The Security Requirements section allows you to manually set the entity criticality.
For discovered entities, you can configure a Control Target Profile to automatically set this value.
Criticality is not set when importing vulnerabilities from a saved XML file, even if the vulnerabilities were exported with criticality information. Vulnerabilities can be imported into other entities, and the criticality cannot be assumed.
Clicking on the Refresh button will manually update the confidentiality, integrity, availability and accountability values of the entity.
These settings are used for:
Automatically reassessing entities;
Calculating the simple risk and compliance scores; and
Calculating the Business Criticality score.
To set the criticality rating:
Go to Entities > Entities.
Select a group.
Select an entity, then click Details.
Click the Classification tab, then click Edit.
Select the desired radio button in the Security Requirements section,
Click Save.
Related scores and settings are immediately updated.