You can create an action plan while viewing the risk panels under the Risk - Home dashboard.
To create a remediation plan
Go to the Web console home page by using the following URL:
The default dashboards page is displayed.
Under the Dashboards tab in the left-hand pane, expand the category Risk and click Risk - Home.
The predefined risk panels under the risk dashboard are displayed.
In the panel Top 5 Security Objectives with Maximum Risk, at any level in the drill-down, do one of the following:
Click Orientation Options and select Create Action Plan. Click on the element on which you want to define an action.
In the panel, right-click the element that you want to treat and select Create Action Plan.
The Analyze Risk page is displayed.
Check the assets for which you want to create a remediation plan and click Create Remediation Plan.
The Create Remediation Plan page is displayed.
In the Plan Name field, type a unique name for the plan.
This field is mandatory.
In the Description field, type a description for the remediation plan.
In the Assigned To field, type the name of the user to whom the remediation plan is assigned.
Select a completion date for the security objective from the Complete By date picker.
This date must be later than the current date.
In the Recommended Action field, type a recommended remediation action.
Risk manager displays the values in the fields Security objective, Asset Group, Initiated By, Current Risk Score, and Projected Risk Score.
Click the name of the security objective to view the end-to-end details such as overview, directly scoped assets, and controls.
Under the Risks for Remediation tab, enter the following information:
In the Recommended Action column, type a recommended action to be taken for remediation.
Check the Include Task List check box, to ensure that the remediation steps are also included with the plan.
Select a date from the Complete By drop-down.
This is the completion date for the individual risk item.
This date must be earlier to the completion date of the security objective.
In the Assigned To column, type the name of the user to whom you want to assign the remediation plan.
In the remediation plan is control-based remediation, expand the row to view the tests that are mapped to the controls and their source systems. Click on the test to view the remedy steps.
Select the system to submit the remediation plan from the Submit Via drop-down list. You can select either Email, Symantec Workflow, or Symantec ServiceDesk .
If you select Symantec Workflow, the Select Workflow drop-down list is displayed with a list of available workflows. Select the desired workflow for remediation.
The system that you select overrides the default system that you may have selected under Settings > Risk Management.
Click Save to save the remediation plan.
You can click Replan to go back to the Analyze Risk page.
If you have selected the default remediation system as Symantec Workflow or Symantec ServiceDesk , click Submit to submit the remediation plan.
If you have selected the default system as email, click Next to proceed to the Email Preview page. Preview the email contents and click Submit to send the email.
See Configuring a default system for taking action on risks
See Risk action - Workflow
See About risk action
See Taking action on risks - Exception plan
See Managing remediation plan and exception plan
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
This will clear the history and restart the chat.