As a Brand, you are now required to provide a comment when overriding the risk level of a finding in an audit checklist. This ensures that every severity change is accompanied by a clear rationale and well-documented compliance decisions.

The original risk level is preserved alongside the overridden value for reference, and all override details are available on the user interface. Overrides are not permitted after the audit is locked.

Key Benefits

Accurate Downstream Impact: The overridden risk level is reflected in CAP generation, grading, and audit exports, ensuring consistency across the audit lifecycle.

This update ensures that finding severity overrides is always justified, supporting accurate risk classification and stronger audit governance.

Documented in: You must log in to the platform to access the below link.