Understanding test result groups

Test result groups represent a set of test results to remediate. Grouping test results has many advantages. You can move test results through the remediation states, mark them under investigation, defer them, mark them resolved in bulk by using groups. You can create conditions to automatically group all results with specified results, technologies, risk scores, and any other data related to the test results. Test results can belong to more than one test result group giving you the flexibility to actively work with one group and monitor another. It all depends on your organizational needs. For example, you could group by assignment, and also create a group containing technologies.

From a test result group, the group of test results may be assigned to a user, deferred until later, used to create a Change Request, and so on.

When it is determined that a new test result can be added to a group, the test result is included in the Test Results related list of the test result group.

When updating the state of a test result group, associated test results can have their state updated to match this test result group. See Configuration Compliance states for more information on state changes.

Understanding test result group rules

Test result group rules allow you to define how test results are automatically grouped and assigned. A default rule, Assignment group, Test, is included in the base system grouping test results based on a test result Assignment group and the Test field. This rule is disabled, by default. You can group by any other set of values in columns accessible from the test result. You can use up to six keys and any number of conditions. See Create or edit Configuration Compliance test result group rules for more information.

For example, you can group your test results by assignment group or technology and configuration item (CI). A different set of rules can be used for test results that expose the company to more risk. You can have one group rule for low severity or low risk CIs. You can have another group rule for critical servers, and controls with exploits — test results that expose the company to more risk. See Test Results fields for more information on available fields.

When a new test result is imported, or reopened after being closed, the test result group rules are evaluated against it. A test result is only evaluated once, unless it is reopened after being closed.

Group rules are evaluated after CI matching, risk score calculations, and assignment rules.

More than one test result rule can be defined, to group different kinds of results. Since each result is compared with the rule conditions before putting it in a group, too many rules may have a performance impact.

When a group rule is deleted, you have the option to delete all open groups created by the rule. This applies to both the rule form view and list view.

When a test result group assignment is made or changed, the Assignment group and the Assigned to fields roll down to all test results, except for those where the test result has a different assignment group than the TRG. For more information on assignment rules, see Configuration Compliance assignment rules overview. These assignments are used automatically for this group on the next import.