GRC Advanced Risk : Sample script to read questionnaire and set values of factors in Inherent assessmenti need sample script to read questionaries' in Risk identification record. The response has to be used to calculate automated script factor. Plea...
Hi, I noticed that Compliance Reader role is not able to read Attestations at all. However, Compliance User role is able to read Attestations. On one hand it makes sense to limit access to the Attestations, as info about non-compliant controls pose a...
Hello all, I tried to deactivate demo entities in my instances. But after a few minutes or so, the entities come back and active. How to deactivate the entities permanently? Advanced thanks!
Hello We are using GRC to create sets of attestations. Then the attestation respondent needs to group them into a single grouped assessment. When the Grouped Assessment is created, the questions are in different order than desired. For instance, t...
How are the Internet ALE and ARO calculated after migrating to Advanced Risk?These fields on the risk statements are also not visible, curious as to how all the risks and scores are calculated in advanced risk.
For IRM professional, the pricing guide mentions "limited" for Advanced Risk . Unfortunately, 'Limited' is not defined anywhere. What exactly are the limitations in the professional license for advanced risk?
Hello, We are trying to improve our GRC assessment process by allowing users to take the assessment directly from the Risk. The issue is there can be multiple respondants to the Risk and therefore multiple assessment instances. We have the code to d...
I am trying to build a RAM (Risk Assessment Methodology) in which I want to have dependency between the factors (questions). For example, if user responds to a question as 'Yes', then we want to show additional questions to the user. Please suggest o...
I have developed a number of RAMs using Qualitative scoring and making use of Qualitative Transformation Criteria and each time I do so I try to figure out what OVERRIDDEN means in the context of Qualitative criteria. I have had it explained to me by...
I am getting this error, when i hit Perform Inherent Assessment button In risk assessment methodologies , although it is published. How do i fix this issue ? @Gunjan Kiratkar@Community Alums
Since I'm admin I see the magnifying glass icon at the top right of my screen to search for particular attestation, control, issue as long as I have an identifier number. My GRC team (non-admins) do not. Is that a permissions thing? How do I give ...
Hello GRC Community!In an Authorization Package, we have added Controls using Control Overlays and as expected, they generate Indicators and Control Tests. ONE control was manually added and it generates an Indicator but not a Control Test. I have tr...
The inherent assessment could not be initiated as the approver is not available. Please contact your administrator to review the risk identification configuration and then try to initiate the assessment again. Although the risk manager is available. ...
Our organization is new to ServiceNow, we are starting to capture Controls. Can anybody tell me what is the purpose of the Category and Type fields in the Controls entry screen? What do you use them for? Thanks for the advice
I need to modify filter conditions(if there are 3-4 records in the risk assessment table for the same risk we need to show only the latest risk assessment record) in the below heatmap. If I'm clicking on the edit option it is redirecting me to UI Pag...
