Risk Index Reduction

View the types of actions you can take to reduce the Risk Index.


Updating the Risk Index after remediation may take up to 24 hours to complete, depending on the connected data sources.

The following table outlines the actions that directly impact the risk index.



Remediate risk events

Taking the recommended remediation steps may automatically adjust the risk index, depending on the risk event.

For example, Risk Insights recommends applying the latest patches or upgrading the operating system whenever vulnerability-related risk events are detected. Because vulnerability assessments are conducted daily, vulnerabilities that are patched today will not affect the calculation of tomorrow's risk index.

Change the status of risk events

Changing the status of risk events, for example to Closed or Closed - false positive, affects the asset risk score and ultimately reduces the Risk Index.


Some risk events are not actionable and may be repeatedly flagged by Risk Insights. To prevent such events from inflating the Risk Index, you can add the events to the exception list.