Removing assignments from findings and remediation tasks

  • Release version: Zurich
  • Updated July 31, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Removing assignments from findings and remediation tasks

    ServiceNow Zurich release enables remediation owners and vulnerability analysts to remove themselves or their groups from the Assigned to and Assignment group fields on findings and remediation tasks if they were incorrectly assigned. This unassignment helps reroute records that fall outside their responsibility to the appropriate owners.

    Show full answer Show less

    Use case

    The Unassign option is used when a finding or remediation task is irrelevant to your scope or was mistakenly assigned. Unassigning facilitates proper ownership and task management within vulnerability and remediation workflows.

    How to unassign findings and remediation tasks

    • You can unassign records in any state except Closed or Resolved using the Unassign button or the More options menu.
    • Supported records include remediation tasks and findings.
    • Unassigning a remediation task also unassigns all associated findings with the same assignment group.
    • Findings or tasks assigned to different groups than the remediation task remain assigned to their groups, as they are likely manually assigned.
    • Unassigned records appear in the Unassigned module for easy tracking.

    Approval workflow and system properties

    • By default, unassigning triggers an approval workflow if the system property snvul.unassignvr.approvalrequired is set to true.
    • If approved, the Assigned to and Assignment group fields are cleared, Assignment type is set to Unassigned, and the record may be reassigned to a default group defined by snvul.defaultassignmentgroup, with notifications sent.
    • If rejected, the reason is recorded in the Notes tab.
    • As a vulnerability administrator, you can disable approval workflows by setting snvul.unassignvr.approvalrequired to false, redirect unassigned records to a specific group by setting the sysid in snvul.defaultassignmentgroup, and manage notifications via the Unassign notification user group.
    • The Assignment type field (Manual, Rule, or Unassigned) tracks how the record was last assigned and is visible on both record and list views.

    Monitoring unassignments with scheduled jobs

    • A daily scheduled job named "Reassignment count for assignment rules" tracks unassigned records to evaluate assignment rule effectiveness.
    • This job counts findings reassigned to Unassigned, manually unassigned records, and system-unassigned records.
    • Counts are displayed in the Assignment Rules list under Manual items count and Unassigned items count columns.
    • To view these counts, navigate to Security Exposure Management Workspace > Administration > Review on the Assignment rules tile, then select Assignment and add reassignment columns via the gear icon.
    • Each reassigned record retains a reference to the original assignment rule, helping identify rules that may require adjustment.

    You can remove yourself or your group from the Assigned to and Assignment group fields on findings and remediation tasks if you believe they were incorrectly assigned.

    Overview of the workflow

    Remediation owners and vulnerability analysts can unassign records using the Unassign UI action. This helps route records that are outside their scope to the appropriate owners.

    Use case

    Use the Unassign option when a finding or remediation task is not relevant to your scope or was mistakenly assigned to you or your group.

    Unassigning from findings and remediation tasks

    You can unassign records in any state except Closed or Resolved, using the Unassign button or the More options menu (Vertical dots).

    Supported Records:
    • Remediation tasks: When a remediation task is unassigned, all associated findings with the same assignment group are also unassigned.
      Note:
      Items with a different assignment group than their remediation task are not unassigned, as they are likely manually assigned.
    • Findings: Records unassigned manually or via UI appear under the Unassigned module.

    Any records that you update assignments for with the UI action or manually are displayed on the Unassigned module.

    Approval workflow and system properties

    By default, unassigning a record triggers an approval workflow if the system property sn_vul.unassign_vr.approval_required is set to true. This generates an approval request that appears under My Approvals. If approved:

    • The Assigned to and Assignment group fields are cleared.
    • The Assignment type is set to Unassigned.
    • The record can be optionally reassigned to a group defined in sn_vul.default_assignment_group.
    • Notifications are sent to the new group.

    • If rejected, the reason appears in the Notes tab.

    As a vulnerability administrator, you can:

    • Disable approvals by setting sn_vul.unassign_vr.approval_required to false.
    • Redirect unassigned records to a specific group by setting its sys_id in sn_vul.default_assignment_group.
    • Manage notifications using the Unassign notification user group if no default group is set.

    The Assignment type (Manual, Rule, or Unassigned) helps identify how a record was last assigned. When unassigned, this field is set to Unassigned and is visible on both the record and list views.

    Monitoring unassignments with scheduled jobs

    A daily Reassignment count for assignment rules scheduled job tracks unassigned records to assess assignment rule effectiveness. This job counts:

    • Findings reassigned to Unassigned.
    • Manually unassigned records.
    • System-unassigned records

    These counts appear in the Assignment Rules list under the following columns:

    • Manual items count
    • Unassigned items count
    To view reassignment counts:
    1. Navigate to Workspaces > Security Exposure Management Workspace.
    2. Select Administration in the navigation pane.
    3. Select Review on the Assignment rules tile.
    4. On the Rules page, select Assignment in the navigation pane.
    5. Use the gear icon to add both reassignment columns to the list view.

    Each reassigned record retains a reference to its original assignment rule. The list view displays reassignment counts for each assignment rule, helping you identify rules that may need adjustment.

    The following example shows reassignment counts for two assignment rules.

    Reassignment counts for two assignment rules for Vulnerability Response VITs.