Working With Mitigation Plans

Last updated: December 23, 2025

Once a mitigation plan has been created and assigned, users interact with it through a consistent workflow designed to track progress, document actions, and preserve evidence of remediation decisions. This article explains how to work with existing mitigation plans throughout their active and completed states.

Viewing Assigned Mitigation Plans

Users can view mitigation plans that are assigned to them from the mitigation plan list.

Each plan displays high-level information, including:

  • Plan name

  • Scan type

  • Assigned user

  • Due date

  • Current progress status

Only plans assigned to the logged-in user are actionable. Plans assigned to other users are visible for review only, depending on permissions.

Tracking Progress

Progress is tracked automatically based on actions taken within the plan.

Progress indicators reflect:

  • Number of items requiring action

  • Number of items already actioned

  • Overall completion percentage

Progress updates in real time as actions are submitted and does not require manual status updates.

Reviewing Plan Scope and Targets

Opening a mitigation plan reveals its scope, which varies by scan type:

  • Vulnerability plans show targets, root causes, and associated CVEs

  • Secure Baseline plans show configuration benchmarks and affected targets

  • Data Sensitivity plans show files, folders, or data findings

The plan scope is fixed at creation time and does not change, even if remediation occurs outside the plan.

Taking Action on Root Causes and Findings

For each item in the plan, the assigned user must select an action.

Actions may include:

  • Marking work as completed

  • Documenting remediation performed outside Cyrisma

  • Applying suppression where appropriate

  • Performing supported remediation actions for local data findings

Each action requires submission to be recorded.

Action Logging and Evidence

Every action taken within a mitigation plan is logged.

Logged details include:

  • Action type

  • User who performed the action

  • Timestamp

  • Associated comments or notes

  • Items affected by the action

This log creates an immutable record of how each finding was handled and serves as supporting evidence for audits or internal reviews.

Reviewing Completed Mitigation Plans

Once all items in a plan have been actioned, the plan moves to a completed state.

Completed plans can be reviewed to:

  • Confirm remediation decisions

  • Validate accountability

  • Reference historical actions

  • Support compliance and audit requirements

Completed plans are read-only and cannot be modified.

Visibility and Accountability

Mitigation plans are designed to clearly establish responsibility.

The assigned user is accountable for:

  • Taking action on all items

  • Ensuring actions are properly documented

  • Completing the plan within the defined timeframe

Administrative users may review plans for oversight but do not alter completed records.

Summary

Working with mitigation plans in Cyrisma involves reviewing assigned plans, tracking progress, taking documented actions against each finding, and preserving an auditable record of remediation decisions. Once completed, mitigation plans remain available for historical reference, ensuring transparency and accountability across the remediation process.