Right now I’m a little confused. What is the aim of the field “current compliant status”? The helptext says the following, which is reasonable to me, I would set to “compliant” and set in turn the compliance efficacy to 10 %.
But now in the Mitigation Tab we have the following helptext, which tells me the contrary:
Change:
Select one or more controls (from Control Catalogue / Security Services) used to mitigate this compliance requirement. If you havent got controls you can still select mitigation policies or alternatively, set this requirement as “Not Compliant” and create a “Mitigation Project”
For:
Select one or more controls (from Control Catalogue / Security Services) used to mitigate this compliance requirement.