How Best to Report on Risk Assessments Taken on Change Requests

JamieD
Tera Contributor

We recently modified all of the Risk Assessment Questions we use for Change Management.  Managers want to be review how staff is answering those questions for their associated changes through a report to ensure they are being answered appropriately.  Ideally, the report will include information about the Change Requests (and related fields such as Affected CI attributes) as well as the answers provided on the associated Risk Assessments.

 

I was able to create a report on the Survey Response [survey_response] table to reveal the specific answers provided on recent Change Requests and am able to create a report on the Task Assessment [task_assessment] table to show the Change Request-level information for an assessment, but cannot seem to find a way to tie the two together into a single report. 

 

Has anyone done something like this and/or know how best to build this report?

 

Here are screen prints of the individual reports created thus far:

 

JamieD_2-1694185307568.png

 

JamieD_3-1694185336125.png

3 REPLIES 3

dwerner
Kilo Sage

Hi Jamie.  Were you ever able to find a solution to this report?  I am looking to do the same and I'm not having much luck.

 

Thanks,

Dustin

David306
Tera Contributor

Hi Dustin,

 

We managed to achieve this by reporting from "Asmt_metric_result" and then dot walking to !instance! and then across to "task", this gives you the the change fields. needed for reporting.

 

Thanks

Dave

Abbas_5
Tera Sage
Tera Sage

Hello @JamieD,

 

To effectively report on risk assessments for change requests in ServiceNow, you should focus on capturing both the change request details and the answers to specific risk assessment questions. This can be achieved by creating reports that join relevant tables and display the combined information. 
 
Here's a breakdown of how to achieve this:
  1. 1. Identify Relevant Tables:
    • Change Request: This table holds information about the change request itself (e.g., short description, impact, priority).
    • asmt_assessment_instance_question: This table stores the questions asked in the risk assessment.
    • asmt_metric: This table defines the metrics used to calculate the risk score (if applicable).
    • asmt_metric_result: This table stores the answers to the risk assessment questions and the calculated risk score.
    • task_assessment (or similar): This table links the assessment to the change request task.
    • survey_instance and survey_response: These are used for surveys, but can be adapted for risk assessments as well. 
       
  2. 2. Create a Report:
    • Option 1: Dot Walking: Report on the asmt_metric_result table and use dot walking to access related fields in the task (change request) table. 
       
    • Option 2: Create a View: Join the relevant tables (as listed above) to create a custom view. This allows you to specify exactly which fields you want to display in the report. 
       
    • Option 3: Reports on asmt_assessment_instance_question: Create a report on asmt_assessment_instance_question to display questions and their related fields. 
       
  3. 3. Customize the Report:
    • Include Change Request Details: Add fields from the change_request table to your report to provide context for the risk assessment (e.g., change number, short description, impact).
    • Display Risk Assessment Answers: Include fields from asmt_metric_result (or survey_response) to show the answers to the risk assessment questions. 
       
    • Show Calculated Risk Score: If you have a risk score field, include it in the report. 
       
    • Filter and Group: Use filters to focus on specific change requests or risk categories. Group the results by change request to see all questions and answers for each change. 
       
  4. 4. Example:
    • You might create a report that lists each change request, its description, and the answers to specific risk assessment questions (e.g., "What is the potential impact on users?", "What is the likelihood of success?").
    • You can also include a risk score column if you've calculated one. 
       
Tips for effective reporting:
  • Clear Question Definitions:
    Ensure that your risk assessment questions are clearly defined and easy to understand.
  • Consistent Scoring:
    If you use a risk score, make sure it's consistent across all change requests and that the scoring method is documented.
  • Data Validation:
    Validate the data entered into the risk assessment to ensure accuracy and consistency.
  • Regular Review:
    Regularly review and update your risk assessments to ensure they remain relevant and effective. 
     
By following these steps, you can create reports that effectively capture and analyze the risk assessments associated with change requests in ServiceNow. 
 
If this is helpful, please hit the thumbs up button and accept the correct solution by referring to this solution in future, it will be helpful to them.
 
Thanks & Regards,
Abbas Shaik