Compliance Score

Follow

The compliance score for a project or OU is a value that indicates the total weight of all findings for non-compliant checks, with Critical severity checks weighing the most. This gives you a quick way to evaluate which projects and OUs most urgently need your attention to restore compliance. A lower score is better, and a score of 0 means no compliance issues. 

The compliance score is shown on:

Here's how we calculate compliance scores for projects and OUs:

  • Each compliance check you create allows you to select a Severity, as seen in the Add a Compliance Check article. Each compliance check can have multiple findings.
  • Each severity has a designated weight that is used to calculate the score. These weights are:
    • Critical severity = 10
    • High severity = 6
    • Medium severity = 3
    • Low severity = 2
    • Informational = 1
  • The severity score is the sum of all (total findings for a non-compliant check * its designated weight) based on the context, as shown in the example below:

(Check A- Critical - 5 findings)*10 weight = 50

(Check B- High - 2 findings)*6 weight = 12

(Check C- Medium - 4 findings)*3 weight = 12

(Check D- Low - 1 finding)*2 weight = 2

(Check E- Informational - 0 findings)*1 = 0

50+12+12+2+0 = Compliance score of 76 for this context

Compliance scores depend on the context (i.e., if you're viewing it for a project vs an OU). For a project or OU, factors include which compliance checks are associated with that project/OU (which could be applied locally or inherited), as well as the accounts associated with the project/OU. As a result, the compliance score for a top-level OU is likely to be much higher than that of a project.

For an easy visual indication of how checks of each severity contributed to the compliance score, you can see the doughnut chart for a project or OU on the org chart's Compliance View.

Was this article helpful?
0 out of 0 found this helpful