Risk Event Task in GRC
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 hours ago
Hi,
In risk event related list task- risk event task i 'am facing issue. "Security constraints prevent access to requested page". What is the reason for this ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 hours ago
Please check you have the risk event role or not?
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.
Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]
****************************************************************************************************************
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 hours ago - last edited 2 hours ago
The sn_risk.manager role does allow users to create Risk Event Tasks, but this permission is still controlled by additional access rules. In your case, you cannot create a Risk Event Task unless you are a member of the Risk Event’s Assignment Group.
When you try to create a task for a risk event assigned to a group you are not part of, an ACL or business rule blocks the action, resulting in the error.
However, when the risk event is assigned to a group you do belong to, you meet the access conditions, so the task creation works without issues.
what is reason?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 hours ago
Hi @Arun_Manoj ,
Even though you have the sn_risk.manager role, your ability to create a Risk Event Task from a Risk Event appears to be conditional on your membership in the Risk Event’s Assignment Group. This suggests that:
- There is an ACL (Access Control Rule) on the risk_event_task table or form that includes a script or condition like:
current.risk_event.assignment_group.isMember(gs.getUserID())
Or
gs.hasRole('sn_risk.manager') && current.risk_event.assignment_group.isMember(gs.getUserID())
- This ACL would allow access only if:
- You have the sn_risk.manager role AND
- You are a member of the Assignment Group of the parent Risk Event
When the Risk Event is assigned to a group you belong to:
- The ACL condition passes because assignment_group.isMember(gs.getUserID()) returns true
- You’re granted access to create the Risk Event Task
Why It Fails Otherwise
When the Risk Event is assigned to a group you’re not part of:
- The ACL condition fails
- You get the “Security constraints prevent access to requested page” error
These are few options to resolve or adapt to this behavior:
- Review and Adjust ACLs
- Go to System Security > Access Control (ACL) and filter for risk_event_task
- Check if there's a script or condition tied to assignment_group membership
- Consider modifying the ACL to allow broader access for sn_risk.manager if appropriate.
2. Use a Scripted ACL with Role-Only Logic
If group membership isn’t a strict requirement, you could simplify the ACL to:
gs.hasRole('sn_risk.manager')
3. Add Yourself to the Assignment Group Temporarily
- If modifying ACLs isn’t feasible, adding yourself to the relevant group can be a workaround for testing or task creation.
4. Raise a Request for ACL Review
- If this behavior is blocking legitimate work, document the scenario and raise a request to your ServiceNow admin or governance team to review the ACL logic.
If my response helped please mark it correct and close the thread so that it benefits future readers.
Best,
Anupam.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 hours ago
Hi @Arun_Manoj ,
Reasons for This Error
- Missing ACLs (Access Control Rules):
- The risk_event_task table may have ACLs that restrict access based on roles, conditions, or scripts.
- If your user doesn't meet those ACL conditions, access is denied.
- Role Restrictions:
- You might be missing a required role like risk_manager, risk_user, or a custom role tied to Risk Workspace.
- Even if you can access the Risk Event, the related Risk Event Task might have stricter role requirements.
- Record-Level Security:
- The specific record you're trying to open might have a reference to another record (like a Risk Event or Assignment Group) that itself has restricted access.
- UI Policy or Client Script Redirection:
- Sometimes client-side scripts redirect users to a page they can't access, triggering this error.
- Form Configuration or View Restrictions:
- The form view for risk_event_task might be restricted to certain roles or users.
To Troubleshoot:
- Check ACLs:
- Go to System Security > Access Control (ACL).
- Filter by Table = risk_event_task and review the conditions and roles.
2. Verify Your Roles:
- Check your user record (sys_user) and confirm you have the necessary roles.
- Compare with a user who can access the page.
3. Use “Security Diagnostics”:
- Navigate to the record and click “Security Diagnostics” (if available).
- This tool shows which ACLs passed or failed.
4. Try Impersonation:
- Impersonate a user who can access the page to confirm it’s a role-based issue.
5. Check Related Record Access:
- Ensure you have access to the parent Risk Event and any referenced fields (like Assignment Group or Risk Owner).
6. Review Form Configuration:
- Check if the form view is restricted or if there are UI Policies hiding the form based on roles.
If my response helped please mark it correct and close the thread so that it benefits future readers.
Best,
Anupam.
