GRC forum
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Forum Posts

Resolved! Control Objective Relationships

I am trying to relate control objectives to each other without necessarily using a Parent/Child relationship. There is a table called Control Objective to Control Objective (sn_compliance_m2m_policy_stmt_policy_stmt). I cant figure out how exactly to...

Isaiah Shaw by Tera Contributor
  • 797 Views
  • 1 replies
  • 0 helpfuls

Control Implementation Description

How are control implementation descriptions handled in policy & compliance as well as continuous authorization? To keep things consistent with SSP, which has both control objective and then control implementation description, control objectives are c...

MB6 by Tera Contributor
  • 421 Views
  • 1 replies
  • 0 helpfuls

OSCAL Support

Does SNOW GRC have the ability to consume Open Security Controls Assessment Language (OSCAL)? I cannot find any documentation on it, so I am thinking no, but curious if anyone has attempted to work with OSCAL and SNOW GRC.

GRC Policy Uploads

Hey GRC team, Does anyone know if there is an easier way to upload Policy text to ServiceNow? While we have been a ServiceNow shop for a few years we have never figured out a good way to upload our Policies into SNOW. We do all of our editing in Word...

John C by Tera Contributor
  • 805 Views
  • 4 replies
  • 0 helpfuls

Count of records in related list in report

Hi Community, I need to create a report in which when I apply filter for vendor (manufacturer) it should show related business applications like how many business apps are associated with the filtered vendor, then how many servers those business apps...

Resolved! Risk Portal

I asked our consultant about the Risk Portal within ServiceNow GRC. I thought this looked like a good tool for customer engagement but my consultant was a little reluctant to use it. Does anyone have any experience in using it and the benefit you get...

David347 by Tera Contributor
  • 1229 Views
  • 9 replies
  • 2 helpfuls

Impacted Controls

We recently implemented our Vulnerability Response module within SN. Currently, with our policy exceptions we can go through the normal approval process without entering impacted controls, but since implementing the VR module, when we receive a polic...

T_O_1 by Tera Contributor
  • 561 Views
  • 1 replies
  • 0 helpfuls