What should be done if a customer changes the default risk score of an application?

Adjusting the risk score of an application is essential because the risk score reflects its current security posture and operational requirements based on the specific needs and configurations of the customer. When a customer changes the default risk score, it indicates that they have assessed the application’s risk level to meet their unique business context and security policy.

Therefore, readjusting the risk score for that tenant ensures that the application's alignment with the customer's risk management strategy is maintained. This also prevents potential security gaps that could arise from using a default score that may not accurately represent the application's risk for that particular customer.

Moreover, by making this adjustment, the service can respond effectively to the customer's specific environment and compliance needs, enhancing overall security and operational effectiveness. It’s a vital step to ensure that the security posture is accurately reflective of the customer's assessment and requirements.