Removing assignments from Application Vulnerability Response vulnerable items and remediation tasks

  • Release version: Xanadu
  • Updated May 30, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Removing Assignments from Application Vulnerability Response Vulnerable Items and Remediation Tasks

    In ServiceNow’s Application Vulnerability Response, users can unassign themselves or their groups from vulnerable items (AVITs) and remediation tasks (AVULs) when they determine the records are incorrectly assigned or outside their scope. This process can be executed directly from the respective records in both classic and workspace views.

    Show full answer Show less

    Key Features

    • The Unassign button is available on AVIT and AVUL records that are not in Closed or Resolved states.
    • Approval requests for unassigning can be sent and are managed within the system.
    • Bulk unassigning is possible by selecting multiple AVITs and using the Bulk Edit function.
    • System properties allow customization of the approval process and assignment group notifications.

    Key Outcomes

    Once the unassign request is approved, all associated fields for AVITs under the same assignment group will be cleared. This enhances workflow efficiency by ensuring that only relevant vulnerabilities are assigned to the appropriate teams. Users can also streamline future assignments by configuring system properties to redirect unassigned records to specific groups, thereby ensuring proper oversight and management.

    You can clear the Assigned to and Assignment group fields on Application Vulnerability Response vulnerable items directly from the application vulnerable item and remediation task records that you determine might be incorrectly assigned to you or your groups.

    Overview for the workflow

    If you determine that Application Vulnerability Response vulnerable items (AVITs) and remediation tasks (AVULs) aren't within your scope for remediation, or if you think that records have been incorrectly assigned to you or to your groups, you can remove yourself or your groups from the Assigned to and Assignment group fields on AVIT and AVUL records.

    The unassign workflow is supported in the classic and workspace views for AVITs and AVULs.

    You have the option to send requests to clear the assignment fields for approval. See Approve or reject an unassign request in Vulnerability Response for more information.

    • The Unassign button is displayed on AVIT and AVUL records in any state other than the Closed or Resolved.
    • After the request to clear the fields is approved, all the Assigned to and Assignment group fields on the AVITs that are associated with an AVUL that have the same assignment group are also unassigned. If any application vulnerable item has a different assignment group than its associated remediation task, it is not unassigned. In most cases these application vulnerable items have been manually assigned. See Removing assignments from vulnerable items and remediation tasks for more information.
    • Any records that you update with either the UI action or manually are displayed on the Unassigned module for Application Vulnerability Response.
    • You can clear the assignment fields for multiple AVITs on a list. After you select the AVITs and select Bulk Edit, on the dialog that is displayed, select the Unassign check box.

    See Remove assignments from vulnerable items and remediation tasks for more information about the steps for how to clear the assignment fields.

    System properties and approval notifications

    If a remediation owner selects Unassign on a record, by default, the sn_vul.unassign_vr.approval_required system property triggers the approval flow and creates a state change approval record in the Review state, and the request is routed for approval. The request is displayed on the My Approvals list for users with the sn_vul_.unassign_approver.

    Note:
    As a vulnerability administrator [sn_vul.vulnerability_admin], you can set the sn_vul.unassign_vr.approval_required system property to false to disable the approval process.

    Additionally, you can change the value in the sn_vul.default_assignment_group system property so if the assignment fields are cleared, a specific group is assigned. For example, if a user clicks Unassign on a record and you want to redirect it to a specific group for review, you can add the system ID for the group of your choice in the value field of the system property.

    Note:
    If you change this value, notifications for all the VITs, AVITs, and CVITs that are unassigned are sent to the group you specify.

    See Removing assignments from vulnerable items and remediation tasks for more information about changing the system properties.