ServiceNow’s new Digital Operational Resilience Management app enables customers to manage their activities associated with new operational resilience regulations such as the EU Digital Operational Resilience Act (DORA). (A PDF version is available...
Overview Crisis management enables you to effectively manage recovery during disruptions and adverse events within your organization. Crisis management may include: Monitoring upcoming and ongoing threatsIdentifying the line of impact and critical as...
Welcome to the Speed Learning series for Third-Party Risk Management (TPRM), where you’ll find everything you need to succeed with ServiceNow TPRM and the IT Vendor Risk domain, which focuses on identifying and managing risks specific to your technol...
Tiering Assessments and Inherent Risk Questionnaire (IRQ) help organizations apply the right level of due diligence based on the risk a third party poses by defining the scope and aiding in prioritization. These tools are essential in building a scal...
In ServiceNow Third-Party Risk Management (TPRM), issues originate from any identified risk or gap in risk assessments, internal investigations, control failures, risk acceptances, or continuous monitoring (e.g., threat intelligence or news alerts). ...
Running a third-party risk management program at scale is complex, especially with limited resources, a growing ecosystem of vendors, and rising vendor security concerns. ServiceNow Third-Party Risk Management (TPRM) provides you with a wide range ...
The Third-Party Portal (formerly the Vendor Portal) is a secure, user-friendly interface that streamlines how third parties, such as vendors, suppliers, and partners, collaborate with your risk teams. It is a major feature of ServiceNow Third-Party R...
When third parties are unable to access the Third-Party Portal or prefer to share information through documents or spreadsheets due to internal policies, ServiceNow Third-Party Risk Management (TPRM) offers intake process alternatives. That means t...
One of the feature highlights of your third-party risk management program is the ability to be powered by live risk intelligence providers. You can replace periodic, manual assessments with continuous third-party monitoring and ongoing tracking of cy...
Overview Many organizations using the ServiceNow GRC (Governance, Risk, and Compliance) platform face challenges when customizing the risk assessment component to meet specific business requirements. One common request involves enforcing additional v...
The Environmental, Social, and Governance Management (ESGM) Delivery Accreditation is now available in ServiceNow University. Read more about the exam within this knowledge article: Environmental, Social, Governance Management (ESGM) - Exam Blueprint...
To help a bank become DORA (Digital Operational Resilience Act) compliant using the ServiceNow platform, the following practical steps can be taken: Conduct a Readiness Assessment: Assess the bank's current state of compliance with DORA requirements...
GRC: Digital Operational Resilience Management (DORM) Bootcamp is now available on demand in Now Learning. To enroll, log in to Now Learning. The course is free. About this course: Learn how to maintain information registers, assess ICT incidents, ...
Overview You can use exercises to make sure that your organization’s teams are prepared for a disruption. Exercises help teams identify gaps in recovery strategies and plans and trigger suggestions for corrective actions. With continuous testing, co...
Overview Business Continuity Planning is useful for developing continuity and recovery plans for all critical business processes and IT functions. This includes, but is not limited to: Identifying the plan scope.Documenting loss scenarios and busines...
Overview Business Impact Analysis (BIA) enables you to prioritize your organization's business processes and critical IT assets when a disruption occurs. BIAs help you identify the recovery time objectives (RTOs), recovery point objectives (RPOs), ...
In today's complex and interconnected business landscape, disruptions can arise unexpectedly, threatening critical operations and organizational stability. Business Continuity Management (BCM) offers a structured and strategic approach to ensure resi...
Please join us for the 2025 Q2 Risk Customer Confidential Product Roadmap Webinar! Hello ServiceNow Risk Customer, Thank you for being a ServiceNow Customer. It’s been an incredible year so far, especially with the recent Yokohama rele...
As we mentioned in part 1 of this article, InCountry is the best way for companies to securely store regulated data and stay compliant with local data regulations worldwide. InCountry is unique because the platform has considered all the imaginable s...
ServiceNow IRM (Integrated Risk Management) is a robust solution that provides a number of unique advantages compared to other GRC tools in the market. Here are some key aspects that make ServiceNow IRM stand out: Comprehensive Risk Management: ...
Mary Hain
Lisa Latour
Dan Bruhn
Steph Morillo
