The primary tool for improving your Incident Likelihood assessment is the Remediation Plan available in the MAX Vendor Portal (MAX > Vendor Portal).
Unlike a list of isolated technical findings, the Remediation Plan prioritizes actions that address underlying risk drivers across your security program.
Navigating the Remediation Plan
When you open your plan, you will see a list of prioritized recommendations.
Each row includes key data points to help you prioritize your work:
-
Risk severity
Issues are categorized as High, Medium, or Low. Address High-severity items first to reduce risk more quickly.
-
Category
Each category aligns to a core security area, such as Employee and User Training, Vendor Risk Management, or Incident Response.
-
Status
You can monitor your progress through the Open, Under Review, and Resolved tabs at the top of the plan.
-
Comments
Any comments left for you.
Strategic vs. tactical remediation
The Remediation Plan focuses on improvements to Information Security Activities. Resolving a single technical issue is a tactical fix. Improving the process that led to that issue is a strategic fix.
For example, strengthening your patch management process has a broader impact than installing one specific patch.
Strategic remediation supports sustained improvement in both your Likelihood Assessment and your overall security posture.
Why score improvements take time
The Incident Likelihood assessment evaluates patterns and trends across a six-month window. Because of this methodology, improvements are not reflected immediately after remediation actions are completed.
The following factors influence how your score changes over time:
- Recurring indicators: If your organization encounters new indicators (such as leaked credentials) every month, the assessment flags a recurring pattern.
- Duration of indicators: Indicators that persist over several months have a heavier impact on your score than one-time events.
To improve your assessment, you must both resolve current findings and maintain a clean trend over time. As older indicators age out of the six-month window, your assessment will begin to reflect sustained improvements.
Customer and MAX engagement
Your customers use the Incident Likelihood assessment to evaluate supply chain risk.
Be prepared to discuss your rating and remediation progress, particularly if your rating is High or Critical.
The SecurityScorecard MAX team may also engage with you to review findings and provide guidance on reducing risk. To learn more, see What to expect on a MAX consultation call.