Resolved! GRC Tutorials
We are planning to implement GRC Policy and compliance ,I am newbie to it ,can anyone help me with some good reading docs,I have gone through community and read some articles but I am looking something more advanced.
Forum Posts
Resolved! Examples of FAIR methodology implemented within SeviceNow Risk Management or Advanced Risk?
Hello! Does anyone know of examples where a ServiceNow customer has successfully implemented Risk Management following the FAIR methodology? I know there is a RiskLens integration available to bring in additional risk data, but it seems to be supple...
Resolved! Not able to add background colour for the field
Hi all, I have a choice field which has four values 'Low,medium,high,critical', as per the value selected I have to display background colour in that field.I have Configured styles accordingly but still it doesnt show the background colour. Can anyon...
Create an email notification for when a policy is due to expire in 1 month
I need to create a new email notification for when a policy is to expire in 1 month. Please can anyone help. I have gone to notifications, selected the table sn_compliance_policy Send when - Event is fired Not sure of the event name Condition - Vali...
Resolved! Security of the Vendor Risk portal
Does anyone know of a 1-page architecture diagram that illustrates the security of the Vendor Risk service portal?
Resolved! Controls Objectives to Entity Types
After we have defined an Entity Type filter, we need some guidance on Entity Scoping> Adding related Controls Objectives. Here is what I understand: 1. When a Policy is added to an Entity Type, all of the Controls Objectives from the Policy are adde...
Resolved! How is Default Approval for the Policy Exception is routed to Control Owner and requestor's Manager ?
Hi Team, I see that whenever a Policy Exception is created, within the GRC Application. - The Approval is triggered to the Control Owner and Requester's Manager. We want this default behavior to be routed to different users for approval based on the ...
Resolved! What is a Profile Tier Level?
Hi, What is a Profile Tier level and how do you set it? Thank you.
Resolved! Approval process on policy exception
Hi team, I have three questions in regards to policy exception: How approval process for policy excpetion is controlled in GRC. What if I want to modify the default OOB behavior that if there is no approval rule configured instead on going to req...
Resolved! Residual Risk Scoring.
Hi All, Can someone help me understand how residual score and calculated score are updated based on controls tied to risks? Is control compliance factor and risk factor used in this calculation ? Does this update even before controls are added to mit...
Resolved! LInk to Item/Control in Attestation Designer
Is there a way to link back to the Control/Profile in the actual Attestation? Example, we need all Service Catalog Items validated, I have setup a Profile Filter on the sc_cat_item table and I've got Controls created. Is there a way to add a link eit...
Resolved! Risk assessment at Policy Exceptions
Hi Community, could someone explain why the "original" risk scores seems to be saved to related risks when Requesting Risk Assessment on a Policy Exception. There seems to be following fields (not visible on form) in the risk table that i can not fi...
Resolved! What is the purpose of policy exceptions?
Can anyone please tell me the purpose of policy exceptions? How are they linked to policy ? And who can create policy exceptions and the roles required to create them? If anyone can share any link to the document that would be so helpful. Thanks
Resolved! Relate indicator supporting data to the entity
Hi All, I'm trying to create a control objective, controls and indicators to verify my policies are not passed their valid to dates. so I have done the following: 1. Created a control objective 2. created an entity type that is pointing at the poli...
