When a user with "Company User" role has been assigned a vulnerability, which is also called ticket creation, that user will be able to see and take action on that vulnerability when he/she logs into the portal. This assignment can also be automated through Tasks.
Sometimes it is necessary for an authority to see each and every one of vulnerabilities of one or more assets, no matter what, since that authority is the owner of that asset. Therefore, Asset->Assets menu has an operations tab where privileged users can assign owners to assets.
These owners will then be able to see any past and future vulnerabilities assigned to owned asset(s).