CERT: Priority and Level Assigned
errorcert_priority_assigned
Each finding has a Priority (Severity × Likelihood × Remediation Cost, 1–27) and resulting Level (L1/L2/L3) assigned.
Formula
G(Finding → priority_assigned)Why it matters
SEI CERT: the three risk factors multiply to a Priority (1–27), which maps to a Level — L1 (Priority 12–27), L2 (6–9), L3 (1–4).
Examples
passes the risk/remediation step is evidenced
fails the required assessment/remediation is absent
Use it
ponens policies add cert_priority_assigned --into ./trace.json
ponens trace check ./trace.json