GRC forum
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Forum Posts

GRC: Continuous Authorization and Monitoring vs Risk

Hi Folks... Continuous Authorization and Monitoring application aims at NIST RMF. How does this fit into existing 1) Risk application 2) Policy and Compliance application? In the past using NIST RMF accelerator, imported control objectives were tied ...

Managing Issue: Moving from New to Analyze

In PDI instance: newly created issue, and available buttons are Discuss, Follow, Update, and Delete. Regardless of which user is impersonated, I am not seeing any other buttons. How is issue moved from New to Analyze to Respond? All fields are filled...

Bojana_G by Tera Contributor
  • 486 Views
  • 3 replies
  • 2 helpfuls

Resolved! Types of Audit Task

Hi,  Can someone distinguish the following types of audit task? Just to better utilize the audit management. Activity Control TestInterviewWalkthrough  Thank you!

jajay_0-1698043061490.png
jajay by Tera Contributor
  • 1340 Views
  • 1 replies
  • 2 helpfuls

Smoother Control Re-Attestation

Greetings to all,I find myself confronted with a business requirement regarding the re-attestation of compliant controls. The business has expressed some frustration over the need to re-attest controls on an annual basis, especially when they are con...

Risk and compliance relation

I wanted to  check that in my business case, we have Risks on the top and to mitigate those risks we have controls in place and if control fails/not compliant, issues are created , could you give me idea as per best practice how I should map this as ...

Risk indicator that applies to several risks

Hello, IHello,  I set up a risk indicator that applies to 6 risks. I had to set up the risk indicator for EACH risk separately - one by one , which seems inefficient to me.  is there a way to set a risk indicator to apply to several risks ? This is s...

NC67 by Tera Contributor
  • 195 Views
  • 1 replies
  • 0 helpfuls

Risks creation from Entity type Reason

Hi ServiceNow Community , In Layman terms , A question popped up in my mind , if we are starting with Top-down approach from Entity Scoping to Policy & Compliance and to Risk module, and we have a Entity type lets say Business Applications in your or...

Resolved! Control test issues on Audit Engagament

Hi, Is it required to close out all the Control test issues that were made in Audit Engagement before it can be considered as complete or as closed?

jajay by Tera Contributor
  • 379 Views
  • 1 replies
  • 2 helpfuls

Resolved! GRC / IRM Article Template

Has anyone found or created a more advanced article template than the one used in the policy? Any suggestion on how to make this more robust would be appreciated. Thanks.

k_lutz by Tera Expert
  • 1318 Views
  • 5 replies
  • 1 helpfuls

Resolved! Attestation Designer (control objective) Questions for multi-language

I have some business requirement to use GRC application with multi-language.The existing solution is developed with the Attestation Designer (not a survey).The Designer is shared by multiple control objectives. Control objectives: Where can I transla...

2023-10-10_11h59_32.png 2023-10-10_12h04_29.png
CK20 by Tera Contributor
  • 543 Views
  • 1 replies
  • 0 helpfuls

Open a specific view on click of New button from related list

HiI am a starting to learn SN and am trying to solve for the following requirement - When the user clicks on the New button on the related list within my form, it should open a specific view if the Type field is set to a particular value. I think I h...

sayalisheth by Tera Contributor
  • 686 Views
  • 4 replies
  • 1 helpfuls