Creating a Priority

PreviousPriorities Components NextLinking Findings and Assets

Last updated 2 months ago

Was this helpful?

Creating a Priority

Step 1: From the Priorities module home page, click Create Priority.

Step 2: If client-level priorities are enabled, select a client by scrolling through the list or using the search box to filter. When the client is found, click Select.

If only tenant-level priorities are enabled, the user will go directly to Step 4.

Step 3: Click Next.

Step 4: Enter a priority name and additional information into the fields on the page.

Priority (required): The title of the priority.
Status: The status of the overall priority.
Severity: The severity of the overall priority.
Priority author: This value auto-populates with the user's email who created the priority. Another email can be selected by clicking within the box and choosing from the pulldown menu.
Priority owner: The priority owner. Select the priority owner(s) by clicking within the box and choosing from the pulldown menu.
Identification date: This is the date that the priority was identified. The priority may have been determined or observed at a prior date.
Priority description: An RTF field to enter the description of the priority.
Recommendation: An RTF field to enter a recommendation for remediating the priority. A recommendation is the ideal advice or guidance to address a particular issue or concern. It suggests a best practice or a course of action to help prevent or mitigate security risks.
Treatment: An RTF field to enter a treatment of the priority. Treatments are the remediation taken, often not the ideal recommendation due to resource and time constraints.
Treatment owners: A list of owner(s) who will own the priority treatment.
Tags: Enter any tags associated with the client (new or existing). Any special characters will be removed, and any spaces will be replaced with an underscore (_).
Target remediation date: Identifies the ideal date on which findings for the priority will be resolved. Place the cursor in the field box to select a date from the calendar.
Actual remediation date: Identifies the date that the priority was remediated. Place the cursor in the field box to select a date from the calendar.
Likelihood (score): Select a number from one to ten to denote the probability that the findings and assets in this priority will result in malicious actions.
Impact (score): Select a number from one to ten to denote the effects of malicious actions on the findings and assets in this priority.
Priority score: This value is the product of the two factors (likelihood and impact values) entered previously.
Reason for score: This field allows for an explanation for others on the rationale for entering the values used for the priority score.

Step 5: Scroll back to the top of the page and click Save.

The information entered is presented on the priority details page.

This page is the Details tab view, which is reached by clicking View under the "Actions" column in the row of an existing priority on the Priorities module home page.

PreviousPriorities Components NextLinking Findings and Assets

Last updated 2 months ago

Was this helpful?

Step 1: From the Priorities module home page, click Create Priority.

Step 2: If client-level priorities are enabled, select a client by scrolling through the list or using the search box to filter. When the client is found, click Select.

If only tenant-level priorities are enabled, the user will go directly to Step 4.

Step 3: Click Next.

Step 4: Enter a priority name and additional information into the fields on the page.

Priority (required): The title of the priority.
Status: The status of the overall priority.
Severity: The severity of the overall priority.
Priority author: This value auto-populates with the user's email who created the priority. Another email can be selected by clicking within the box and choosing from the pulldown menu.
Priority owner: The priority owner. Select the priority owner(s) by clicking within the box and choosing from the pulldown menu.
Identification date: This is the date that the priority was identified. The priority may have been determined or observed at a prior date.
Priority description: An RTF field to enter the description of the priority.
Recommendation: An RTF field to enter a recommendation for remediating the priority. A recommendation is the ideal advice or guidance to address a particular issue or concern. It suggests a best practice or a course of action to help prevent or mitigate security risks.
Treatment: An RTF field to enter a treatment of the priority. Treatments are the remediation taken, often not the ideal recommendation due to resource and time constraints.
Treatment owners: A list of owner(s) who will own the priority treatment.
Tags: Enter any tags associated with the client (new or existing). Any special characters will be removed, and any spaces will be replaced with an underscore (_).
Target remediation date: Identifies the ideal date on which findings for the priority will be resolved. Place the cursor in the field box to select a date from the calendar.
Actual remediation date: Identifies the date that the priority was remediated. Place the cursor in the field box to select a date from the calendar.
Likelihood (score): Select a number from one to ten to denote the probability that the findings and assets in this priority will result in malicious actions.
Impact (score): Select a number from one to ten to denote the effects of malicious actions on the findings and assets in this priority.
Priority score: This value is the product of the two factors (likelihood and impact values) entered previously.
Reason for score: This field allows for an explanation for others on the rationale for entering the values used for the priority score.

Step 5: Scroll back to the top of the page and click Save.

The information entered is presented on the priority details page.

This page is the Details tab view, which is reached by clicking View under the "Actions" column in the row of an existing priority on the Priorities module home page.