Business risk is calculated based on the severity of the vulnerability relative to the business impact assigned to the asset or a related tag.
Business impact levels
- High
- Medium
- Neutral
- Low
This value is set on the asset under Manage assets headline in the main menu. Click edit on the asset and change the Business impact under the General Information tab, or directly from the asset list.
Vulnerability severity levels
- Critical
- High
- Medium
- Low
Using these values in a fixed chart going from low to critical depending on the combined levels, as shown below:
Hierarchy for business impact
Hierarchy for business impact in relation to assets and tags:
- Business impact set on the asset has the highest priority.
- If no business impact is set on the asset, the highest business impact set on related tags is used.