Severity levels

What Critical, High, Medium, and Low mean in AuditForce, with examples of each and how severity is assigned.

Every change in your org gets a severity label: Critical, High, Medium, or Low. Severity tells you how urgently you should review a change.

The four levels

Critical

Changes that need your attention now. These are security-sensitive configuration changes that could affect who can access your org, how users authenticate, or what external apps can do.

Examples:

  • Multi-factor authentication settings changed
  • Single sign-on configuration modified
  • IP address restrictions added or removed
  • OAuth app permissions changed
  • Session security settings modified
  • Password policy weakened

What to do: Review Critical changes the same day they appear. If you didn't make the change and don't know who did, investigate immediately.

High

Changes that you should review soon. These affect who can do what in your org and how automated processes run.

Examples:

  • Profile permissions changed
  • Permission sets added, removed, or modified
  • Sharing rules updated
  • Flows activated or deactivated
  • Apex classes modified
  • Validation rules changed

What to do: Review High changes within 1 to 2 days. Most are expected changes from your team, but unusual ones are worth a closer look.

Medium

Changes worth knowing about. These are standard configuration changes that affect your org's data model and user experience.

Examples:

  • Custom objects or fields added or changed
  • Page layouts modified
  • Approval processes updated
  • Email templates changed
  • Reports or dashboards modified

What to do: Review Medium changes at your regular cadence. They're rarely urgent but useful for keeping a record of who changed what.

Low

Routine changes that require no immediate action. These are cosmetic or administrative changes with minimal risk.

Examples:

  • List views created or modified
  • Home page layouts changed
  • Labels and translations updated
  • Custom links added

What to do: Low changes are logged for your records. You don't need to act on them unless something looks unexpected.

How severity is assigned

Every change is matched against a set of rules that look at what was changed and what action was taken. The rules are maintained and updated regularly to reflect Salesforce's full range of configuration changes.

If a change doesn't match any specific rule, it's classified as Low by default.

Adjusting severity for your org (Core plan)

If a change type is consistently too high or too low for your team's needs, you can override the default severity for specific rules. Go to Settings, scroll to Severity Rules, and adjust any rule to match your org's risk profile.

Overrides apply to your org only and don't affect other AuditForce users.

Frequently asked questions

A change shows as Low but I think it's more important. Can I change it? Yes, on the Core plan. Go to Settings, find the rule that matched the change, and set a higher severity. All future changes of that type will use your override.

Why is a change showing as Low when it seems security-related? AuditForce may not have a specific rule for that change type yet. You can override it in Settings. If you think it should be Critical or High by default for everyone, contact us and we'll review it for the next rules update.

Can I turn off a severity level? No. All four levels are always active. You can filter by severity on the Changes page, but all changes are always recorded.

Back to Help Center