should i deactivate OOTB ACL which provides ITIL users access to incident tickets?

Go to solution
ashwanikumar
Tera Expert

‎03-14-2019 05:48 AM

Hi All,

I received a requirement to remove read access for some ITIL users.(we have 3 different category of users who want to see only their tickets. 

To fulfill this requirement i am disabling an Out of the box ACL which provide access to itil users and creating three different ACLs. Is is wise to do so?

Thanks,

KUMAR

Labels:
0 Helpfuls
  • 1,061 Views
1 ACCEPTED SOLUTION

Go to solution
Paul Curwen
Giga Sage

‎03-14-2019 05:51 AM

As long as it works for your business requirements it is. However bear in mind, that you are now responsible for the customisation and will need to fully test etc after each upgrade. 

 

My advice would be to stay as close to OOB as possible, but as your finding one of the best things about ServiceNow is it's flexibility, but with that comes risk that needs understood and managed. 

***If Correct/Helpful please take time mark as Correct/Helpful. It is much appreciated.***

Regards

Paul

View solution in original post

3 REPLIES 3

Go to solution
Paul Curwen
Giga Sage

‎03-14-2019 05:51 AM

As long as it works for your business requirements it is. However bear in mind, that you are now responsible for the customisation and will need to fully test etc after each upgrade. 

 

My advice would be to stay as close to OOB as possible, but as your finding one of the best things about ServiceNow is it's flexibility, but with that comes risk that needs understood and managed. 

***If Correct/Helpful please take time mark as Correct/Helpful. It is much appreciated.***

Regards

Paul

Go to solution
Allen Andreas
Administrator
Administrator

‎03-14-2019 05:53 AM

Hi,

Not sure of the full requirement, but if you want ITIL to only see tickets assigned to their team, you can add that as a condition via script in the read ACL. It sounds like you have 3 different situations where you may need 3 different Read ACLs that have their own condition. Some places do disable read for ITIL, but I'd say that's more rare than it actually happening. I'd consider the first part of my reply about trying to limit who can see them via script than removing read for ITIL all the way. This can affect reporting and other areas with unintended consequences.

Please mark reply as Helpful/Correct, if applicable. Thanks!


Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!

Go to solution
Allen Andreas
Administrator
Administrator
In response to Allen Andreas

‎03-14-2019 08:55 AM

Glad you got an answer that worked for you?


Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!
0 Helpfuls