- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-13-2022 05:22 PM
Hi community,
I am a bit perplexed with respect to how the Policy Exception record/app works in ServiceNow.
My GRC knowledge tells me that when a Policy Exception (PER) is requested against a Policy, a Risk Assessment would need to be conducted, but that Risk Assessment would need to be tied to an Entity. Is that the logic in how PER works?
PS: I see the 'Risk' tab, but there is nothing on the tab which eludes to a Risk Manager doing any sort of Risk Assessment. There is the 'Risk Assessment' tab but the docs.servicenow.com page describes a 'Business Impact Analysis' tab (which I think they did not update to state 'Risk Assessment') - and includes some details that I do not see in my Toyko version of Policy Assessment.
PSS: This is without activating the Advanced Risk Assessment plugin.
Thanks in advance for your help.
NN
Solved! Go to Solution.
- Labels:
-
Policy and Compliance Management
