# Retrieve Action Plan Priority Matrix Counts source: https://developer.mastercard.com/riskrecon-api/documentation/use-cases/risk-mgmt-issue-rmdfn/actionplan/get-actnpln-prty-mat-cnt/index.md ## Overview {#overview} The Risk Priority Matrix provides an instant visibility into the risk distribution of security issues across your entire vendor portfolio enabling you to identify vendors that have issues within their risk priority settings. Each cell in the matrix represents a collection of issues per the asset value and issue severity index that RiskRecon has assigned. Your risk policy and assessment tuning settings work together to automatically filter issues into prioritized [action plans](https://developer.mastercard.com/riskrecon-api/documentation/glossary/index.md#action-plan) for each advisor level vendor within your portfolio. The risk policy identifies high priority issues, determined by the issue severity and asset value, across each security criteria. Assessment tuning allows for further customization if there are particular systems that are important to your organization. The matrix is updated approximately every two weeks when RiskRecon publishes the latest scans for the vendors in your portfolio. You must provide the `toe_id` for a given action plan in the `GET Action Plan Priority Matrix Counts` endpoint request to retrieve a vendor's issues within their risk priority settings. The total response represents the current action plan and each set in the array represents a cell in the matrix which contains the following values: * The total count of issues for each mapped cell of the matrix. * The asset value assigned to each issue can be Idle, Low, Medium, and High. * The severity value assigned to each issue can be Low, Medium, High, and Critical.
You can also view the current action plan, the latest vendor analysis, and the Risk Priority Matrix in the \*\*Action Plan\*\* tab of the RiskRecon web portal. A pictorial representation of the Risk Priority Matrix, similar to the following image, as seen in the \*\*Action Plan - Current Action Plan\*\* tab on RiskRecon web portal, is shown here. ![](https://static.developer.mastercard.com/content/riskrecon-api/uploads/action-plan-priority-matrix-count.png) ## Sequence Diagram {#sequence-diagram} The following diagram shows how to retrieve an action plan priority matrix counts for a TOE: Diagram retrieve-priority-matrix-counts ## Execution Steps {#execution-steps} The following steps describe how to retrieve an action plan priority matrix counts for a TOE: 1. The user sends a `GET` request to retrieve the action plan priority matrix counts and puts the `toe_id` as the input parameter. 2. RiskRecon provides the action plan priority matrix counts. ## Sample Request and Response {#sample-request-and-response} For a sample response of this API, see [Get Action Plan Counts By Severity and Priority](https://developer.mastercard.com/riskrecon-api/documentation/testing/actionplan-samples/actnpln-cnts-smpl/index.md). ## Use Case Example {#use-case-example} The [Track the High Risk Issues of a Vendor](https://developer.mastercard.com/riskrecon-api/documentation/use-cases/risk-mgmt-issue-rmdfn/actionplan/get-actnpln-prty-mat-cnt/index.md#track-the-high-risk-issues-of-a-vendor) use case discusses how you can use the `GET Action Plan Priority Matrix Counts` endpoint to track priority issues of a vendor. ### Track the High Risk Issues of a Vendor {#track-the-high-risk-issues-of-a-vendor} The user has shared an action plan with a critical vendor, so the vendor may address and remedy the found security risks. The user can then track and check on the vendor's progress with addressing issues by using the `GET Action Plan Issue Progress` endpoint. The user can also use the `GET Action Plan Priority Matrix Counts` endpoint to check the total count of issues by severity, to ensure the higher risk issues are addressed. ## Endpoint {#endpoint} API Reference: `GET /v1/action_plan/priority_matrix_counts/{toe_id}`