GRC blog

New ServiceNow Continuous Monitoring offers 360 Degree Visibility into Vulnerabilities

This is the first of 3 blogs discussing new GRC features in the Kingston release. I've started with one of the most interesting - GRC Continuous Monitoring and the Configuration Compliance application...

ServiceNow GRC Topic of the Week: GDPR, 9 Ways ServiceNow Can Help

As most of you are hopefully aware, as of May 2018 any organization that handles personal data of a subject in the European Union (EU) must comply with the GDPR. Don't mistake this for a regulation th...

ServiceNow GRC Topic of the Week: Cyber Awareness and GRC

I'd like to kick off my new weekly blog, aptly titled "ServiceNow GRC Topic of the Week", with a timely subject — Cyber Awareness and GRC. The theme for week 2 of Cyber Awareness Month, according to t...

All Enterprises Should Have a Vendor Risk Program

Gone are the days when enterprises could afford to build a firewall around their kingdom to keep attackers out and all data in. The perimeter has become porous and the enterprise has learned to levera...

Announcing ServiceNow Governance, Risk & Compliance (GRC) version "I"

We are very pleased to announce the Istanbul market release of Governance, Risk and Compliance. GRC is designed to enable customers extend their investments in Service Management to automate cross fun...

Manual tasks dragging down your Incident Response?

SecOps is mostly about firefighting today, with too much noise, not enough signal, and not enough people to dig in when the signal is found. Quite honestly, this had led to a hero culture. The heroes ...

Retire your vulnerability quarterback

Welcome to the first of what will hopefully be many posts on security topics impacting organizations of all types. Those who know me know that I spend much of my time on the road speaking to a large n...

Cleaning Up WS-Security With SOAP

SOAP based communication allows us to secure the message (end-to-end security) not just at the transport level (HTTPS). If you want to protect inbound SOAP requests, at the message level, you can use ...

Inside ServiceNow GRC

Quick introduction to Governance, Risk and Compliance (GRC)and exploring capabilities of ServiceNow GRC

Innovation of the Year K15? IT GRC > Authoritative Sources > COBIT 5

In the ServiceNow > IT Governance, Risk and Compliance Plugin we see examples from multiple standards, frameworks, guidance and regulations. This post explains an approach to updating COBIT with the l...

Blog Articles