Hi Folks... Continuous Authorization and Monitoring application aims at NIST RMF. How does this fit into existing 1) Risk application 2) Policy and Compliance application? In the past using NIST RMF accelerator, imported control objectives were tied ...
In PDI instance: newly created issue, and available buttons are Discuss, Follow, Update, and Delete. Regardless of which user is impersonated, I am not seeing any other buttons. How is issue moved from New to Analyze to Respond? All fields are filled...
Hi, Can someone distinguish the following types of audit task? Just to better utilize the audit management. Activity Control TestInterviewWalkthrough Thank you!
Greetings to all,I find myself confronted with a business requirement regarding the re-attestation of compliant controls. The business has expressed some frustration over the need to re-attest controls on an annual basis, especially when they are con...
I wanted to check that in my business case, we have Risks on the top and to mitigate those risks we have controls in place and if control fails/not compliant, issues are created , could you give me idea as per best practice how I should map this as ...
Hello, IHello, I set up a risk indicator that applies to 6 risks. I had to set up the risk indicator for EACH risk separately - one by one , which seems inefficient to me. is there a way to set a risk indicator to apply to several risks ? This is s...
Hello! We are in the process of implementing the Vendor Risk Management module, and also recently upgraded our version from Tokyo to Vancouver. Before the upgrade from Tokyo to Vancouver, I found that records in the customer_contact table could be co...
Hi ServiceNow Community , In Layman terms , A question popped up in my mind , if we are starting with Top-down approach from Entity Scoping to Policy & Compliance and to Risk module, and we have a Entity type lets say Business Applications in your or...
Hi, Is it required to close out all the Control test issues that were made in Audit Engagement before it can be considered as complete or as closed?
Has anyone found or created a more advanced article template than the one used in the policy? Any suggestion on how to make this more robust would be appreciated. Thanks.
Unable to find action of Reassign challanger UI action to change the functionaly, please help in finding the actions of Reassign UI in GRC workspace help in scripts where it has configured
Hello there, My team is putting together, until the end of 2023, a monthly series of “Recommended Practices” webinars to help you be successful with your GRC/IRM applications. This is the second episode of this series, run by Vinod Laxmeshwar (Sr. ...
I have some business requirement to use GRC application with multi-language.The existing solution is developed with the Attestation Designer (not a survey).The Designer is shared by multiple control objectives. Control objectives: Where can I transla...
HiI am a starting to learn SN and am trying to solve for the following requirement - When the user clicks on the New button on the related list within my form, it should open a specific view if the Type field is set to a particular value. I think I h...
We are interested in using the feature that enables you to use the Compliance module for vulnerability exceptions instead of the VR module. I am interested in how people manage this due to what appear to be limited functionality. Example: I have a Wi...
