A common threshold range criteria must be established for assessment, finding, and risk objects. When assessments are run, the vulnerability scores are derived according to the scale that has been defined for a range. Before running an assessment, ensure that the threshold range is configured to meet the auditing guidelines and policies of the assessment objectives.
Each configuration range allows the user to adjust the threshold range by specifying the numeric value, unique name, color, and the option to display text or a score.
In order to adjust the configurations, you must have the Tenant Configure permission.
To set up Assessment Configuration:
Open the Compliance Manager.
- Go to Configuration > Assessment Configuration.
The Assessment Configuration tab. - Select Assessment Risk Scale, then click Edit.
The Configure Threshold dialog. - Click + or – to add or remove a threshold range. For any assessment configuration, you can add a maximum of five threshold ranges. At a minimum, any configuration range contains two threshold ranges.
- Optional:
To modify a range, enter a numerical value in the threshold range field.
- To change the threshold display name, enter a name in the Label field.
- To assign a color for a threshold, click the Color icon, choose the desired color, and click Close.
- Choose the Text or Score option to display the threshold label or the value for the risk after the assessment is run.
- Click Revert to ignore all the changes or click OK to save the configuration.
Similarly, set up Entity Compliance Configuration, Individual Risk Scale, and Program Risk Scale.
