Remediation target rule fields

  • Release version: Yokohama
  • Updated December 3, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Remediation Target Rule Fields

    Remediation target rules are essential for defining and managing remediation timelines for findings within ServiceNow. Administrators can customize key parameters to ensure effective tracking and notification of vulnerable items based on risk ratings and due dates.

    Show full answer Show less

    Key Features

    • Name: Identifies the remediation rule.
    • Target (days): Specifies the number of days for remediation since the last opened date.
    • Target from (date): Sets the date from which SLA calculations begin, defaulting to the last opened date.
    • Active: Marks the rule as active or inactive, affecting its applicability to new vulnerable items.
    • Notify (days before due): Determines when notifications are sent before the remediation deadline, influencing the status indicators shown.
    • Description: Provides a textual overview of the rule.
    • Condition: Allows selection of criteria for rule application, requiring testing on full production scale for performance considerations.
    • Recalculation method: Defines how the remediation target date is adjusted when risk ratings change, with options to retain, reset, or apply the earliest date.
    • Users and Group: Specifies individuals or groups to be notified regarding the remediation status of vulnerable items.
    • Update History: Logs system work notes after rule creation.

    Key Outcomes

    By utilizing remediation target rules, ServiceNow customers can effectively manage vulnerabilities, ensure timely remediation actions, and maintain compliance with risk management protocols. The configuration options available empower administrators to customize workflows, leading to improved operational efficiency and reduced risk exposure.

    Use remediation target rules to define how remediation timelines are calculated and maintained for findings. Administrators can configure base target dates and recalculation behavior when risk ratings change. The following table describes all fields available in the remediation target rule form.

    Field Description
    Name Name of the rule.
    Target (days) Number of days within which the vulnerable items should be remediated, since last opened.
    V17.1: Target from (date) Date from when the target SLAs are computed. You can specify only the date or the date and time type fields. Default value is Last opened date. To customize the values for this field, see KB1642413.
    Active Option to mark the remediation target rule as active. If this check box is cleared, this rule doesn’t apply to new vulnerable items created in the system.
    Notify (days before due) Number of days prior to the targeted remediation time for a notification to be sent. The notification date calculated using this value is used to show the remediation status and color coding. If the date is before the notification date, the remediation status is “In flight.” If it’s past the notification date and before the remediation target date, the status is shown as approaching target.
    Note:
    If this field is set to 0, only a Target Missed notification is sent.
    Description Text describing the remediation target rule.
    Condition Using the condition filter, select the criteria for applying the rule to the vulnerable items. To prevent performance impact, test your conditions at full production scale. Testing enables you to determine how long the Evaluate remediation targets job takes to execute, given the conditions and the size of your Configuration Management Database (CMDB).

    Case sensitivity for the search text you enter in the condition builder isn’t supported on this record or form.
    Recalculate target date
    Recalculation method Method for recalculating the remediation target (RT) date when a vulnerable item’s risk rating changes. You can choose to retain the existing target date, reset it based on the latest risk change date, or reset it to the earliest applicable date. By default, recalculation applies only to items that aren’t overdue at the time of the risk rating change. To include overdue findings in the recalculation, enable the sn_sec_cmn.evaluate_targetmissed_records property. For more information, see Recalculate a remediation target date.
    Notifications
    Note:
    The count shown in the notification email doesn’t include vulnerable items in the Deferred, Resolved, or Closed state.
    Users The people to notify when the selected vulnerable item is approaching or passes its targeted remediation target time.
    Group The group to notify when the selected vulnerable item is approaching or passes its targeted remediation target time.
    Update History
    Unused for initial creation of a rule. Subsequently, system work notes are logged here.