Users with the Threats and Vulnerabilities Manage permission can create categories, sub categories, and vulnerability compensating controls on the Vulnerability Compensating Controls grid. Vulnerability compensating controls are attached to vulnerabilities in order to mitigate risk, and categories are the containers used to organize the compensating controls or sub categories. As the root page only contains categories, each vulnerability compensating control must belong to a category.
To create a new category:
In the Threat & Vulnerability Manager application, click Vulnerability Compensating Controls in the Content menu.
Click New Category.
Enter a name in the Name field.
Optional: Enter a description in the Description field.
Click Save.
To create a new sub category:
In the Threat & Vulnerability Manager application, click Vulnerability Compensating Controls in the Content menu.
Click the category you wish to add a sub category to to open its Category page.
If desired, a sub category can be added to a pre-existing sub category. There is no limit to the number of sub category levels each category can contain. Select New Sub Category from the More Actions... select list.
- Enter a name in the Name field.
- Optional: Enter a description in the Description field.
- Click Save.
To create a new vulnerability compensating control:
In the Threat & Vulnerability Manager application, click Vulnerability Compensating Controls in the Content menu.
Click one of the available categories to open the corresponding Category page.
Click New Vulnerability Compensating Control.
- Enter a name in the Name field.
- Optional: Enter a description in the Description field.
- Click Save.