Two VRA getting created in Due Diligence process

Hi All, Just want to confirm that using Due Diligence process, two VRA gets created one for the Third party and another for the vendor manager. Kindly confirm if this is an OOB feature

Customizing the “Assess” Button in Advanced Risk Assessment for Multi-Level Approvals

We are working with Advanced Risk Assessment (ARA) in IRM, and we have a two-level approval process configured for risks. When we click the “Assess” button on a risk record, is there a way to add custom fields to capture or display the two levels of ...

how to work Business Rule

Risk relevance field and its usage

Hi, I would like to better understand the purpose of the Risk Relevance field on the Risk record, and why it is OOTB hidden when “Inherit from Risk Statement” is set to false.  Does this behavior imply that Risk Relevance is not applicable at the Ris...

IRM - Issue Management

Hi Community — I am looking for an IRM Issue Management implementation guide, as well as information on OOTB issue fields, configurations, and notifications. Please guide me.

Can we configure UI Action or declarative action on the assessment workspace

Hi Experts, Am stuck with a requirement to create a workflow on the assessment workspace to create a UI action/declarative action and send the newly assessment to the approval before generating assessment instances to the users. Am unable to create U...

Save option not available in the Form context menu of Incident

Hi Team, In my ServiceNow instance, on the form context menu "Save" option is not visible for new Incident form.  If i am enabling the property ("glide.ui.advanced") then only it's visible. But when i checked in PDI, this property is not enabled then...

ServiceNow AI Control Tower is free with Now Assist

Hi, Can anyone confirm if ServiceNow AI Control Tower is free with Now Assist and what are it's capabilities and how we can utilize it for AI Governance.

Inherent Assessment score in Risk Identification vs Inherent score in Risk record

How does the inherent assessment score on a Risk Identification (RI) record relate to the inherent assessment score on the Risk record?In ServiceNow GRC / IRM, when a Risk is created from a Risk Identification record, does the inherent assessment sco...

Should entities be mapped to Service Instance or Offering level

Hi, A customer I'm working with is using "legacy" GRC and the Policy & Compliance module where the application owners attest their applications (entities) against defined security controls (control objectives). CMDB is aligned with the ServiceNow CSD...

Display info message on Risk Event record when a Risk Event Entry is added

Hi Team, I want to display an info message on the Workspace Risk Event record when a Risk Event Entry is added in the related list.    After it is saved and created then I want to display the message as "Please review the 'Risk Event Impact' as the n...

Managing Business Application's Public Records Compliance Ability

We have a new requirement to assess business applications on a repeated interval to determine their ability to comply with public records requests. Questions that need to be answered for each business application includes "Does the application suppor...

No records to display when user applied the filter on Risk Event Tasks table

Hi Team, As an admin, I got the records if I apply the filter (Risk Event (sn_risk_advanced_event)-> "Date first moved to approved" (custom field) relative before 180 Days ago) on Risk Event Tasks (sn_risk_advanced_mitigation_task) table. But as a Ri...

What is the difference between the risk and risk statement (advance risk assessment)

What is the difference between the risk and risk statement (advance risk assessment) any proper example.