diff --git a/veracode_api_py/applications.py b/veracode_api_py/applications.py
index f9d2122..0d1aec3 100644
--- a/veracode_api_py/applications.py
+++ b/veracode_api_py/applications.py
@@ -67,6 +67,7 @@ def _create_or_update(self,method,app_name: str, business_criticality, descripti
         
         if business_criticality not in Constants().BUSINESS_CRITICALITY:
             raise ValueError("{} is not in the list of valid business criticalities ({})".format(business_criticality,Constants().BUSINESS_CRITICALITY))
+        business_criticality = business_criticality.replace(" ", "_")
 
         app_def = {'name':app_name, 'business_criticality':business_criticality}
 
diff --git a/veracode_api_py/constants.py b/veracode_api_py/constants.py
index 7241929..69cce34 100644
--- a/veracode_api_py/constants.py
+++ b/veracode_api_py/constants.py
@@ -42,7 +42,7 @@ class Constants():
 
      DEV_STAGE = [ 'DEVELOPMENT', 'TESTING', 'RELEASE']
 
-     BUSINESS_CRITICALITY = [ 'VERY HIGH', 'HIGH', 'MEDIUM', 'LOW', 'VERY LOW']
+     BUSINESS_CRITICALITY = [ 'VERY HIGH', 'HIGH', 'MEDIUM', 'LOW', 'VERY LOW', 'VERY_HIGH', 'VERY_LOW']
 
      DAST_TARGET_TYPE = [ 'WEB_APP', 'API']
 
@@ -54,4 +54,4 @@ class Constants():
 
      DAST_SCANNERS = [ 'fingerprinting', 'ssl', 'http_header', 'portscan', 'fuzzer', 'sql_injection',
                       'xss', 'file_inclusion', 'deserialization', 'xxe', 'command_injection', 
-                      'csrf', 'ldap_injection']
\ No newline at end of file
+                      'csrf', 'ldap_injection']