Here.

Tried to do the simplest calculator I could think of.

That looks correct. Very weird that it's not working. I'm at a lost as well but will let you know if I think of anything else to try. I would also open a support ticket since it doesn't appear to working. Hopefully someone else in the community has suggestions while you wait for a response from support.

Hey there - darn, you bumped into a notable easter egg 😉 

We had an older Community Post on this but seems it is archived or I was just not able to find it by searching...

How are you setting the Service on the SIR record?   Are you setting the Service by hand - or are you picking a CMDB_CI value, for that Service to populate with some logic?

Wrinkle we had before was around the Order of the Business Rules that run on the SIR Table. 

--> There is a separate Business Rule on the SIR table that sets the Business Impact - and possibly it's fighting with the value you are setting in the Security Incident Calculator
   - Biz Rule for SIR Calculator (Name = Calculate Severity, Order = 40, BEFORE)
   - Biz Rule for Business Impact (Name = Calculate Business Impact, Order = 100, BEFORE)

Sorry. Was busy and had to come back to this.

Manually. So it is my understanding that there may be business rules running that is fighting with my calculator? I'd have to check.

I also modified the one for users so it grabs the department and calculates the risk down. That one doesn't take at all.  It takes the one I created, and I disabled the severity calculator script include one. 

So maybe it would be a good idea on a brand new implementation to check the business rules and OOTB calculators and see how one influences the other? I like the idea of the risk score on a SI based on factors, but if it's too much of a hassle I don't know how that will work with clients / devs. IMO.