Hi All, I have configured the following in the system. - Created an Assessment Metric Type, with an associated Metric Category and Metrics - Created a Flow in the Flow Designer to trigger an Assessment based on the above Assessment Metric Type Th...
Hi, Can we automatically assign control objectives to entity base on trigger conditions. For example, the computed inherent risk > 6, it should create a control objective to its entity. Is this possible in GRC? If yes, what functionality in GRC shoul...
Hi Everyone, Can someone provide sample of a sample script for GRC: Advance Risk - Automated Scripted Factor. I have this requirement to automatically calculate the score of a company. Example: If company is greater than 5 years it would score 10, el...
How are controls and Risks related in ServiceNow. We have a process to implement where I am trying to Map compliance obligations to business processesIdentify and categorize inherent risk of non complianceCreate assessments for compliance riskAssess ...
Why does a 'risk acceptance' response require an additional management authorisation / approval step vs. 'risk mitigation, avoidance and transfer' and can the system be configured so these are aligned?? In our business the person with authority ...
Hi All, I am trying to create an assessment metric type with several questions (metrics). The assessment will start with 3 Yes/No Type questions and I would like to show the rest of the questions depending on the answers on this 3 questions. Serv...
We are looking to get started with using Policy and Compliance Management for COBIT 2019. We are a long time GRC customer, back to the very first release, and are looking to upgrade to the latest version of GRC. Unfortunately, we won't be using UCF s...
Is there a way to set-up the portal to allow users to submit a GRC Issue as an anonymous user?
Hi All, I want to bring the UI action 'Take Assessment' on compliance workspace as well. I am able it bring in on assessment form but nothing is happening when i am clicking on that UI action. I am getting correct log values. But I am not getting wa...
Hi Folks, I am using attestation designer in GRC ServiceNow.Just like a survey has trigger conditions , I want to know how the attestation is getting triggered in Control form when the state goes from draft to attest.
As the tool is expanding, I know there is Risk Integration with Change Management, APM, and PPM. Are there other integrations with other Modules as well? Thank you
Hi everyone, We are having a requirement as below: 1. Is it possible to trigger multiple Inherent Risk Assessment from a single Risk Assessment Methodology? Also, after the assessments are completed, we are looking for score aggregation. 2. Is it p...
Hello Experts, First of all please accept my apologies as the following post/question may not be clear. My team and I have recently deployed the Advanced Risk Management module for our colleagues from the data governance department. Following the req...
Afternoon We have mapped a number of Controls to Risk within the GRC platform, could you advise if it possible to create an indicator that would highlight to the risk owner when a control becomes non compliant. This would allow the risk owner to the...
Is there a recommended way of performing entity scoping (besides manual creation and management) if the CMDB is not mature today and waiting for it to mature is not an option?
