However it seems we can't disable this with Contributor access on the subscription and also with Resource Policy Contributor role. We tried with Owner/User Access Administrator access and then we are able to disable it.
In our setup, it's not possible to get Owner/User Access Administrator on the Subscription.
Question 1: Do we have any other built in role which can help to disable it? Question 2: If we have to create a custom role, what actions that role should have permission to ?
Question 3: Any other implementation suggestion where a "contributor" can disable particular vulnerability assessment ?