Vulnerability Management

Modified on Tue, 14 Apr at 4:32 PM

The Vulnerability Management section in Clarity AI is used to record, review, and track vulnerabilities identified across AI systems, datasets, or governance processes.

It provides a structured register to document weaknesses that may impact system security, data integrity, or compliance requirements.

Purpose

Vulnerability Management ensures identified weaknesses are centrally documented and visible for review and follow-up actions.

Maintaining a record of vulnerabilities supports risk awareness and helps ensure appropriate remediation activities are tracked.

What You Can Track

Each vulnerability record captures key details required for documentation and tracking:

Title – name used to identify the vulnerability

Description – summary explaining the identified weakness

Severity – impact classification of the vulnerability

Status – current stage of the vulnerability

Detected Date – when the vulnerability was identified

Related AI System or Dataset – associated asset where applicable

Owner or Assignee – person responsible for reviewing or managing the vulnerability

Key Functions

Record Vulnerability allows users to create a new vulnerability entry

Search and filters help locate vulnerabilities based on defined criteria

View Details opens the complete vulnerability record including all related information

Examples of Vulnerabilities

Examples include:

Weak access controls or permission gaps

Data exposure risks due to configuration issues

Use of outdated or unverified datasets

Insufficient monitoring of AI system outputs

Gaps in policy or compliance controls

Notes

Vulnerabilities are recorded separately from incidents but may be related

Maintaining accurate records supports effective tracking and review

Vulnerability records provide visibility across governance and risk management processes