Are there any out-of-the-box (OOB) sample risk statements and policies

aphaugat
Tera Expert

‎07-07-2025 02:45 AM

In ServiceNow GRC (IRM), are there any out-of-the-box (OOB) sample risk statements or policies provided that we can use as reference or customize for our organization?

I'm specifically looking to understand whether ServiceNow includes any preloaded examples that can help us get started with our risk and policy management setup.

I could see content packs related to SOX-specific—grc-content-packs, but do we have anything else?

0 Helpfuls
  • 1,362 Views
10 REPLIES 10

SANDEEP DUTTA
Tera Patron
Tera Patron
In response to aphaugat

‎07-13-2025 05:36 AM

Hi @aphaugat ,

Beyod this, i don't think anything available as of now.

 

Thanks,
Sandeep Dutta

Please mark the answer correct & Helpful, if i could help you.
0 Helpfuls

aphaugat
Tera Expert
In response to SANDEEP DUTTA

‎07-26-2025 07:16 AM

Thanks @SANDEEP DUTTA for the response.
Yes, I agree. If not OOB, just seeking any external tool/application.

0 Helpfuls

Mehernosh Amrol
Giga Guru
In response to aphaugat

‎07-28-2025 01:37 PM

You may want to look at some of the Accelerators then.

 

https://www.servicenow.com/docs/search?labelkey=grc&labelkey=audmgmt&labelkey=BusContManage&labelkey...

0 Helpfuls

Simon Hendery
Mega Patron
Mega Patron

‎07-12-2025 10:35 PM

Hi @aphaugat 

 

There's no other plugin option if the demo data that's provided doesn't meet your needs for some reason.

 

I'm guessing you're looking to install a specific Authority Document to test? If that's the case, one option is to upload a CSV file related to an AD (or part of an AD). You may be able to source this from your existing risk function?

0 Helpfuls

aphaugat
Tera Expert
In response to Simon Hendery

‎07-26-2025 07:06 AM

Hi @Simon Hendery -

I understand that ServiceNow does not provide this functionality out of the box. However, the requirement here is to be able to retrieve risk statements or policies based on specific keywords.

 

For example, if a user searches for "password policy" (possibly through a custom UI), ServiceNow should be able to integrate with an external system to pull predefined password-related policies. These can then be reviewed and modified as needed—eliminating the need to draft entire policies from scratch.

 

Due to the limitations in ServiceNow, I’m exploring external systems that can integrate with it and return predefined data such as risk statements, policies, citations, etc., based on keyword-based search.

0 Helpfuls