Use the Edit Explanation Notes option to add or change the explanation notes associated with a selected security check. You can specify a different explanation note for each finding on each affected SQL Server instance.
Explanation notes let you clarify why a specific finding has been found. For example, you may need to justify why a high or medium risk finding should be ignored due to a special configuration or need in your environment.
To use this option, go to you respective assessment in the Security Summary view, click a security check on your Server Security Report Card, and then click Edit Explanation Notes on the ribbon options of the Summary tab. A new window opens for the selected security check where you can choose to mark the check as Explained and/or type Notes.
When a finding is marked as Explained, SQL Secure regards the finding as "ok" and changes the status of the security check in the assessment report card. If you do not want the finding to be regarded as "ok", enter the appropriate note but leave the Explained option unchecked.
You can copy explanation notes from one assessment to another when you compare the assessment security checks .
Available fields
When the Edit Explanation Notes window is opened, the following fields are available:
Server
Provides the name of the SQL Server instance on which the security check found a violation.
Risk
Provides the level of risk set for this security check (high, medium, or low).
Explained
Indicates whether this security check finding has been explained for the specified instance.
Notes
Displays the note that has been entered about each finding, per each affected SQL Server instance.