Cybersecurity frameworks provide standardized guidelines for addressing risk. You can map both known and custom cybersecurity framework controls to your metrics to report on compliance against these controls. Each active framework in Splunk Asset and Risk Intelligence has an associated dashboard that you can filter based on category, control, or metric. The dashboard includes all of the metrics mapped to the controls for that particular cybersecurity framework.

To review the metrics mapped to a framework, select Risk and then Frameworks in the main menu navigation bar. To add or activate a framework, see Create and manage cybersecurity frameworks in Splunk Asset and Risk Intelligence in the Administer Splunk Asset and Risk Intelligence manual.

To see asset risk scoring insights for all assets, select Risk then Scoring and then Asset risk scoring insights.

You can use the asset risk scoring insights dashboard to monitor risk by reviewing data such as risk score trends, high-risk assets, and asset counts for each risk rule. You can also filter the dashboard by risk level, such as "Critical", by risk rule, or by risk score.

If you want to further investigate an asset from the Asset risk scoring insights dashboard, you can select the asset in the Asset detail by risk scoring rules table. On the asset investigation page, you can view the risk score activity with the risk rules affecting the asset over the selected time frame and the associated risk scores for each rule. See Investigate assets in Splunk Asset and Risk Intelligence.

To customize risk levels and adjust the risk rule schedule, see Modify risk settings in the Administer Splunk Asset and Risk Intelligence manual.

To save a filtered view for your framework dashboard, see Filter your asset reports.

To add a risk rule or risk filter, see Create and manage risk rules in Splunk Asset and Risk Intelligence in the Administer Splunk Asset and Risk Intelligence manual.