComplianceAssessmentArgs) => { this.validateCredentials(); try { return await handleComplianceAssessments(this.getGraphClient(), args); } catch (error) { if (error instanceof McpError) { throw error; } throw new McpError( ErrorCode.InternalError, `Error executing tool: ${error instanceof Error ? error.message : 'Unknown error'}` ); } })
- TypeScript interface defining the structure of arguments for compliance assessments, used by the handler.export interface ComplianceAssessmentArgs { action: 'create' | 'update' | 'execute' | 'schedule' | 'cancel' | 'get_results'; assessmentId?: string; framework: 'hitrust' | 'iso27001' | 'soc2'; scope: Record<string, unknown>; settings?: Record<string, unknown>; }
- src/tool-metadata.ts:176-179 (schema)Tool metadata including description, title, and annotations (readOnlyHint, destructiveHint, etc.) for manage_compliance_assessments.manage_compliance_assessments: { description: "Conduct compliance assessments and generate detailed reports on regulatory adherence and security controls.", title: "Compliance Assessment Tool", annotations: { title: "Compliance Assessment Tool", readOnlyHint: true, destructiveHint: false, idempotentHint: true, openWorldHint: true }