On average, I'd expect aligning native severity on the source system is always the best approach - especially if alarm data can be extracted by both systems (i.e. DMS and the the source of SNMP traps). And the correlation to be used mainly if many minor alarms need to trigger an additional level of attention (e.g. many minor events to be correlated into 1 major event) - you may not need this if the system is configured with some robust RCA (Root Cause Analysis).

From an admin POV, minor tweaks such as a relevant INFO event mapping into a warning are surely possible within the mapping of an alarm template.

Where you need this to from INFO to CRITICAL or Major, it would still be an option, but it could become quite confusing for operators looking at the console, as you'd get into red colour (critical severity) alarms for a severity description mapping as "Informational" - not great:

Same for minor native severity into a direct major DM alarm:
MInasMaj.JPG

To avoid that, indeed you could use DM to overwrite the native severity from a different system with a correlation rule, but depending on the scale of the system and the amount of alarms that are presented to the DM layer, this might be not ideal in terms of system performance (as you'd potentially force any SNMP alarm through the correlation engine).

Another thing to consider is also to make sure that for specific KPI there's also polling to read data every now and then - relying on SNMP traps only can easily result in no alarms reaching the DM in case connectivity is impacted (that's where timeouts come in handy)

HTH