Starting with version 18.0, you can request the policy exceptions for host vulnerable items (VIs), application vulnerability items (AVITs), remediation tasks (VULs), and application remediation tasks (AVULs) from the IT Remediation Workspace.
Before you begin
Role required: sn_vul.remediation_owner, sn_vul.app_security_champion, sn_vul_container.remediation_owner, or
sn_vulc.admin
About this task
Starting with version 19.0 of Vulnerability Response, you can request policy exceptions for test result groups (TRGs), container vulnerability items (CVITs) and their Remediation Tasks also.Note: Starting with v19.0 of
Vulnerability Response, the following terms have been renamed:
Table 1. Changes in terminology
| Terminology prior to v19.0 |
Terminology v19.0 onwards |
| Test Result Groups |
Remediation Tasks |
| Configuration Issues |
Configuration Test Results |
| Policy |
Test group |
Procedure
-
Navigate to .
-
In the application navigator, select the list icon (
).
-
On the List page, under Host Vulnerable items, Application Vulnerable items, or Remediation Tasks, select the record that you want to request an exception for.
The record that you select must be in the Open, Under investigation, or Awaiting implementation state.
-
Select the Request Exception button.
-
On the form, fill in the fields.
-
Select Request Exception.
-
On the Take Questionnaire modal, answer the questions to provide additional information about your request and select Submit.
Note: The Take Questionnaire modal appears only when the questionnaire details are added to the respective integration registry.
A message appears that your request is successfully submitted for approval.
For more information on the Policy Exception Integration and the hand-off between the remediation owner and the compliance manager, see Policy and Compliance Management optional setup.