The Security Requirements section allows you to manually set the entity criticality.
For discovered entities, you can configure a control target profile to automatically set this value.
Criticality is not set when importing vulnerabilities from a saved XML file, even if the vulnerabilities were exported with criticality information. Vulnerabilities can be imported into other entities, and the criticality cannot be assumed.
Clicking on the Refresh button will manually update the confidentiality, integrity, availability and accountability values of the entity.
These settings are used for:
Automatically reassessing entities;
Calculating the simple risk and compliance scores; and
Calculate the Business Criticality score.
To set the criticality rating:
Go to Entities > Entities.
Select a group, such as My Entities, to display the entities.
Select an entity, then click Details.
Go to the Classification tab, then click Edit.
Go to the Security Requirements section and select the desired radio button.
Click Save.
Related scores and settings are immediately updated.