-
Notifications
You must be signed in to change notification settings - Fork 3
User Documentation
If you are an auditor, once you log in, the Edit NAI Audit Details screen will display, showing all of the vulnerabilities for the selected application that:
- Have a remediation status (also called review status) set to "not an issue" (NAI) (the actual remediation status value that means NAI depends on how your system is configured), OR
- Have been audited before (have an NAI Audit Status other than "unreviewed").
To approve one or more NAI decisions, select those records (using the checkboxes in column 1), change NAI Audit Status to Approved, enter a comment, and click Save.
To reject one or more NAI decisions, select those records (using the checkboxes in column 1), change NAI Audit Status to Rejected, enter a comment, and click Save. Because only those vulnerabilities marked NAI appear on this screen, the records you reject will disappear from this view after you click Save.
When you change a vulnerabilty's NAI Audit Status to Rejected, the following changes will be made to the remediation data for that vulnerability:
- The remediation status will be changed to Unreviewed.
- The target and actual remediation dates will be cleared.
If you are an end user, once you log in, the Edit Application Details screen will display, enabling you to edit one or more attributes on the selected application. Enter or edit the attribute value(s), and click Submit to save.