Role and Group naming conventions
We are setting up groups and roles for Policy, risk management and vendor risk management. What is the best prefix to use on the role and group names, GRC or IRM? What do other clients use?
Forum Posts
Resolved! Annual Disaster Recovery Test Results
Hi. I have been told that annual DR test results are published on the CORE portal of SNOW. However I am struggling to find these. Can anyone please point me in the direction of where I can obtain these from? Best regardsQasim
Resolved! Questionnaires not being shown up in VDP portal
Hi All, I need one help. In vdp portal, vendor contacts are unable to see the questions assigned to them by the assessment template. Does anyone have any idea on why I am getting below error? Issue: When clicking "Submit to vendor" in the Vendor Risk...
Resolved! UI Policy on GRC Attestation Form
I am trying to figure out how to make a couple fields not mandatory based on another question's answer. Using the Attestation Designer, I can make the fields visible or not. In our case, we want "Explain" and "Attach evidence" to be visible, but not ...
Resolved! Background colour in fields
Hi all , I want to add some background colours to some fields based on the score in some another field.For e.g the score fields value is 1-5 then the background colour should be green and if between 6-10 it should be yellow. How can I add colours in ...
Resolved! Control & Attestation Creation and Schedule
Hello Expert, I am working on building the controls and attestation module for our customers. As I understand, if I have a control, with a frequency, it keeps creating attestation based on the frequency every cycle. My question is, 1. if an attestati...
Penetration Testing, Compliance & Cybersecurity Review query
Q1: I read the article on HiPortal around what ServiceNow doesn't allow to do in penetration testing like no network layer testing, no DDoS etc. However, we may hire someone externally to do the pen testing on one of our sub prod instances, but would...
Resolved! Invite Contact functionality is not working as expected in vendor portal
Hello, We noticed during some testing that vendor contacts are not able to invite others from the vendor portal. When attempting to invite a new contact, the form will show a green "Updated" banner (see screenshot below) rather than the banners sayi...
Resolved! How is the GRC issue related to GRC indicators
Hello, What is the relationship between issue and indicator in GRC? Thanks.
Resolved! How can i make Yes/No datatype by default the answer as no in Assessment metrics
Hello i need to make yes/no data type by default answer to no in assessment metrics.and the field should be invisible to questionnaire responded unless the field right above is completed
Resolved! Automatically generate controls when relating an entity type to a risk statement
Hi Community, I currently have an issue with the risk mangement Here is the situation (DEV-Instance):- I created a risk statement and related it to a control objective, which is active and creates controls automatically- I related an entity type to t...
What is the purpose of relating control objectives to policies?
I am weighing an option of not relating control objectives to polices in our environment. I understand the the basis for relating is control objectives to policies may be: 1. The related control objectives provide the foundation for the policy. On...
Resolved! Entity Filters missing Tables from drop down menu
I have sub-Prod instance which was recently upgraded to Orlando version. When trying to add a Table to new Entity Type Filter, the only option shown is None. Verified that all entitlements are available in this instance. Is there a property or anoth...
Resolved! Dot.Walk tags in a report filter
Greetings helpful people! I'm looking to write a report that shows indicator tasks that includes the control objective name and is filtered by tags applied to the control objective. I've got the first part (indicator tasks with control objective name...
Resolved! How to change the Inherent Risk Score calculation in Advanced Risk Assessment?
Hi Team, We are trying to use a custom scoring logic to calculate the Inherent Risk in Advanced Risk Assessment Instance. We understand it gets calculated from Impact & Likelihood factors. But tried to find out the relevant business rule but failed t...
