0
30.4.3
Australia, Zurich, Yokohama, Xanadu
Standalone Application
Teams can now request both risk increases and risk decreases through the Compensating Controls workflow. Previously, only risk reductions were supported, limiting teams who needed to adjust risk ratings upward as part of their exception management process.
-
Request a risk rating change in either direction — increase or decrease — from a single workflow
-
The risk change request is clearly labeled and categorized (Risk Increase, Risk Reduction, or Risk Change) on the approval record
-
The risk rating dropdown only shows ratings other than the current one, preventing accidental no-change submissions
-
Approved risk increases are applied consistently and the original score is preserved for audit purposes
- Fixed
- Framework changes for compensating control risk reduction and risk increase in compensating controls.
Permissions and roles:
- Role required:
- System Admin (admin) or Vulnerability Admin (sn_vul.vulnerability_admin) for VR.