Creating a New Vulnerability

Modified on Tue, 14 Apr at 4:32 PM

The Creating a New Vulnerability function allows users to record a newly identified vulnerability related to AI systems, datasets, or governance processes.

This ensures vulnerabilities are documented in a consistent format and can be reviewed, tracked, and managed through the Vulnerability Management section.

Purpose

Creating a vulnerability record captures important information about a weakness that may impact system security, data integrity, or compliance requirements.

Recording vulnerabilities ensures they are formally logged and available for review and follow-up actions.

Information Captured

When creating a new vulnerability, the following details are recorded:

Vulnerability Title – name used to identify the vulnerability

Description – summary of the identified weakness

Vulnerability Type – category used to classify the vulnerability

Severity Level – impact classification such as Low, Medium, High, or Critical

Detected Date – date the vulnerability was identified

Related AI System or Dataset – associated system or data asset, where applicable

Owner or Assignee – person responsible for reviewing or managing the vulnerability

These fields ensure the vulnerability is recorded in a structured and consistent format.

How Creating a Vulnerability Works

Selecting Create Vulnerability opens the vulnerability creation form.

Users enter the required information and submit the form to create the vulnerability record.

Once submitted:

the vulnerability becomes visible in the Vulnerability Management section

the vulnerability status is recorded

the vulnerability can be reviewed and updated as required

Notes

Vulnerability records should contain clear and accurate information

Severity levels should reflect the potential impact of the weakness

Linking the vulnerability to the relevant AI system or dataset ensures traceability

Vulnerability details can be updated as additional information becomes available