ITAM Health Check

Fatima S Sayyed · ‎05-16-2024

Does anyone know/have had any luck in getting rid of scan findings ? How should one mark it as resolved ? I can assign a Task to it, but the task doesn't have a closed state, what is the best way to deal with this ?

#SAM #SoftwareAssetManagement #ITAMHealthCheck

BradP-InnoSolv · ‎05-21-2025

Steps to Resolve or Remove Scan Findings

Assign the Finding:
- Findings are logged in the Scan Finding table.
- Assign them to the appropriate team (e.g., DevOps or platform team) for analysis.
Analyze the Finding:
- Prioritize based on severity (e.g., Priority 1 or 2).
- Determine if the finding is valid or a false positive.
Take Action:
- If valid, create a development story or task to address the issue.
- Update the scan task to “In Progress” while work is ongoing.
Resolve or Mute:
- Once the issue is fixed, set the scan task state to “Resolved.”
- If the finding is not critical or is a false positive, you can mute it:
  - Add a work note explaining why it’s being ignored.
  - Select a mute reason.
  - This prevents the finding from appearing in future scans.
Track and Report:
- Use dashboards to monitor scan results, task statuses, and trends over time.

🛠️ Notes on Tasks and States

If the task you assign doesn’t have a “Closed” state, it’s likely a custom task type or not configured with a full lifecycle.
Consider using Stories or Change Requests instead, which have more robust state transitions.
Alternatively, you can customize the task workflow to include a “Closed” or “Resolved” state if needed.