In Lacework console, Compliance recommendation has a severity that is different from the Compliance event that was generated when a violation of the recommendation occurred after assessment is completed.
Email Alert with a Severity of HIGH
Compliance event in Lacework console showing severity of HIGH
Compliance recommendation that was violated has severity of CRITICAL
Monitored cloud accounts (AWS, GCP and Azure)
This is by design. Severity of Compliance events are expected to go one level lower relative to the severity of the Compliance recommendation that was violated if they occur frequently.