With an assessment of an observation the user can change two attributes of an observation:
- The severity given by the parser must not necessarily match the severity of the observation for the current product.
- All observations have initially the status
Open. The result of an investigation how to deal with the observation might say, the observation must not be fixed because it is ...
In reviewand needs further investigation.
- ... already
Resolved. You have to be aware that the observation will be set back to
Openif it will be found in a subsequent import.
- ... a
Duplicateof another observation.
- ... a
False positivethat has been detected by the scanner wrongly.
Risk accepted, a decision that a breach because of that observation can be managed.
- The system is
Not affectedbecause the observation has been mitigated by a measure.
The dialog to enter the assessment can be opened when showing the observation:
In the assessment dialog the user can change either the severity and/or the status and has to enter a mandatory comment to explain the change:
A new entry with the changed values is stored in the
Observation Log after the assessment has been saved.