As an IT remediation owner, create a change request (CHG) directly from a remediation task (VUL) for all the vulnerable items in the group. Create a change request with pre-populated information that includes the preferred solution to expedite your investigation for vulnerabilities that require manual intervention.

Before you begin

Roles required: For creating a change request: Any user with the itil role. The sn_vul.remediation_owner role is also automatically assigned when the itil role is assigned to a user.

Role required: For approval of change requests: users with itil, admin, sn_change_write, change_manager roles.

About this task

For information about how to create a change request from the Vulnerability Response workspaces, see Create a change request in the IT Remediation Workspace.

To create a change request from the classic environment, follow the steps listed below.

You can create, approve, implement, review, and close change requests directly from a remediation task. You can create three types of change requests with pre-populated information from a remediation task:

  • Standard. A pre-authorized change that is low risk, relatively common and follows a specified procedure or work instruction.
  • Normal. Normal change requests follow a prescriptive process that requires two levels of approval before being implemented, reviewed, and closed.
  • Emergency. A change to resolve a major incident.

The following image illustrates the basic flow for creating a change request from a VUL (remediation task). The detailed steps for this flow follow the image.

The remediation task record is referred to as a VUL in the following sections. In previous versions of Vulnerability Response, remediation tasks were called, vulnerability groups (VG)s. In the following images, VG= remediation task, or a VUL record.

Basic flow for creating a change request.
Note: Key points about creating new change requests:
  • You can create new change requests for any remediation task (VUL) in a state other than Closed.
  • Verify that you have an approver for change requests other than Standard (pre-approved) that you create or associate to a VUL. This expedites moving the VUL to resolution. For more information on adding users, see Add users to the Vulnerability Response group.
  • Before a remediation task can be resolved, all tasks on at least one CHG that is associated with the VUL must be completed so that the change request can be implemented and moved to the Review state.

Procedure

  1. To create a complete change request from an existing remediation task record, navigate to All > Vulnerability Response > Remediation Tasks > Assigned to My Groups.
    The list of remediation tasks assigned to your assignment group is displayed.
  2. (Optional) Navigate to All > Vulnerability Response > Remediation Overview to view the Remediation Overview dashboard and locate a VUL assigned to you or your assignment group.
  3. Alternatively, in the Number column, click a remediation task to open the record and view the details.
    The record is displayed.
  4. With the VUL record displayed that you want to create the change request for, in the upper right of the record, click Create Change.
    The Create change request form is displayed.
  5. Fill in the fields.
    1. From the choice list of the Applies to field, choose one to continue.
      Table 1.
      Option Description
      All active vulnerable items in this group If selected, all active vulnerable items from this remediation task with a state other than Closed are added automatically to the change request after you click Create Change.
      All vulnerable items in this group matching a set of conditions If selected, the Condition builder is displayed as shown in the second figure below. Enter filter criteria to identify the vulnerable items that you want for the new change request.

      An example of a filter might include only vulnerable items that match specific search criteria:

      State is Open and Risk score greater than 75.

      After you enter your conditions, a message is displayed with the number of VIs that match your criteria (10). A link (Preview matching items) to preview the matching items is displayed.

      If no items match your filter conditions, a message is displayed below the Condition builder that instructs you to adjust your filter.

      After you click Create Change, all vulnerable items that match this condition filter are moved a new remediation task. This change request is associated with the new remediation task.
      Figure 1. Create change request form for vulnerable items in a task that match a set of conditions
      Create change request form with conditions filters
    2. (Optional) If displayed on the form, click the Preview matching items link for a list of the VIs that match your filter criteria.
      The Remediation Task List preview is displayed. You can select items on this preview list and perform UI actions on them, however, these actions are also performed on the VUL. For example, if you delete a VI from the preview list, that VI is also deleted from the VUL.
    3. After you complete your preview, close the browser window to return the change request form.
    4. For the Add CIs to CR check box, choose one to continue.
      Table 2.
      Option Description
      Add CIs to CR check box selected Default is selected. If the check box is selected, any configuration items (CI) that belong to active vulnerable items in this remediation task are added to this change request. The VUL automatically moves to the Awaiting Implementation state.
      Add CIs to CR check box cleared Clear the check box if you do not want the CIs from the active vulnerable items from this remediation task added to the new change request.

      When disabled, the state of the change request is not synched to the VUL, and the VUL remains in its current state.
    5. From the choice list for the Change type field, choose one to continue.
      Table 3.
      Change type Description
      Emergency A change to resolve a major incident.
      Normal A change type that is used to implement any change to a service that is not a standard or emergency change.
      Standard A pre-authorized, low-risk change request that is frequently implemented. Approved standard change requests can be predefined in a catalog of templates to make accessing and requesting a standard change more efficient. If selected, two fields are displayed as shown in the following figure. Select one from each choice list to fill in these fields:
      • Change category: Select a category for the change from your existing catalog, for example, Hardware, Server Standard Changes, Software. In this example, Patching Standard Changes is selected.
      • Change template: Select one available template for change requests with pre-defined supporting tasks from your catalog. In this example, the Microsoft Monthly Patching Cycle template is selected.

      For more information on ITSM change request categories, templates, and change types, see Change types.

      The feature automatically reads the types of change requests that you set up in your catalog in ITSM Change Management. For example, if you change the name for your Standard change requests in ITSM from Standard to Pre-approved, your new name is automatically displayed in the Change type choice list on the Create change request from as shown in the following figure.

      Standard change request fields.
    The fields in the Change Request Preview section of the form are pre-populated with information from the VUL. If required, these field values can be edited. For example, review the values in the fields in the following figure:
    Planned end date
    This date (2019-10-10) is the same value that is displayed in the Remediation target date field of the VUL. This value is derived from the earliest remediation target date from the vulnerable items that belong to the VUL. If you are creating a change request for a critical issue that requires an earlier remediation date, you may prefer to edit this value and the value in the Priority field.
    Justification
    This field displays the number of CIs that are added to the CHG. If you want to add additional information, you may prefer to edit this text. For example, you may prefer to add a note in this field about the filter you used to create the new VUL, for example, Risk score greater than 75. This text can help you locate your new change request and remediation task.
    Implementation plan
    This field displays the preferred solution for the vulnerability.
    Assignment group and Assigned to
    Edit these fields to change the assignment group or reassign this change request to a user in one of your assignment groups.
    Preview of change request and editable fields.
  6. Continue to preview and edit the fields as required.
  7. To save your changes and remain on this page, in the gray banner at the top of the form, right-click and select Insert and Stay.
    Save edits to change request preview.
  8. After you complete your edits, choose one to continue.
    OptionDescription
    Create Change Your change request is created and the new change request is displayed in the New state. At the top, messages are displayed that indicate the change request is successfully created with the number of vulnerable items that were added as shown in the following figure.

    If state synchronization is enabled and the VUL is not already in Under Investigation, the VUL is automatically moved to Under Investigation and a work note is posted.
    Cancel The change request is not created and the VUL is displayed.
    Confirmation message on CHG.
    Note:

    For a remediation task in the Open state with the Assignment group and Assigned to fields unassigned (empty), the current logged-on user is automatically assigned to the task after you click Create Change. In addition, the Add CIs to CR check box must be selected. At the top of the VUL, a blue confirmation message is displayed that indicates this assignment.

What to do next

Monitor the change request and the change tasks to verify that they are completed and the change request is implemented. After this CHG is implemented and moved to the Review state, if state synchronization is enabled, the VUL automatically moves to Resolved. For more information on state synchronization, see State synchronization between change requests and remediation tasks.