Best practice for GRC tasks and reporting
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
a month ago - last edited a month ago
I have a requirement to create a process that includes the following:
- A project assessment intake form where requestors can select GRC entities that are relevant to their project
- An automated way to create smart assessments for each of the selected entities
- A way to create tasks for InfoSec teams to review each app and the responses to the smart assessments
- An easy way to store and report on the data collected
I feel confident I can figure out 1 and 2, but is there a best practice for creating GRC-related tasks without having to make them SCTask records?
Is there a best practice for storing the data for easy reporting?
If the recommendation is to create a custom table, should it be a child table of an existing one?
I'm somewhat new to GRC and ServiceNow, so any help is appreciated.
0 REPLIES 0