We've been trying to get the GRC Attestation OOTB assessment notification firing when the control state changes to Attest. We have tried various workarounds including changing the Notify Assessment User BR to include "Attestation" and changing the O...
I have an issue with vendor risk assessment process. One of the vendor using the vendor portal has partially completed the vendor risk assessment. Now due to some problems he is unable to access the assessment record. The vendor has not hit the Submi...
[OOTB] I noticed that the Related Lists for the Entity Type form contains duplicate items. These duplicate items are illustrated in the screenshot below. What purpose do these duplicate items serve?
Hello Group,Sorry if this has been answered already, but I couldn't find a related post. I am using my developer's instance to create a test audit environment for my company as a use case. I did the following step:I loaded the appropriately GRC plugi...
Can someone explain what happens after a policy expires? Do you need to create a new Policy or can you update the expiration date? What happens to the Controls that have attestations? Do they all get reset? We have a policy that states that Service C...
I teach the GRC courses and I get this question a lot and some of the answers are the same for all the exams. The common answers are: Review the exam blueprint (How to get to this is at the end of this article)READ the book - both the slides and the...
My org has a set of policies on the website and some are in the documents. Is there a way to load the data into ServiceNow?
Hi All,i am facing the issue while importing the date type data in to service now.it is giving me error.Please help me to rsolve this issue.can we write any script to bring it into yyyy-mm-dd format?
We are in the process of re-invigorating our GRC Data. As a part of this, we need to clean up the GRC Profiles and GRC Profile Types. As an example, we have 4 Profile Types and 40,000+ Profiles under each profile type. There are several items that a...
Hello, I noticed that on the CIS RCI blueprint for the exam Policy and Risk management Lifecycles are mentioned, however, I was unable to find any slide about this in the participant guide from the beginning of September. Can someone point me to some...
Hi, I'm reviewing the following but cannot follow the steps described on my dev instance/london. https://community.servicenow.com/community?id=community_article&sys_id=0f7ce2e1dbd0dbc01dcaf3231f96192f Specifically these steps: - Get the list of table...
We have not subscribed yet to UCF for our implementation. We are still evaluating. My Compliance area has asked if there is integration with ACLI/American Council of Life Insurers or NILS is Wolters Kluwer. Our Compliance area gets daily update...
Hello, I have been tasked with assessing the controls for ServiceNow (they are providing service to us). As a result, I need access to SOC 2 Type II (full report) and ISO 27001 documentation (including Statement of Applicability and the testing resul...
Hello, Could you please advise if there is any new ISO27001 certificate available. I only found those covering 1st Sept 17 to 30th Sept18 and ISO27001 certificate only until December 2018. I'd like to know if you're currently being audited for new on...
Hi all, Need one very quick help. Can i have multiple controls linked to 1 Policy Statement (Control Objective) which is tied to a Profile Type (Finance) and i don't check "Create controls automatically", and lastly i create controls manually, link i...
