Hi All, I have a client scenario where one child Risk Statement has more than one Parent Risk Statement. The issue is that the Parent field on the Risk Statement form is a single reference field. Any idea, on what would be the best course of a...
I am implementing SAM & HAM from Scratch in my organization so what are things I need to consider ? Any reference Documents that will help me ?
Please can someone explain how the 'Mitigating Controls' related list works when creating a policy exception?
Hello - As I understand, ServiceNow support free SCF (Secure Controls Framework) to manage compliance and also support subscription to UCF (Unified Compliance Framework). Do you use SNOW RMF to assess against SCF or UCF or some other compliance fram...
need to write business rule. for entity which has applies to record field it is dependent on tables.. when we trying add any cmdb_ci(parent table) tables the field owner will be populated in an entity owner field,.. for this we need to write BR for...
Hello community... Situation: I am building entities for SOX compliance and querying the cmdb_ci_database table Is there a way for me to easily bring in databases that are in scope for SOX controls without having to use and populate a custom attribut...
Hi, We are trying to trigger both On boarding and detailed assessments from business service form once it is created and we provide this flexibility through a UI actions (buttons). We configured triggers and actions in flow designer. But is there a...
We have a CI audit module(desired state) in compliance application , which helps "Desired State performs scheduled or on-demand audits of CMDB data to determine which records match the expected attributes, CI relationships, and relationships to other...
Hi All I writing a control indicator on the sys_user table . As per the attached screenshots , the option to fetch supporting data are very limited by giving a simple condition . My query is , how can i write a script for fetching supporting data f...
Hello, I'm curious to know how your company uses the Policy Exception form within the Service Portal. Currently ours is shown below and we feel this is too much for the requesters to know and understand (control objective, policies, etc.). We have...
I have activated the VRM module in our test environment for us to evaluate the tool. We currently use the Contract Management module in ServiceNow and have all of our Vendors and their associated contacts entered as part of it. In the Vendor Risk m...
Please can you suggest an idea why the Indicator form does not show Indicator Tasks and Indicator Results tabs? they are selected on the form to be shown together with the Content References. Nightly scheduled tasks is true and the scheduler is runni...
How can I change the attestation of a control objective. The control objective is active, related to a policy, has two related controls (one retired, one draft). I am member of the compliance_admin group, but I am not able to change the attestation....
Hello - I am looking in Now Create and in the partner portal to see if I can find some tips or guidance on the creation of Entity Types. Can also be any other insight. Anyone can point me in the right direction?
I am trying to figure out the relationship between the Business Continunity Module and Major Incidents. I am curious if there is a way for the resolution teams to pull over into a declared/promoted Major Incident that would pull from the BIA/Busines...
