Show affected items for a security incident

You can view affected items, such as CIs, affected users, and affected services associated with a security incident.

Before you begin

Role required: sn_si.basic

Procedure

  1. If it is not already open, open the security incident for which you want to view affected items.
  2. Click the Show Affected Items related link.
  3. Click any of the related lists to view or add information for the security incident.
    Tab Description
    Configuration Items Affected configuration items. After affected CIs are identified, you can manually add affected resources from this related list.
    Affected Users After affected users are identified, you can manually add affected users from this related list.
    Affected Services View or add business services associated with the security incident.
    Note: If an affected CI is added after the security incident is opened, it is a good idea to right-click in the form header and select Refresh Impacted Services.
  4. Click any of the following related links to further update the security incident:
  5. When you have completed your entries, click Submit.