Mitigation Plan Lifecycle in Cyrisma

Last updated: December 23, 2025

Mitigation plans in Cyrisma follow a strict, linear lifecycle. Understanding this lifecycle is essential to using mitigation plans correctly and avoiding incorrect assumptions about reopening, extending, or modifying plans after completion.

This article explains how mitigation plans move from creation to completion, what triggers completion, and how historical plans are retained.

Lifecycle Overview

A mitigation plan progresses through the following stages:

  1. Creation

  2. Execution

  3. Completion

  4. Historical review

Mitigation plans do not support reopening, pausing, or extending once created.

Creation

A mitigation plan is created from a completed scan and is assigned to a specific user. At creation time, the plan captures:

  • The scan type and scan date

  • The findings included in scope

  • The assigned owner

  • The defined start and due dates

Once created, the contents of the plan are fixed and do not change.

Execution

During execution, the assigned user works through the items included in the plan.

Execution involves:

  • Reviewing targets, root causes, or data findings

  • Selecting an action for each item

  • Documenting remediation decisions or work performed

  • Submitting actions against all in-scope items

Actions may include remediation, justification, suppression, or acknowledgment depending on scan type and plan configuration.

Mitigation plans remain active until every required item has an action recorded.

Automatic Completion Rules

Mitigation plans complete automatically.

Completion occurs when:

  • All items within the mitigation plan have an action selected and submitted by the assigned user

There is no manual “close” or “complete” button. Once the final item is actioned, the plan immediately transitions to a completed state.

No Reopen or Extension Behavior

Mitigation plans cannot be modified after completion.

Specifically:

  • Completed plans cannot be reopened

  • Due dates cannot be extended

  • Ownership cannot be changed after completion

  • Items cannot be re-added or removed

If additional remediation is required after a plan is completed, a new scan and a new mitigation plan must be created.

Active vs Completed Plans

Mitigation plans exist in one of two states:

  • Active

  • Completed

There is no separate “closed,” “abandoned,” or “archived” state.

Active plans are those with outstanding items.
Completed plans are those where all items have been actioned.

Historical Plan Storage and Review

Completed mitigation plans are retained for historical reference and review.

Historical plans can be accessed through the Mitigation Review functionality, where users can:

  • View plan details

  • Review timestamps and actions taken

  • Examine completed remediation decisions

  • Use plans as supporting evidence for audits or reviews

Completed plans are read-only and cannot be altered.

Key Design Implications

The mitigation plan lifecycle is intentionally strict to ensure:

  • Clear accountability

  • Accurate historical records

  • Audit-safe documentation

  • Predictable system behavior

Mitigation plans are not intended to function as ongoing, living tasks. They represent a defined remediation effort tied to a specific scan at a specific point in time.

Summary

Mitigation plans in Cyrisma move from creation through execution to automatic completion once all items are actioned. They cannot be reopened, extended, or modified after completion. Completed plans are preserved for historical review and audit purposes, ensuring a clear and immutable record of how identified risks were handled.