Dear experts, I have set the assessment questionnaire to allow retake but when I perform the internal assessment, it did not have the option to allow retake or a backflow? How can I allow the owner or someone to change the user's response rather than...
My organization is testing out CAM prior to buying. We have had several demos, and ServiceNow is present throughout our environment. We are switching from an outdated GRC tool to ServiceNow for continuous authorization and monitoring. The developers ...
During control attestation, I want issues created when a Control is "Not Applicable" in servicenow. I know OOTB it is via Business Rule and OOTB script include that creates issue record, when the question answer is selected "No" and it sets non compl...
Hi community, as far as I could see, Entity Classes can (or better must!) be assigned by the Entity Type.So what do I do with Entity Class rules? Doc says it determines the class of any new object in a table, so why is assigning a Class via filter ma...
Currently the activity log is used to track completed reviews. We would like to send reminder notifications, but the OOB workflow doesn't provide a way to determine which reviewers have not completed the reviews. Seeking ideas on how to meet this re...
OOB business rule for control status
Is there a low-code approach to making the document templates for some of the Continuous Authorization and Monitoring (CAM) generated reports? We have a requirement to make the generated reports (specifically the SSP Template) more dyanmic. By dynami...
operational resilience management(workspace) - no courses in Now Learning(ServiceNow University). Is the DORA course enough?
We are a rather new BigID client and are trying to solve an issue with the IRM Ticketing app. We are unable to see any SN users in the Create Ticket form for either Opened by or Triage Owner. Our SN Admin has confirmed that we have read access to the...
Our controls are derived from our policies and standards, I'd like to be able to build these with Hyperlinks to the related 'Policy' associated KB article. The logic here is for the control data to be pulled into a smart assessment during the attesta...
Dear experts, I am finding very hard to understand the scoring logic of the system where I tried different questionnaires to understand how does the scoring matrics work but it does not add up. So would anyone care to explain to me?So basically this ...
Hi, I am wondering how the frequency option works. I if i for example choose monthly, how does the counter work, when does it start etc? And a sidenote to this? Isn't there a notification related to this? If so, what its called....i can't find it...
I attempted to create a Smart Assessment on a demo instance but encountered an issue - I am unable to actually view and complete the attestation when I impersonate the individual performing the attestation. What was doneI enabled the system property ...
Hi all In the Risk Assessment Questionnaire, we have the same question/answers for Inherent and Residual assessment. The requirement is, while filling out the assessment, is it possible to autopopulate the Residual assessment questionnaire based on t...
In ServiceNow GRC (IRM), are there any out-of-the-box (OOB) sample risk statements or policies provided that we can use as reference or customize for our organization?I'm specifically looking to understand whether ServiceNow includes any preloaded ex...
