Vul Response Risk Score being updated to 0 when all VITs are closed within a Remediation Task

dan167
Tera Guru

Hi everyone,

 

Would someone be able to give me some assistance as to why a Risk Score and Risk Rating are updating to Risk Rating of none and Risk score of 0 when all vulnerable items are closed complete? Shouldn't this keep the ratings of the our rollup calculator?

1 ACCEPTED SOLUTION

Eliz Skogquist
ServiceNow Employee
ServiceNow Employee

The consideration is when all vulnerabilities are remediated there is no longer risk, or risk=0.  Unless a detection were found to reopen a VI, in which the risk score would recalculate.  So, even during rollup, as risks get diminished the overall rating will as well diminish.

View solution in original post

1 REPLY 1

Eliz Skogquist
ServiceNow Employee
ServiceNow Employee

The consideration is when all vulnerabilities are remediated there is no longer risk, or risk=0.  Unless a detection were found to reopen a VI, in which the risk score would recalculate.  So, even during rollup, as risks get diminished the overall rating will as well diminish.