Prioritization Workflow

A High-Level Overview of the Workflow

Step-by-Step Instructions

Navigate to Risk Management > Risk Workbench .
Click Start Prioritizing.
Define Scope:
Define scope to enable you to set the business context and drive prioritization:
- Click the desired business entity/entities.
  
  OR
- Click Choose Tags Instead to use asset tags for the prioritization scope.
  Show me the steps to add asset tagsShow me the steps to add asset tags
  1. Click Choose Tags Instead. The Select Tags dialogue box appears.
  2. Select the desired tags and then click Add Tag.
Click Proceed.
Filter Findings:
Decide the prioritization approach to discern and filter the findings requiring immediate attention. To do this effectively, structure the approach based on certain filters :
- Select the system-defined template(Highest Risk Reduction) with default filters.
  
  OR
- Create a custom template.
  Show me the steps to create a custom templateShow me the steps to create a custom template
  1. Click Let Me Decide.
  2. The Filters page appears with three different types of filters:
    - Common Attributes: These filters are common across both the finding types (vulnerabilities and misconfigurations)
    - Vulnerabilities: These filters are only applicable to vulnerabilities.
    - Misconfigurations: These filters are only applicable to misconfigurations.
  3. Expand each filter type and then drag and drop the desired filters to build your custom template.
  4. Click Add.
  5. Click Save as Template if you desire to save this custom template for future use.
  6. In the Save Filter As A Template dialog box, enter the Name and Description of the template and click Save.
  7. The saved template appears on the Select Prioritization Approach page.
Start Prioritization:
Click Prioritize Now.
You can view the various stages of the calculation. Potential TruRisk Reduction Score is calculated for on-demand plans. You get informative status messages during plan recalculations.

The following messages assist you during various stages of the on-demand plan workflow:

While creating an On-Demand Plan:
'Save the updated plan and you will be able to see potential risk reduction once recalculations are complete.'

After Saving the On-Demand Plan:
'Your plan has been saved. Recalculation is in progress, and your updated TruRisk score will appear shortly.'

In the Risk Workbench listing page (during recalculation):
An informational message is displayed for plans where the projected score calculation is still in progress.

While opening a saved plan (pending score calculation):
'Your saved plan is being recalculated. The updated TruRisk score will be available soon.'

Once the calculations are completed, you can view the prioritized findings in the Risk Workbench tab.
View Findings in the Risk Workbench tab.
The prioritized findings data appear.
Take Actions on Prioritized Finding List:
- Filter Using Group By:
  If desired, you can further filter these findings using various Group By options. To do so, click Group By, and use any one of the specified options to group and filter the findings further.
- Download Findings in CSV Format:
  If desired, you can download these findings in CSV format. To do so, click the ellipsis near Save Plan at the top right corner and then click Download Report as CSV.
- Save Prioritization Plan:
  i) Click Save Plan if you want to save the prioritization scope, findings, and filters for future use.
  
  ii) In the Save Prioritization Plan dialog box, enter the name and description of the plan and then click Save.
  
  iii) The saved plan appears on the prioritization listing page on the Risk Workbench tab:
  
  To start prioritization using this plan in the future, simply select the plan and then click Run Now (click >Quick Actions>Run Now)