Manage exceptions

  • Last update on August 5th, 2024

Table of Contents

What are exceptions?

Exceptions are specific items that should not be counted as anomalies (matched items) and, as a result, are not required to comply with a particular policy. Playbooks allow you to manage exceptions both temporarily and permanently.

For example, suppose you're about to run remediation for all matched items detected by the “Inactive Teams users” policy. However, you find one user who hasn't had any activities in the last 30 days, but it's because they're on parental leave. In this case, there's no reason to remove Teams from this user, so you can set them as an exception. 

When and where you can set exceptions

You can set an exception in two moments:

  1. After the remediation has been enabled: once matched items have been detected, you can set one or more of them as exceptions (see the Set matched items as exceptions section below).
  2. During the attestation process: attestation is an action that involves sending a confirmation request to a manager/stakeholder via email before proceeding with the remediation of a matched item. The recipient can also set the item as an exception.

Learn how to configure attestation.

Evaluate exceptions

In the policy box you can see:

  • Matched items: detected items that match the policy criteria and that can be remediated* or set as an exception.
  • Exceptions: how many matched items are already managed as exceptions.

By clicking on the grey tag, you can open a modal window ("Exception report") where you can see a list of all the exceptions.

Please note that remediation can only be run if the toggle “Enable remediation” is on.

 

Set “Matched items” as exceptions

Matched Items are detected items that are not compliant with a particular policy. Those items can be remediated or set as an exception. Let's see how to do it:

Step 1: Select matched items

From the Policy Box, click on the red tag “Matched items”.

Step 2: Set exceptions

From the modal window, select the items you want to set as an exception, then click “Set as exception” in the bottom-right corner.

Manage an exception

You can manage items marked as exceptions and, if needed, remove them from the exception list. When you do so, the removed item will be shown in the matched items, since it is no longer considered an exception. 

Step 1: Select exceptions

From the Policy Box, click on the gray tag "N. Exceptions".

In the Exceptions report, you can:

  • Click on the ellipses “” located in the “Action” column.
  • Choose “See details” to understand why the exception was made and its duration.
  • If modification is necessary, select “Manage exceptions” to edit the notes or update the expiration details.
  • Confirm your changes by clicking “Submit”.

Alternatively, you have two options:

  • To remove multiple items, select them and then click “Remove all exceptions” found in the top-right corner of the window.
  • To delete a specific exception, click on the ellipses “” in the “Action” column and choose “Remove exception”. This action removes only the selected exception.

When you remove an item as an exception, that item will be shown in the matched items, since it is no longer considered an exception.

 

 

Related Articles

DID THIS PAGE HELP YOU?