Manage exemptions
Some checks simply don’t apply to your environment. In that case you set an exemption (intentionally skip a check): the check no longer counts against you and shows the status Exempt. An exemption is time-limited and needs a short justification.
👤 You need Writer or Admin rights for this. With Reader you can see the buttons but can’t use them.
ℹ️ Note: A check with an exemption does not count toward the Matching Best Practice score.
Set an exemption: step by step
- Open the Security Insights overview and go to the Security Controls section.
- Find the row of the check. You can filter the Actions column by Not Exempted to see only checks without an exemption.
- In the Actions column, click the exemption icon (the circle with the two vertical bars). The Set Exemption window opens.
- Fill in the two required fields:
- Justification*: why you’re skipping the check (up to 500 characters, can’t be empty).
- End Date*: until when the exemption applies (at most one year; the UI notes “maximum 1 year from the date of exemption.”).
- Click Set. The button only becomes active once both fields are valid. Use Cancel to back out.
✅ Done. Exemption set successfully! appears and the check now shows Exempt.
🖼️ Screenshot: The Set Exemption window. The Name field shows the check’s name, then Justification* (text box) and End Date* (date picker), with the Set and Cancel buttons at the bottom.
Target file:
assets/security-insights/set-exemption.png
Remove an exemption
- In the Security Controls list, find the check with the Exempt status. You can filter the Actions column by Exempted.
- In the Actions column, click the reset icon (the play/circle icon that appears for exempted checks).
✅ Done. Exemption removed! appears. The check returns to its normal status (for example, Failed) and counts again.
ℹ️ Note: While an exemption is active, the check’s detail window shows the stored Justification and the End Date (see Review controls).
What’s next?
- Fix a security issue: have a failing check corrected instead of skipping it.