Hello all: I've been struggling with how to properly categorize risk by the Risk Framework in the GRC Risk Application. I've taken the GRC Fundamentals class and the examples of Risk Framework categories were: 1. Physical and Environmental Threats ...
#grcDescription: As a Risk management process Owner, I need the COBIT 5 risk framework installed so that I have an initial risk framework to build from.Acceptance Criteria: I know this story is complete when I see the COBIT 5 Information in the Insta...
Has anyone dealt with automatically-generated audit issues (IPT, labeled as "Issue created from Group by Control Owner")? If the issues is manually generated, is this not redundant? Thanks!
We are doing a ServiceNow/Slack integration and created a scripted REST service that Slack requests from. However, these requests technically are coming from Slacks servers who use AWS. Their IP addresses are dynamic and constantly changing.Becau...
Hi Team, We are trying to integrate Servicenow with Big ID and we thought of listing out steps as below, 1. Big ID Integration (Configure Data Source(s) and pull data into Servicenow) 2. Transform and Map Big ID data to CMDB tables(Asset and Business...
Hi, I have a question about creating a risk when my control status becomes Non - compliant and an issue is created. From my understanding, when a control owner attests a control and the control status changes to 'Non - compliant' -> An issue is aut...
Hello, SNOW Experts, I am new to SNOW GRC. I noted that we have a sys_choice table (OOTB) in SNOW and a grc_choice table (OOTB) in SNOW GRC. I would like to know: 1. What is the difference between two choice tables (sys_choice table vs grc_choice...
How to get details of Risk\Control tasks in Indicators. Example with Risk, it has details like State, Owner, Description, Additional Information etc. How to get those values in Indicators with tab "Method" set to "Script". In the figure given, Demo ...
Hi, This ask is with reference to our very known Critical GRC pillar, issue and Actions Management. I believe this is one place which goes hand in hand with every module / app in the GRC space (anything goes wrong can trigger an issue and needs actio...
Hi there, After selecting an option for "Response" when the state is in "Respond" a risk response task will be created. The tasks can be either related to Risk Acceptance Task or Risk Mitigation Task or Avoid or Transfer. I've made the "Response" fie...
Indicator Tasks used to get created based on the next run time on the Indicators of Type manual. But this month tasks are not created for Indicators which have Next Run time as 11/01/2020. I had seen in the community that 'GRC indicator nightly run' ...
Is there a any reference material available that fully describes the Roles available in the Policy and Compliance Module? How those roles relate to the forms and workflows? And do user roles have built in filters give the users full read only capab...
Hello everyone- we are testing the Policy Exceptions and noted after upgrading to Paris that the valid from and to dates won't allow the range to be greater than 30 days; previously we could extend past 30 days- can this condition be edited/removed a...
Hi All, I was wondering how to get the out of the box 'Notify attestation recipient' notification to send out an html email to a concerned user when a control is set to the 'attest' state. Currently I'm only able to get the email sent out if I choose...
Good Morning All, I have a requirement to configure Approval workflow on grc policies [grc_policy] For this, I have designed a workflow and used the approval_user activity. Also, added the Approval related list into the [grc_policy]. But when I exe...
