Remediation target rule fields

  • Release version: Australia
  • Updated March 12, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Remediation Target Rule Fields

    Remediation target rules enable administrators to define timelines for remediation of findings, adjusting target dates and recalculation behaviors as risk ratings change. This functionality is crucial for maintaining compliance and effective risk management in your organization.

    Show full answer Show less

    Key Features

    • Name: Identifies the rule.
    • Target (days): Specifies the number of days for remediation from the last opened date.
    • Target from (date): Sets the starting point for SLA calculations, defaulting to the last opened date.
    • Active: Marks the rule active or inactive for new vulnerable items.
    • Notify (days before due): Determines when notifications are sent before the remediation deadline, impacting status indicators.
    • Description: Provides an explanation of the rule's purpose.
    • Condition: Filters criteria for applying the rule to vulnerable items, requiring performance testing for optimal conditions.
    • Recalculate target date: Defines how target dates are adjusted based on risk rating changes, with options for including overdue findings.
    • Notifications: Identifies users and groups to be notified regarding remediation timelines.
    • Update History: Logs system work notes post-rule creation.

    Key Outcomes

    By effectively configuring remediation target rules, ServiceNow customers can ensure timely remediation of vulnerabilities, maintain compliance, and enhance overall risk management. This structured approach allows for proactive notifications and clear communication regarding remediation statuses, ultimately improving organizational security posture.

    Use remediation target rules to define how remediation timelines are calculated and maintained for findings. Administrators can configure base target dates and recalculation behavior when risk ratings change. The following table describes all fields available in the remediation target rule form.

    Field Description
    Name Name of the rule.
    Target (days) Number of days within which the vulnerable items should be remediated, since last opened.
    V17.1: Target from (date) Date from when the target SLAs are computed. You can specify only the date or the date and time type fields. Default value is Last opened date. To customize the values for this field, see KB1642413.
    Active Option to mark the remediation target rule as active. If this check box is cleared, this rule doesn’t apply to new vulnerable items created in the system.
    Notify (days before due) Number of days prior to the targeted remediation time for a notification to be sent. The notification date calculated using this value is used to show the remediation status and color coding. If the date is before the notification date, the remediation status is “In flight.” If it’s past the notification date and before the remediation target date, the status is shown as approaching target.
    Note:
    If this field is set to 0, only a Target Missed notification is sent.
    Description Text describing the remediation target rule.
    Condition Using the condition filter, select the criteria for applying the rule to the vulnerable items. To prevent performance impact, test your conditions at full production scale. Testing enables you to determine how long the Evaluate remediation targets job takes to execute, given the conditions and the size of your Configuration Management Database (CMDB).

    Case sensitivity for the search text you enter in the condition builder isn’t supported on this record or form.
    Recalculate target date
    Recalculation method Method for recalculating the remediation target (RT) date when a vulnerable item’s risk rating changes. You can choose to retain the existing target date, reset it based on the latest risk change date, or reset it to the earliest applicable date. By default, recalculation applies only to items that aren’t overdue at the time of the risk rating change. To include overdue findings in the recalculation, enable the sn_sec_cmn.evaluate_targetmissed_records property. For more information, see Recalculate a remediation target date.
    Notifications
    Note:
    The count shown in the notification email doesn’t include vulnerable items in the Deferred, Resolved, or Closed state.
    Users The people to notify when the selected vulnerable item is approaching or passes its targeted remediation target time.
    Group The group to notify when the selected vulnerable item is approaching or passes its targeted remediation target time.
    Update History
    Unused for initial creation of a rule. Subsequently, system work notes are logged here.