Add users to the approver groups so that you can request an exception.

Before you begin

Persona and granular roles are available to help you manage what users and groups can see and do in the Vulnerability Response application. For an initial assignment of the persona roles in Setup Assistant, see Assign the Vulnerability Response persona roles using Setup Assistant. For more information about managing granular roles, see Manage persona and granular roles for Vulnerability Response.

Role required: sn_vul.exception_approver

About this task

Upto Vulnerability Response v14.0, an exception request for a vulnerable item or remediation task is approved using the default two-level approval workflow. The request must be approved by two levels of approvers.
Note: Upto Vulnerability Response v14.0, if there's no first-level approver, an exception can't be requested. However, starting from Vulnerability Response v15.0, if you are deploying the VR application for the first time, the flow designer for exception management is enabled by default. If you are already using the workflow, you can update to the flow designer. In both cases, you cannot change it back to workflow. To configure approval rules for exception management and false positive, see Configure approval rules for Exception Management.

Procedure

  1. Navigate to All > User Administration > Groups.
  2. In the Name column, search for Exception, and click Exception Approver - Level 1.
    Note: Starting from Vulnerability Response v12.8.1, you can use the system properties provided in the base system for exception approvals via workflow in the System Properties [sys_properties] table. So, when an exception or false positive request is raised via workflow, it’s sent for approval to the group IDs defined in the system property. Navigate to All > System Properties and select sn_vul.exception_approver_L1, sn_vul.exception_approver_L2, or sn_vul.false_positive_approver_group to change the property value.
  3. On the Group Exception Approver - Level 1 form, click the Group Members related list.
  4. Click New to create a list.
  5. On the form, fill in the fields.
    Table 1. User form
    FieldDescription
    User ID Unique identifier for the user.
    First name User's first name.
    Last name User's last name.
    Title User's job title. Enter a title or job description, or select one from the list.
    Department User's department.
    Password Password assigned to the user. This password can be permanent or temporary.
    Password needs reset Option to enable the user to reset the password to ensure security.
    Locked out Option to lock the user out of the instance and terminate all the user's active sessions. The system prevents users with the admin role from locking themselves out.
    Active Option to make this user active. Only you can see an inactive user in these areas:
    • Lists of users
    • Selection list on reference fields (magnifying glass icon)
    • Auto-complete list that appears when you type into a reference field
    Web service access only Option to designate this user as a non-interactive user.
    Internal Integration User Option to designate this user as an internal integration user.
    Email User's email address.
    Language User's preferred language.
    Calendar integration Calendar used to manage the work schedule. For example, Outlook.
    Time zone Time zone for this user's location.
    Date format User's preferred format for dates.
    Business phone User's business phone.
    Mobile phone User's mobile phone.
    Photo Photo that you can upload by clicking on Click to add....
  6. Click Submit.
  7. Repeat steps 1–5 to create an Exception Approver - Level 2.
    The approver must navigate to Vulnerability Response > My Approvals and approve requests.
    Note: To approve an exception for GRC: Policy and Compliance Management, see Policy and Compliance Management optional setup.