Action Items
Action items are remediation tasks — either generated by AI during triage or created manually by your team. Track them from creation to completion.
How Action Items Are Created
AI-Generated
- During pipeline scans, AI analyses findings and creates recommended actions
- Each action includes rationale explaining why it's recommended
- AI considers finding severity, system criticality, and compliance impact
- Recommendations appear automatically after scan completes
Manual
- Create action items from the Action Items page
- Link to specific findings, policies, or compliance controls
- Useful for tasks not tied to a specific finding
Managing Action Items
Viewing
- Navigate to Action Items
- Filter by status, priority, assignee, or system
- Sort by updated date, priority, or due date
Assigning
- Assign action items to team members
- Set due dates for accountability
- Assignees see their items on the dashboard
Updating Status
- Open → In Progress → Completed
- Add implementation notes as you work
- Cancel items that are no longer relevant
Priority Levels
| Priority | Use when |
|---|---|
| Critical | Immediate action required — active exploitation risk |
| High | Address within days — significant security gap |
| Medium | Address within weeks — moderate risk |
| Low | Address when convenient — minimal risk |
Compliance Linkage
- Action items can link to ISM controls they address
- Completing actions improves your compliance readiness
- AI-generated items include compliance framework references