Severity Frame
A severity frame ranks Revenue Scan findings by diagnostic priority, not by guessed revenue impact. Every finding is tagged [VISIBLE] or [REQUIRES ACCESS]; severity (critical, high, medium, low, info) describes how urgently the finding deserves attention from the team that runs the Diagnostic Review and the audit, not how much money it has cost. Operators get a defensible priority list; the team avoids fake revenue numbers.
Definition
A two-axis priority frame. The first axis is visibility — whether the finding is observable from the public surface or requires internal access. The second axis is severity — how urgently the finding should be reviewed, ranging from critical to info. Together they organise the scan output into a defensible queue.
Why it matters
Operators have seen too many "$X recoverable" reports backed by no evidence. The severity frame is the explicit rejection of that pattern; it says "this matters operationally, and the financial size is the audit's job, not the scan's."