Life cycles of remediation efforts, remediation tasks, and records in the Vulnerability Response Workspaces

  • Release version: Washingtondc
  • Updated February 1, 2024
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Life cycles of remediation efforts, remediation tasks, and records in the Vulnerability Response Workspaces

    This document outlines the life cycles of remediation efforts, remediation tasks, and records within the Vulnerability Response Workspaces. It details how the states of records and their associated remediation tasks are affected by actions such as deferring, resolving, reopening, and transferring records between remediation efforts.

    Show full answer Show less

    Key Features

    • Roles Required: Specific roles are needed for different vulnerable items, including vulnerability analysts, application security managers, and configuration test results administrators.
    • Creating Remediation Efforts: Remediation efforts can be created via the "Create a Remediation Effort" option, with the ability to set up one recurring effort per watch topic. Only active records are included in these efforts.
    • Transferring Records: Records can be transferred between remediation efforts, affecting how tasks are created in new efforts based on the chosen grouping criteria.

    Key Outcomes

    By understanding and applying these processes, ServiceNow customers can effectively manage vulnerabilities and streamline remediation efforts. This enables improved tracking and resolution of vulnerabilities while ensuring that records are organized according to their status and the needs of the organization.

    The states of records and their associated remediation tasks (RTs) are impacted if records are deferred, resolved, reopened, and transferred to other remediation efforts (REs).

    Roles required:
    • sn_vul.vulnerability_analyst, or sn_vul.vulnerability_admin for host vulnerable items (VITs)
    • sn_vul.app_sec_manager for application vulnerable items (AVITs)
    • sn_vul_container.vulnerability_analyst or sn_vul_container.vulnerability_admin for container vulnerable items (CVITs)
    • sn_vulc.admin for configuration test results (TRs)

    Creating remediation efforts

    How the states and life cycles of remediation efforts, remediation tasks, and records are impacted depends on how a remediation effort is created, when it’s created, and if it’s deactivated.

    From the list in the upper right on a watch topic, you can create a remediation effort by clicking Create a Remediation Effort or Create recurring effort. You can create one recurring remediation effort per watch topic. If you create a recurring remediation effort, subsequent remediation efforts for the associated watch topic are created automatically based on the criteria you set. In either case:

    • To facilitate remediation, only Active records are added to the remediation efforts.
    • All records in new remediation efforts are placed in new remediation tasks. Records can exist in multiple remediation tasks, but only one record can be associated with a remediation effort.
    Note:
    A Remediation Effort is deactivated automatically when there are no active records.

    Transferring records or record carry over

    You can transfer records from one remediation effort to another when creating a remediation effort by selecting the Transfer matching records from other active remediation efforts check box. For more information on how to transfer the records, see Transfer records to remediation efforts in the Vulnerability Manager Workspace. If records are transferred from a remediation effort or carried over into recurring remediation efforts:

    To a new remediation effort in the same watch topic
    • All Remediation Tasks from the old Remediation Effort are moved to the new Remediation Effort.
    • New Remediation Tasks are created based on the chosen grouping criteria for the records previously not part of any Remediation Task.
    • The old Remediation Effort is deactivated.
    To a new remediation effort in a different watch topic
    All the records from the old Remediation Effort are moved to the new Remediation Effort and Remediation Tasks are created based on the chosen grouping criteria.
    • If all records in the Remediation Tasks associated with the old Remediation Effort are transferred, these Remediation Tasks are closed-canceled.
    • If only a subset of records are transferred, the Remediation Tasks associated with the old Remediation Effort are split and remain active.
    The closed Remediation Tasks associated with old Remediation Effort are not affected.
    Note:
    You can’t transfer records from recurring remediation efforts into new remediation efforts. However, you can transfer records from existing, non-recurring remediation efforts into new remediation efforts. See Transfer records to remediation efforts in the Vulnerability Manager Workspace for more information about transferring records.