Remediation
Remediation tasks are the concrete work that closes your findings — the "what we're doing about it" an auditor expects to see tracked.
Creating tasks
- From a finding, use Add remediation task (or let Sherpa draft tasks from the finding's requirement and AI evaluation). Tasks created this way link back to the finding.
- Standalone tasks can be created from the Remediation page with New task.
Each task has a title, description (steps + evidence to collect), an assignee, a due date, and a priority.
Tracking & status
- Status: open → in progress → completed (or deferred). Overdue tasks are flagged on the list and on your dashboard.
- Reminders: assignees get periodic reminder emails until a task is done.
- Approval (optional): if a task requires approval, marking it complete sends it for an approver's review before it closes. Approvers see an "awaiting approval" count, and the task shows how long it's been waiting. If a submitted task sits unapproved past the 5-day SLA, the org's approvers get an escalation notification (re-sent at most weekly until it's actioned).
From task back to finding
A task's detail page shows the linked finding so you can jump back to the gap it closes. Closing all of a finding's tasks — with evidence — is how you resolve the finding.