Setting Up Your Risk-Based SLAs

A new SLA-centric management feature where you set a risk tolerance based on your organizations appetite for risk.


You must be a customer admin to create, update, and/or delete SLAs.

Important to Note

  • You can only select one risk tolerance for your whole organization.
  • Existing SLAs do not require risk tolerance.
  • All new SLAs must have a risk tolerance set.
  • A due date will not change once it has been set.

Setting Up New SLA

From the Cisco Vulnerability Management UI, navigate to the SLAs menu option.

Screen Shot 2020-04-22 at 3.56.35 PM.png

In the Service Level Agreement window, click Setup my SLAs wizard to begin the process.

Wizard.pngImportant: If you already have SLAs, you will not see the wizard. Instead, you will see a new Risk Tolerance box where you can click edit to being setting up your risk tolerance.


In the Setup my SLA pop-up, you are able to select your risk tolerance from these three options.

Option Definition
Benchmark Plan to meet the mean time to remediate benchmark.
Faster than peers Plan to remediate 50% faster than peers.
Faster than attackers Plan to remediate as early as a vulnerability is likely to be exploited.

Screen Shot 2020-04-22 at 3.57.47 PM.png

Note: Depending on the option you select, Cisco Vulnerability Management’s suggested SLA provides a guideline based on your Vulnerability Score and Asset Priority factors.

Once you have selected your risk tolerance, click Next to complete the second step of the setup.

Depending on your maturity and needs, you can choose to apply the option to all your risk meters or to specific risk meters.


Enter a name for your SLA that is easily identifiable.

For the SLA matrix, you are able to edit Cisco Vulnerability Management’s suggested SLAs by selecting the checkbox of the SLA you want to change and clicking the pencil icon. After you click the pencil the days will become editable. Save your change by clicking the check mark that replaces the pencil. If you do not click the check mark your change will not be saved.


Important: You cannot change the Vulnerability Score and Asset Priority ranges in the SLA Matrix. You must use the Single SLA option to set those custom ranges.

Important: Persistent due dates are not supported for matrix SLAs. Only single style SLAs support persistent due dates.

Screen Shot 2020-04-22 at 4.11.49 PM.png

You can also turn off the SLAs by clicking the checkbox, which sets it to No SLA.

Note: Use this option if you are only interested in specific asset priorities and vulnerability scores.

Tip: For better remediation efficiency, Cisco recommends you focus on higher priority assets and vulnerabilities.

Once you have set all your SLAs, click Save and Close.

In the SLA window, your newly created SLA is populated under the SLAs header.


You can change the risk tolerance of your organization by clicking Edit in the Risk Tolerance box. The change is effective on a go-forward basis.


Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request



Please sign in to leave a comment.