Rosalind Morvil
ServiceNow Employee
ServiceNow Employee

There are several exciting product enhancements being released in the August Store / Vancouver Release for Risk. For a full walk-through of what’s new in each product be sure to access our recorded Live on ServiceNow sessions:

 

What's New in Business Continuity Management

What's New in Third-party Risk Management

What's New in Risk Management

The What, Why, and How of Compliance Case Management

What's New in Compliance and Audit Management

 

Or check out the Enhanced BCM Workspace in this demo.

 

Below are some highlights:

 

Business Continuity Management

In this release, Business Continuity Management is embracing ServiceNow’s Next Experience and delivering the UI Builder and persona-based workspaces for BCM customers. This includes new homepages for Crisis Events, BIA’s, BCPs and Exercises as well as a consolidated “My Task” page. With this release, visualizations are now embedded into BCM data records.

 

Picture1.png

 

Leveraging these enhancements will increase your team’s productivity by reducing the number of clicks, improving inline reference data, and providing more comprehensive reports and visualizations. Your team can configure the workspace through no-code capabilities and tailor the workspace to your business needs without incurring technical debt or the need for customizations. Leveraging the Next Experience will help improve visibility, drive efficiencies, and strengthen the risk and compliance posture of your organization.

----------------------------------------------------------------------------------------------------------------------------------------

 

Integrated Risk Management

Policy and Compliance Management

 

The most significant enhancement to Policy and Compliance Management is Compliance Case Management, which helps you detect and resolve compliance cases and complaints. Employees can both raise a compliance request to reach out to the compliance team and report a compliance case from the user-friendly Employee Center.

 

Compliance requests can cover a broad range of topics such as hardware failures, customer loan payment failures, or general employee requests. Unique workflows can be created for each request type.

 

Compliance cases can also vary and include ethical issues such as discrimination, antitrust, or competition concerns.

 

The nature of a case commonly dictates the process it should follow. When reporting a compliance case, APIs are available that integrate ServiceNow with third-party products​. 

 

Once the compliance request or case is submitted by the employee your compliance team has a tailored workspace to analyze cases and perform investigations and assessments – including collaborating with various teams and creating and assigning case tasks. Requests are analyzed and related policies or controls are identified - additional approvals can easily be obtained if necessary.

 

Picture2.png

 

Other enhancements to Policy and Compliance in the August Store Release include:

  • Employee Center Enhancements –To increase efficiency for the first line to easily locate organizational policies or requests submitted to the second line, we enhanced the visibility of policies and requests by enabling them to be sorted by KB article or request filter. We also enabled attestations to be grouped in a single view based on control implementations
  • Authoring and Redlining – We improved the ease of creating new documents on OneDrive and of changing a document linked to a policy record (without creating a new record)

 

Risk Management

Target Risk Assessments is a significant enhancement in Risk Management. You will now have visibility into how “far” your current risk posture may be from the target risk. This will allow the business to understand the prioritized mitigation efforts that need to be adopted to ensure appropriate levels of risk are in place to continue to meet strategic goals and objectives.

 

Other enhancements have been made to improve the configurability of advanced risk assessments, a guided experience using a playbook has been added for risk assessment scope and scheduling, and a bulk response capability for manual metric data tasks is now available.

 

Finally, there have been some core user experience enhancements made to improve the configurability of header fields and entity hierarchy views. And the mobile application experience now matches the platform look and feel.

----------------------------------------------------------------------------------------------------------------------------------------

 

Third-Party Risk Management

With this release, we are extremely excited to deliver on the next generation of managing risk across your entire third-party ecosystem with ServiceNow Third-party Risk Management (TPRM). Building on our award-winning Vendor Risk Management offering, TPRM is an enterprise-wide solution that spans departments to break down silos and deliver a holistic view of not just IT vendor risk but all types of risk – across multiple business domains and any type of external relationship. TPRM builds upon the current VRM offering by extending the workflow capabilities across the entire third-party risk lifecycle from onboarding risk due diligence to renewals and offboarding.

 

Picture3.png

 

Updated visualizations offer insight into the due diligence process to help in prioritization throughout the entire due diligence lifecycle. Enhanced workflows enable the quick onboarding, renewal or off boarding of your third parties.

 

While assessments at the third-party level are still possible, Third-party Risk Management encourages engagement-level risk assessments and scoring by automating the creation of engagements through new workflows to provide a best practices approach to third-party risk assessments. Adoption of these new TPRM purpose-built flexible workflows allows your team to take advantage of the new, robust IRQ capabilities and facilitates a more accurate view of the risk your third parties are bringing to each relationship.

 

This release also offers a Risk Concentration Map for greater understanding of the concentration of your third-party risks within a specific context, such as a portfolio, business sector or geographic region.

 

Picture5.png

 

This Risk Concentration Map helps you visualize where in the world your third- party risk is most prominent. That allows you to prioritize tasks and remediation to ensure your risk is diversified and your team is aware of the impact a weather event, geopolitical change or other incident could have on your third-party network.

 

The release of TPRM also delivers several enhancements via the Employee Center. Business users can now request due diligence for a new or existing third-party engagement, respond to IRQ’s assigned to them, and request status updates on their due diligence request(s).

 

Picture7.png

 

These features are all available now and includes all functionality available in VRM to ensure seamless upgrades for transitioning current customers or new customers looking to reduce risk, protect their brand and improve organizational resilience and compliance across their entire third-party ecosystem.

 

----------------------------------------------------------------------------------------------------------------------------------------

 

If you’d like to see these new features in action check out our Brightcove channel (register for upcoming webinars at Live on ServiceNow), or connect with us on the GRC/IRM community.

 

 

1 Comment