Changing incident severity
The incident’s severity setting is a measure of how important it is to the organization that this incident is handled. The severity of an incident is automatically decided by Forcepoint DLP. This calculation takes both the prescribed severity of the incident and the number of matched violations into account.
Incident severity is displayed in the incident list. There is a column for severity. In addition, when you select an incident, its severity is displayed in the incident details. To change the severity of an incident:
- Select one or more incidents. Note that if you want to apply the action to all the filtered incidents, there is no need to make any selections.
- From the toolbar, select .
- Select a new severity from the menu.
- Select a Change Severity option:
- Select Selected incidents to change the severity of only the incidents you selected in the list.
- Select All filtered incidents to change the severity of all filtered incidents in the list.
Possible severities include:
| Icon | Definition |
|---|---|
.png) |
High. This breach is significant and may have a broad impact on the organization. |
.png) |
Medium. This breach is moderate and should be reviewed. |
.png) |
Low. This breach is insignificant. |