Hello Experts, We have this flag exempt. But I am not sure what is the business use of this. I know that if issue is accepted, an exception needs to be created. But Who sets the exempt flag? What happens if exempt flag is checked? Does it not gener...
can anyone explain about below four integrations.which is better and why, what does it brings. ions
I understand that the sn_grc roles are changing in Orlando (per this post https://community.servicenow.com/community?id=community_blog&sys_id=7d07e198db4b0cdc5ed4a851ca961994)The question I have is based on the following scenario. I have two differen...
Hi All, We are in the process of implementing Risk Management and have a custom rating matrix as shown below. Depending on the Likelihood and Impact the score should be A, B, C or D. Can someone please suggest how to adjust these values in the Risk C...
We are debating whether to setup our internal Quality Manual (which contains our basic IT general controls) as a Authority Document or a Policy. Is there a reason why we couldn't\shouldn't setup as an Authority Document? Appreciate any suggestions.
hello all, We recently installed few grc modules and I am trying to figure out the hierarchy of risk levels and tables. We have some custom framework already set up and we have Risk levels 1,2,3,4 as individual tables. Do we have such hierarchy in gr...
Why we have control objective in citation. can anyone give me an example and explain
How do I delete Entities that are not related to any other record. I cannot even remove the Entity Filter in the Entity Type. We are going through a clean up effort on old data before we launch our go-live and this is the last remaining piece. Any he...
Hi, What is the purpose of GRC indicator and indicator templates? How is the indicators in Policy and Compliance related to Audit mangement indicators? Thanks.
Hi, I'm looking to move data from RSA Archer to ServiceNow. Please share any data migration experience/challenges you had experienced. Thanks, Ashraf
Hello all, I am attempting to successfully trigger risk indicators of type manual. Triggering this indicators should in turn create indicator tasks which are also not being automatically generated. I have already activated the 'GRC indicator nightly ...
Hello Experts, I'm learning how a scripted Indicator works. But facing the issue, help me to figure out. Error : com.glide.script.fencing.access.ScopeAccessNotGrantedException: read access to sn_grc_profile not granted Log Script include. in...
Hi, What is the role required to access attestation results for a control? sn_compliance.admin doesnt let user to view attestation result. Thanks.
Hi All I need some guidance urgently . When my policy exception record is getting expired ( valid to field expires ) , my policy exception is moving to awaiting approval . I want the policy exception record to move to closed . I have changed the P...
Does ServiceNow provide any Graphical viewer of all authority document, citations and control objective? Right now the way it pull everything to CMS, it is very difficult to view everything in a single view.
