Mary Hain
- Post History
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
2 hours ago
To learn more about implementing IRM Risk Management, including the different types of assessments, visit our IRM Risk Management Speed Learning Series on YouTube.
ServiceNow provides two approaches to risk assessments that support organizations at different maturity levels.
Classic Risk Management
This is ServiceNow’s foundational assessment engine that enables teams to identify, assess, mitigate, and continuously monitor enterprise, operational, and IT risks. It supports basic assessments and a range of response strategies while keeping risk data current and actionable.
Review the Speed Learning content on Classic Risk Assessments, Setup, and Navigation.
Advanced Risk Management
This builds on Classic Risk Management by embedding structured, repeatable assessments based on a Risk Assessment Methodology (RAM).
The RAM provides a configurable blueprint for how risks are assessed. The framework is domain-agnostic, and its configurable nature makes it an ideal tool for Enterprise, Operational, or IT risk domains, individually or collectively.
At a high-level, a RAM record captures four critical configurations:
- Assessment context
- Assessment types
- Assessment preferences
- Roll-up and reporting preferences
These configurations form the backbone of how risks—or even risk-related objects—are assessed, scored, and reported. Review the essentials of RAM here.
Whether assessing organizational entities, processes, applications, projects, or standalone risks, Advanced Risk Management is the configurable engine that supports scaling up or down the risk management across the enterprise.
To learn more, review the following Speed Learning video resources for Advanced Risk:
- Setup and Navigation
- Risk Assessment Methodology (RAM)
- Risk Assessment Lifecycle
- Advanced Risk Assessments
Both Classic and Advanced Risk Management integrate into your broader Integrated Risk Management (IRM) ecosystem. They leverage risk and control libraries, entity management, etc., to ensure assessments are aligned with organizational assets and frameworks.
By choosing the appropriate assessment approach, risk teams can streamline workflows, improve consistency, and gain a clear view of risk exposure across the business.
