Hi All, Can someone help me understand how residual score and calculated score are updated based on controls tied to risks? Is control compliance factor and risk factor used in this calculation ? Does this update even before controls are added to mit...
Is there a way to link back to the Control/Profile in the actual Attestation? Example, we need all Service Catalog Items validated, I have setup a Profile Filter on the sc_cat_item table and I've got Controls created. Is there a way to add a link eit...
Hi Community, could someone explain why the "original" risk scores seems to be saved to related risks when Requesting Risk Assessment on a Policy Exception. There seems to be following fields (not visible on form) in the risk table that i can not fi...
Can anyone please tell me the purpose of policy exceptions? How are they linked to policy ? And who can create policy exceptions and the roles required to create them? If anyone can share any link to the document that would be so helpful. Thanks
Hi All, I'm trying to create a control objective, controls and indicators to verify my policies are not passed their valid to dates. so I have done the following: 1. Created a control objective 2. created an entity type that is pointing at the poli...
i have to create a notification, which gets triggered when a control goes into assess state.This notification should be received by the assessment responder. Email template:- Notification When Assessment Created for the Control Trigger Control.St...
I have 2 questions:-1) what is the role of priority field in issue form and what are its impact on other modules. 2) what is the purpose of Remediation Task in Issues Module, how does it affect an issue record. Thanks,
In my personal Dev environment I am no longer able to set up filters for my Entity Types because the NEW button is missing on the 'Entity Filters' tab. I did find that one of my Entity types seemed to be stuck saying 'controls and Risk were being Ge...
Hi, While we generate Risks from Risk Statements. Just wondering if there is way to move risk state from Monitor back to Draft automatically, like how we do it for Controls? I don't think there is any frequency concept in Risk Management App as such,...
Hi all , I want to know the use of the risk roll up and tolerance in risk statements and entities , is the risk rollup and tolerance in these two modules inter related? Or is the Risk Rollup anyhow dependent on the Risk score generated in Risk Statem...
Hi All, Can I know how we can achieve RCSA in ServiceNow GRC solution? It will be great if someone can explain the lifecycle of the Risk Management use case starting from entities up to roll up values. Thanks in advance
I have a policies in which whenever I create a new policy it gets published and the KB article is also available in the knowledge base , but there is a workflow field in knowledge base which shows the status in draft state even though its published.I...
I have found out that the inherent likelihood and inherent impact is referencing to the risk criteria table , I want to know why is it this way ? I want to know the entire functionality behind this , and if possible the entire risk management ? Is th...
I found an old post that provides information about Compliance Reports, in particular, SOC 1 TYPE 2 Report from ServiceNow https://community.servicenow.com/community?id=community_article&sys_id=350f2115dbe9a300107d5583ca9619ae I looked at the https:/...
Can you confirm what are the roles within the BCM module? For e.g. a Risk Module has Risk Admin, Risk Manager etc?
| User | Count |
|---|---|
| 4 | |
| 3 | |
| 3 | |
| 3 | |
| 3 |
