Configure Exception Management for Container Vulnerability Response

  • Rversion finale: Australia
  • Mis à jour 12 mars 2026
  • 1 minute de lecture

    • Limit the duration of an exception requested and add a questionnaire to the exception or false positive request using the Container Vulnerability Response module. By default, an exception is requested using the ServiceNow® Container Vulnerability Response module. You can also request an exception using the GRC: Policy and Compliance Management integration.

    Avant de commencer

    Role required: sn_vul_container.manage_exception_configuration

    Pourquoi et quand exécuter cette tâche

    If Container Vulnerability Response is enabled, you can limit the duration for which an exception can be requested. Similarly, if the GRC: Policy and Compliance Management module is installed, you can select GRC: Policy and Compliance Management on the configuration screen. Enabling this option lets you request an exception that specifies the Policy and Control objective from GRC.

    If you add a questionnaire, it’s sent to the person raising the exception or false positive request. You can either use the default questionnaire or create one based on your requirements. .

    It’s useful for the exception approver to understand the reason for requesting the exception.

    Procédure

    1. Navigate to All > Container Vulnerability Response > Administration > Exception Management.
    2. On the Exception Management Configuration form, select how you want to manage an exception by selecting an option from the Manage exceptions using list.
      You can select either Vulnerability Response or GRC: Policy and Compliance Management.
    3. If you selected the Vulnerability Response option, enter the following information:
      Tableau 1. Vulnerability Response fields
      Field Description
      Duration Period for which an exception can be requested.
      Unit Unit of time for the specified period.
      Enable questionnaire to mark false positive Option to add a questionnaire to the false positive request being raised.
      Enable questionnaire to request exception Option to add a questionnaire to the exception request being raised.
      Questionnaire to request exception Displays the questionnaire selected by you to request an exception. Exception Questionnaire is displayed by default.
      Remarque :
      When you select GRC: Policy and Compliance Management, the Duration and Unit fields disappear as Governance, Risk, and Compliance handles that flow.
    4. Select Save.