What are exceptions?
Exceptions are specific items that should not be counted as anomalies (matched items) and, as a result, are not required to comply with a particular policy. Playbooks allow you to manage exceptions both temporarily and permanently.
For example, suppose you're about to run remediation for all matched items detected by the “Inactive Teams users” policy. However, you find one user who hasn't had any activities in the last 30 days, but it's because they're on parental leave. In this case, there's no reason to remove Teams from this user, so you can set them as an exception.
When and where you can set exceptions
You can set an exception in two moments:
- After the remediation has been enabled: once matched items have been detected, you can set one or more of them as exceptions (see the Set matched items as exceptions section below).
- During the attestation process: attestation is an action that involves sending a confirmation request to a manager/stakeholder via email before proceeding with the remediation of a matched item. The recipient can also set the item as an exception.
Learn how to configure attestation.
Evaluate exceptions
In the policy box you can see:
By clicking on the grey tag, you can open a modal window ("Exception report") where you can see a list of all the exceptions. |
Please note that remediation can only be run if the toggle “Enable remediation” is on.
Set “Matched items” as exceptions
Matched Items are detected items that are not compliant with a particular policy. Those items can be remediated or set as an exception. Let's see how to do it:
Step 1: Select matched items
From the Policy Box, click on the red tag “Matched items”.
Step 2: Set exceptions
From the modal window, select the items you want to set as an exception, then click “Set as exception” in the bottom-right corner.
Manage an exception
You can manage items marked as exceptions and, if needed, remove them from the exception list. When you do so, the removed item will be shown in the matched items, since it is no longer considered an exception.
Step 1: Select exceptions
From the Policy Box, click on the gray tag "N. Exceptions".
In the Exceptions report, you can:
- Click on the ellipses “…” located in the “Action” column.
- Choose “See details” to understand why the exception was made and its duration.
- If modification is necessary, select “Manage exceptions” to edit the notes or update the expiration details.
- Confirm your changes by clicking “Submit”.
Alternatively, you have two options:
- To remove multiple items, select them and then click “Remove all exceptions” found in the top-right corner of the window.
- To delete a specific exception, click on the ellipses “…” in the “Action” column and choose “Remove exception”. This action removes only the selected exception.
When you remove an item as an exception, that item will be shown in the matched items, since it is no longer considered an exception.