Approval required in between state change of Vulnerable item
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ā02-01-2024 12:33 AM
When transitioning a vulnerable item to the 'Awaiting Implementation' state, it is assigned to the asset's managed by groups. Under default setting, no approval is necessary for changing the state. The requirement is that during changin the state to 'Resolve' approval is required from any one of the member of the assignment group for auditing purposes. In the event of rejection, the vulnerable item should be redirected to the 'Open' state. Assistance is requested to implement this
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ā02-01-2024 12:36 AM
When transitioning a vulnerable item to the 'Awaiting Implementation' state, it is assigned to the asset's managed by groups. Under default setting, no approval is necessary for changing the state. The requirement is that during changin the state to 'Resolve' approval is required from any one of the member of the assignment group for auditing purposes. In the event of rejection, the vulnerable item should be redirected to the 'Open' state. Assistance is requested to implement this.
Almost similar process that is used for vulnerability Item "Mark As False Positive" process.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ā02-02-2024 09:52 AM
Hello Saptarshiamc,
I would recommend reconsidering adding approvals for the different states of the vulnerable item. The VR process scales beyond what is feasible via human interaction. My recommendation would be to utilize your vulnerability scanner as much as possible and allow it to determine whether the fix has been implemented and close out the vulnerable item automatically.
If approvals are required for auditing visibility, you are able to launch and link the vulnerable item/remediation tasks to the ServiceNow Change Management module. I would believe that your approvals can be best captured there.
If you must proceed in this manner, I believe the approval rules in the VR module is able to handle these state change requests, however it would only return the vulnerable item to the previous state rather than the 'Open' state. To make this further change, it would require custom scripting to overwrite the ootb system.
