Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

Configuring two level of approval for Advanced Risk Assessment

Go to solution
Harsh Chitroda
Tera Contributor

3 weeks ago

Is it possible to configure a two-level approval process within the Risk Assessment workflow in ServiceNow Advanced Risk (IRM)?

 

  1. How can we design the approval process so that Level 1 (e.g., Risk Manager or Risk Owner) reviews and approves the assessment first, followed by Level 2 (e.g., Risk Approver or Risk Committee) providing the final approval?

Is there any guidance available on this?

0 Helpfuls
  • 264 Views
1 ACCEPTED SOLUTION

Go to solution
MaxMixali
Giga Guru

3 weeks ago

Answer — Yes, it is possible to configure a two-level approval process within the Risk Assessment workflow in ServiceNow Advanced Risk (IRM).

 

You can achieve this through a combination of Flow Designer (or the legacy Workflow Editor) and the Approvals [sysapproval_approver] framework — which supports sequential, multi-stage approvals natively.

 

Below is a detailed approach for implementing Level 1 and Level 2 approvals for Risk Assessments.

 

 

 

🔹

1. Understanding the Context

 

 

In IRM (Integrated Risk Management), the Risk Assessment (asmt_assessment_instance or a custom extension) can trigger approvals as part of the workflow or flow once an assessment is submitted.

 

You can configure approvals in sequence, such that:

 

  • Level 1: Risk Manager / Risk Owner reviews and approves first.

  • Level 2: Risk Approver / Risk Committee receives the request only after Level 1 approval.

 

 

 

 

🔹

2. Implementation Steps (Flow Designer method – recommended)

 

 

 

Step 1: Identify approval roles or user fields

 

 

In your Risk Assessment record, ensure you have reference fields that define:

 

  • risk_owner (Level 1 approver)

  • risk_approver or risk_committee (Level 2 approver)

 

 

If not available, extend the table and add these fields.

 

 

 

Step 2: Create a Flow for Risk Assessment

 

 

  1. Navigate to Flow Designer → New Flow.

  2. Table: asmt_assessment_instance (Risk Assessment).

  3. Trigger: When state changes to “Awaiting Approval” or On Submit, depending on your process.

 

 

 

 

Step 3: Add Level 1 Approval (Risk Owner)

 

 

  • Add an “Ask for Approval” action.

  • Record: current Risk Assessment.

  • Approvers: Data pill → Risk Owner.

  • Wait for: All approvals.

  • If approved → continue; if rejected → update state = “Rejected” and end flow.

 

 

 

 

Step 4: Add Level 2 Approval (Risk Committee / Risk Approver)

 

 

  • Add another “Ask for Approval” action after the Level 1 approval block.

  • Approvers: Data pill → Risk Approver or Risk Committee field.

  • Wait for: All approvals.

  • If approved → continue to closure; if rejected → update state = “Rejected”.

 

 

 

 

Step 5: Update States / Notifications

 

 

  • After both levels approve, add an Update Record action:

     

    • Set state = “Approved”.

     

  • Add email notifications for each stage via Flow Designer (Send Email actions) or use OOB Approval Notifications.

 

 

 

 

🔹

3. Implementation Alternative (Classic Workflow Editor)

 

 

If your environment uses legacy workflows:

 

  1. Open the Risk Assessment Workflow.

  2. Add two Approval activities in sequence:

     

    • Approval 1 → Assigned to Risk Owner.

    • Approval 2 → Assigned to Risk Approver or Risk Committee.

     

  3. Configure transition lines:

     

    • On approval → proceed to next approval.

    • On rejection → end or rollback to draft.

     

  4. Publish and attach the workflow to your Risk Assessment records.

 

 

5. Example Flow Logic Summary

Trigger: Risk Assessment Submitted

→ Ask for Approval (Risk Owner)

      if Rejected → Set State = Rejected → End

→ Ask for Approval (Risk Approver / Committee)

      if Rejected → Set State = Rejected → End

Set State = Approved

→ Notify Requester

 

View solution in original post

0 Helpfuls
1 REPLY 1

Go to solution
MaxMixali
Giga Guru

3 weeks ago

Answer — Yes, it is possible to configure a two-level approval process within the Risk Assessment workflow in ServiceNow Advanced Risk (IRM).

 

You can achieve this through a combination of Flow Designer (or the legacy Workflow Editor) and the Approvals [sysapproval_approver] framework — which supports sequential, multi-stage approvals natively.

 

Below is a detailed approach for implementing Level 1 and Level 2 approvals for Risk Assessments.

 

 

 

🔹

1. Understanding the Context

 

 

In IRM (Integrated Risk Management), the Risk Assessment (asmt_assessment_instance or a custom extension) can trigger approvals as part of the workflow or flow once an assessment is submitted.

 

You can configure approvals in sequence, such that:

 

  • Level 1: Risk Manager / Risk Owner reviews and approves first.

  • Level 2: Risk Approver / Risk Committee receives the request only after Level 1 approval.

 

 

 

 

🔹

2. Implementation Steps (Flow Designer method – recommended)

 

 

 

Step 1: Identify approval roles or user fields

 

 

In your Risk Assessment record, ensure you have reference fields that define:

 

  • risk_owner (Level 1 approver)

  • risk_approver or risk_committee (Level 2 approver)

 

 

If not available, extend the table and add these fields.

 

 

 

Step 2: Create a Flow for Risk Assessment

 

 

  1. Navigate to Flow Designer → New Flow.

  2. Table: asmt_assessment_instance (Risk Assessment).

  3. Trigger: When state changes to “Awaiting Approval” or On Submit, depending on your process.

 

 

 

 

Step 3: Add Level 1 Approval (Risk Owner)

 

 

  • Add an “Ask for Approval” action.

  • Record: current Risk Assessment.

  • Approvers: Data pill → Risk Owner.

  • Wait for: All approvals.

  • If approved → continue; if rejected → update state = “Rejected” and end flow.

 

 

 

 

Step 4: Add Level 2 Approval (Risk Committee / Risk Approver)

 

 

  • Add another “Ask for Approval” action after the Level 1 approval block.

  • Approvers: Data pill → Risk Approver or Risk Committee field.

  • Wait for: All approvals.

  • If approved → continue to closure; if rejected → update state = “Rejected”.

 

 

 

 

Step 5: Update States / Notifications

 

 

  • After both levels approve, add an Update Record action:

     

    • Set state = “Approved”.

     

  • Add email notifications for each stage via Flow Designer (Send Email actions) or use OOB Approval Notifications.

 

 

 

 

🔹

3. Implementation Alternative (Classic Workflow Editor)

 

 

If your environment uses legacy workflows:

 

  1. Open the Risk Assessment Workflow.

  2. Add two Approval activities in sequence:

     

    • Approval 1 → Assigned to Risk Owner.

    • Approval 2 → Assigned to Risk Approver or Risk Committee.

     

  3. Configure transition lines:

     

    • On approval → proceed to next approval.

    • On rejection → end or rollback to draft.

     

  4. Publish and attach the workflow to your Risk Assessment records.

 

 

5. Example Flow Logic Summary

Trigger: Risk Assessment Submitted

→ Ask for Approval (Risk Owner)

      if Rejected → Set State = Rejected → End

→ Ask for Approval (Risk Approver / Committee)

      if Rejected → Set State = Rejected → End

Set State = Approved

→ Notify Requester

 

0 Helpfuls