Remediation Task User Permissions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-24-2022 02:03 PM
Hey all,
We been live with Vulnerability Response in our environment for 4 months now. Remediation Users like to fill in the work notes and then change the assignment group back to us (Vuln Admins) so that we get the message. This ends up skewing the numbers in our KPI's/Metric dashboards in performance analytics. I don't believe users besides vuln admins should have the permission to reassign remediation tasks which are created by our vulnerability group rules anyway. Am I missing something with this thinking that we shouldn't be treating remediation tasks like an incident in service now? Thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-25-2022 03:11 AM
Hi
We got our Service Now Admins to change this functionality. So End users can't assign it back to us, they can assign it to another group (for example if the other group can Remediate). We had the same issue that assigning it back to us messed up the Metrics.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-25-2022 05:20 AM
Hey @Dommer,
just a suggestion from my side is to take a look at the watch list functionality.
Watch lists allow multiple users to subscribe to notifications of a task.
So rather then re-assigning the whole Remediation Task to the sn_vul.admin, it would potentially be enough to put him on the watch list.
This field is available on all tables extended from task, so it is available on the remediation task, but you have to make it visible first.
By adding admins to the watch list rather than re-assigning we can avoid messing up the metrics.
Hope this gives some information.
