Run Vulnerability Scan Remediation Tracking — Free

Inspection Details

Scan report identified and in scope for this inspection critical (required)

Confirm the vulnerability scan report, asset scope, and scan date are available for review.

Yes No N/A

Inspection date and reviewer recorded

Record when the remediation tracking review was performed and by whom.

Note (optional)

Environment or business unit

Identify the environment, application, site, or business unit covered by the scan findings.

Reference document or scan source

Enter the scan tool name, report ID, or reference link used to trace findings.

Critical and High Findings

Critical findings are documented with asset, CVE or finding ID, and severity critical (required)

Each critical finding should be traceable to a specific asset and finding identifier.

Yes No N/A

High findings are documented with asset, CVE or finding ID, and severity critical (required)

Each high finding should be traceable to a specific asset and finding identifier.

Yes No N/A

Finding count by severity

Enter the number of critical and high findings included in the remediation tracking review.

Findings have clear remediation owners assigned critical (required)

Each finding must have a named owner or accountable team.

Yes No N/A

Exceptions or compensating controls documented for any deferred finding

Document approved exceptions, risk acceptance, or compensating controls for findings not remediated within SLA.

Yes No N/A

Note (optional)

Remediation Ticket Tracking

Remediation ticket created for each critical and high finding critical (required)

Verify each in-scope finding has a linked remediation ticket.

Yes No N/A

Ticket ID or change record captured

Record the ticket number, change request, or work item associated with the finding.

Ticket owner and due date recorded

Capture the assigned owner and the remediation due date or SLA target date.

Note (optional)

Ticket status reflects active remediation work

Select the current remediation status for the tracked finding.

Evidence attached to the ticket

Confirm screenshots, patch records, configuration changes, or other evidence is attached.

Yes No N/A

SLA and Timing Compliance

SLA window defined for the finding severity critical (required)

Select the applicable SLA target for remediation and verification.

Days since finding was identified

Enter the elapsed days from scan discovery to the current review date.

Remediation completed within SLA window critical (required)

Confirm the fix was implemented before the SLA deadline.

Yes No N/A

Verification rescan completed within SLA window critical (required)

Confirm a rescan or validation check was completed and the vulnerability no longer appears, or is otherwise formally accepted.

Yes No N/A

Closure and Audit Evidence

Closure evidence includes before and after scan results critical (required)

Verify evidence shows the original finding and the post-remediation validation result.

Yes No N/A

Residual risk or exception approval documented when applicable

Document any approved risk acceptance, exception, or compensating control for unresolved findings.

Yes No N/A

Note (optional)

Corrective action summary completed

Summarize the remediation action taken, validation outcome, and any follow-up required.

Inspector signature or attestation

Optional attestation by the reviewer confirming the tracking record is complete and accurate.

Get your results

Enter your email — we'll send you a PDF of your filled-out template, plus the occasional MangoScoop newsletter (templates, workflow tips, product updates). Unsubscribe anytime — link is in every email.

Email (required)

Your name (optional)

Run: Vulnerability Scan Remediation Tracking

Inspection Details

Critical and High Findings

Remediation Ticket Tracking

SLA and Timing Compliance

Closure and Audit Evidence

Get your results