A common threshold range criteria must be established for assessment, finding, and risk objects. When assessments are run, risk scores are derived according to the scale that has been defined for a range. Before running an assessment, ensure that the threshold range is configured to meet the auditing guidelines and policies of the assessment objectives.
Each configuration range allows the user to adjust the threshold range by specifying the numeric value, unique name, color, and the option to display text or a numeric score.
In order to adjust the configurations, you must have the Tenant Configure permission.
To set up Assessment Configuration:
Open the Vendor Risk Manager.
Go to Configuration > Assessment Configuration.
Click Assessment Risk Scale, then click Edit.
Click + or - to add or remove a threshold range. For any assessment configuration, you can add a minimum of two and a maximum of five threshold ranges.
Optional: Perform any of the following actions:
To modify a range, enter a numerical value in the threshold range field.
To change the threshold display name, enter a name in the Label field.
To assign a color for a threshold, click the Color icon, choose a desired color, and then click Close.
Choose the Text or Score option to display the threshold label or the value for the risk after the assessment is run.
- Click Revert to ignore all changes or click OK to save.
Similarly, set up Entity Compliance Configuration, Individual Risk Scale, and Program Risk Scale.