The vulnerability reopen rate metric helps measure the effectiveness of the remediation process. Once a vulnerability has been fixed, it should not reappear in any of the subsequent scans. If it is reoccurring even after remediation, that indicates a failure of the remediation process. A higher vulnerability reopen rate would indicate that the patching process is flawed. Data for this metric can be published and compared on a quarterly basis, with the value for every quarter ideally lesser than the previous one.