I believe an easy way to cut the noise with password file incidents is to have a single incident that gets updated with each file detected per client. Often times these issues take time to resolve, as these are often shared password files, and it takes time for the team to switch to a new password management method. This can also make it easier to provide reports to management to expedite compliance.