Remediation target rule fields

  • Release version: Zurich
  • Updated December 3, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Remediation Target Rule Fields

    Remediation target rules are essential for defining how timelines for remediation of findings are calculated and maintained in ServiceNow. Administrators can set base target dates and manage the recalculation behavior based on changes in risk ratings, ensuring timely responses to vulnerabilities.

    Show full answer Show less

    Key Features

    • Name: Identifies the rule.
    • Target (days): Specifies the number of days for remediation since the item was last opened.
    • Target from (date): Sets the starting point for SLA calculations, defaulting to the last opened date.
    • Active: Marks the rule as active; if unchecked, it does not apply to new vulnerable items.
    • Notify (days before due): Determines how many days before the due date a notification is sent, affecting remediation status indicators.
    • Description: Provides textual details about the rule.
    • Condition: Defines criteria for applying the rule to vulnerable items, with the need for performance testing in production.
    • Recalculate target date: Outlines methods for updating the remediation target date when risk ratings change, with options to include overdue items.
    • Notifications: Specifies who receives notifications regarding remediation timelines.
    • Update History: Tracks system work notes related to rule updates.

    Key Outcomes

    By effectively utilizing remediation target rules, ServiceNow customers can ensure timely remediation of vulnerabilities, improve response management, and maintain compliance with security policies. Proper configuration of these rules enhances visibility into remediation statuses and aids in proactive risk management.

    Use remediation target rules to define how remediation timelines are calculated and maintained for findings. Administrators can configure base target dates and recalculation behavior when risk ratings change. The following table describes all fields available in the remediation target rule form.

    Field Description
    Name Name of the rule.
    Target (days) Number of days within which the vulnerable items should be remediated, since last opened.
    V17.1: Target from (date) Date from when the target SLAs are computed. You can specify only the date or the date and time type fields. Default value is Last opened date. To customize the values for this field, see KB1642413.
    Active Option to mark the remediation target rule as active. If this check box is cleared, this rule doesn’t apply to new vulnerable items created in the system.
    Notify (days before due) Number of days prior to the targeted remediation time for a notification to be sent. The notification date calculated using this value is used to show the remediation status and color coding. If the date is before the notification date, the remediation status is “In flight.” If it’s past the notification date and before the remediation target date, the status is shown as approaching target.
    Note:
    If this field is set to 0, only a Target Missed notification is sent.
    Description Text describing the remediation target rule.
    Condition Using the condition filter, select the criteria for applying the rule to the vulnerable items. To prevent performance impact, test your conditions at full production scale. Testing enables you to determine how long the Evaluate remediation targets job takes to execute, given the conditions and the size of your Configuration Management Database (CMDB).

    Case sensitivity for the search text you enter in the condition builder isn’t supported on this record or form.
    Recalculate target date
    Recalculation method Method for recalculating the remediation target (RT) date when a vulnerable item’s risk rating changes. You can choose to retain the existing target date, reset it based on the latest risk change date, or reset it to the earliest applicable date. By default, recalculation applies only to items that aren’t overdue at the time of the risk rating change. To include overdue findings in the recalculation, enable the sn_sec_cmn.evaluate_targetmissed_records property. For more information, see Recalculate a remediation target date.
    Notifications
    Note:
    The count shown in the notification email doesn’t include vulnerable items in the Deferred, Resolved, or Closed state.
    Users People to notify when the selected vulnerable item is approaching or passes its targeted remediation target time.
    Group Group to notify when the selected vulnerable item is approaching or passes its targeted remediation target time.
    Update History
    Unused for initial creation of a rule. Subsequently, system work notes are logged here.