GRC forum

Resolved! How to hide UI Action Button 'Create From Library' in Control Assessment tab.

Dear experts, I would like to know how do I hide this UI Button "Create from Library" from the control assessment tab.

How to use UCF controls (control objectives and citations) in a ServiceNow audit engagement

Can someone provide an example of how to use the controls (control objectives), which UCF generates in the ServiceNow IRM tool, for an audit engagement? Currently, before UCF integration, we manually uploaded ISO27001 controls and have been testing t...

UCF Integration - 'Implementation' type controls are not being imported

Hello everyone, During implementation of 'UCF integration', we have noticed that only 'Mandated ' & 'Implied' type control are imported into the Control Objective table.Is there any restriction for 'Implementation' type control import? Please provide...

BCM

In BIA we're having assessments can we show in the portal? if yes how we can show

AI Control Model-AI System- AI Assessment

I am exploring the AI System and AI Assessment, So we can create a new template using the Assessment workspace but how do I select that for this particular AI System this assessment should be triggered insist of AI Impact Assessment as it is selected...

AI Control Tower- AI Model tasks are not created on reviewing it

I am exploring the functionality of the AI control tower and AI Risk and Compliance and once I am creating the AI Model and changes its state to review then the lifecycle of model is started. So I want to know if tasks are created in the assess ,buil...

Manual Metric Definition - KRIs

Hello All, I have a requirement related to Manual Metric Definition.Need to create a manual metric definition with type KRI. Here I have multiple threshold to define in AND/OR condition.I have tried calculated metric, advanced metric but didn't find ...

Difference between "Risk Event" (Advanced Risk) and "Compliance Case Management" (GRC)

Hello Community,I'm trying to understand the core differences between two functionalities within ServiceNow GRC:・"Risk Event" from Advanced Risk・"Compliance Case Management" from GRCFrom my perspective, while the detailed statuses might differ, the g...

Resolved! Transforming Risk Management with ServiceNow: From Manual Oversight to Intelligent Automation

By Bill Martin | TechTalk with Bill | ServiceNow Certified Instructor & Advisory Consultant Managing risk in a rapidly evolving digital world isn’t just a checkbox anymore — it’s a strategic advantage. With ServiceNow’s Integrated Risk Management (IR...

How Compliance Score is Calculation in ServiceNow GRC

Understanding Compliance Score in ServiceNow GRCIn ServiceNow GRC, the Compliance Score provides insights into how well the organization is adhering to defined control objectives and how those controls are being enforced across various entities (like...

SCTASK Approval Flow Customization for IRM Catalog Item

Hi Team, We have a requirement within IRM to develop a catalog item. The catalog form has been created, and we are currently working on configuring the approval workflow. Upon submission and managerial approval of the request, SCTASKs are to be gener...

Understanding GRC Architecture

When working with Governance, Risk, and Compliance (GRC) in ServiceNow, one of the most important things to understand is how the underlying data model is structured. The slide we’re looking at provides a high-level overview of the core tables that...

What triggers the approval flow for risk mitigation task?

Im currently trying to understand how the risk mitigation task generate the approval.once it has move to review, is there a scheduled job that automatically set the state to waiting approval?

How do I create a one month or 1 week reminder to trigger the email notification?

Dear experts, I am currently stuck in the condition field where I want the system to fetch the date one month before the field value under the sn_risk_risk form u_risk_due_date field value, where it will trigger the email to be send one month before ...

Resolved! How do I maintain the fixed query while using the list of records' filter condition in a module?

Dear experts, I have two separate forms in the risk record, where if technology risk is true, then the form fields will be different, but I wanted to create a module where it is technology risk created by me, but when I try and use the sysparm_fixed_...

Forum Posts

Resolved! How to hide UI Action Button 'Create From Library' in Control Assessment tab.

How to use UCF controls (control objectives and citations) in a ServiceNow audit engagement

UCF Integration - 'Implementation' type controls are not being imported

BCM

AI Control Model-AI System- AI Assessment

AI Control Tower- AI Model tasks are not created on reviewing it

Manual Metric Definition - KRIs

Difference between "Risk Event" (Advanced Risk) and "Compliance Case Management" (GRC)

Resolved! Transforming Risk Management with ServiceNow: From Manual Oversight to Intelligent Automation

How Compliance Score is Calculation in ServiceNow GRC

SCTASK Approval Flow Customization for IRM Catalog Item

Understanding GRC Architecture

What triggers the approval flow for risk mitigation task?

How do I create a one month or 1 week reminder to trigger the email notification?

Resolved! How do I maintain the fixed query while using the list of records' filter condition in a module?

Adding Control Implementation Statement in SSP

Business Continuity Management - Add basic CI info...

Q - DORM Data Flow from Core_Company to Legal Enti...

"Workflow" tab in Vendor Management Workspace

GRC Control Playbook Brainstorming

Evidence Request Frequency?

Role needed to take control attestation

How attestation and indicators are different ?

Indicator Task due date

What is Smart Assessment Engine, how it is differe...

What does the exempt feature do in control table?

IRM/GRC - Associating Controls with Business Appli...

How do I change the field background colour?

1st line control testing

Adding Reliant Entities to Common Controls in Revi...