How to get details of Risk\Control tasks in Indicators. Example with Risk, it has details like State, Owner, Description, Additional Information etc. How to get those values in Indicators with tab "Method" set to "Script". In the figure given, Demo ...
Hi, This ask is with reference to our very known Critical GRC pillar, issue and Actions Management. I believe this is one place which goes hand in hand with every module / app in the GRC space (anything goes wrong can trigger an issue and needs actio...
Hi there, After selecting an option for "Response" when the state is in "Respond" a risk response task will be created. The tasks can be either related to Risk Acceptance Task or Risk Mitigation Task or Avoid or Transfer. I've made the "Response" fie...
Indicator Tasks used to get created based on the next run time on the Indicators of Type manual. But this month tasks are not created for Indicators which have Next Run time as 11/01/2020. I had seen in the community that 'GRC indicator nightly run' ...
Is there a any reference material available that fully describes the Roles available in the Policy and Compliance Module? How those roles relate to the forms and workflows? And do user roles have built in filters give the users full read only capab...
Hello everyone- we are testing the Policy Exceptions and noted after upgrading to Paris that the valid from and to dates won't allow the range to be greater than 30 days; previously we could extend past 30 days- can this condition be edited/removed a...
Hi All, I was wondering how to get the out of the box 'Notify attestation recipient' notification to send out an html email to a concerned user when a control is set to the 'attest' state. Currently I'm only able to get the email sent out if I choose...
Good Morning All, I have a requirement to configure Approval workflow on grc policies [grc_policy] For this, I have designed a workflow and used the approval_user activity. Also, added the Approval related list into the [grc_policy]. But when I exe...
Hi, I want to allow roll up of risks associated with specific locations to the company level here is what I have done: 1. create a new entity class called location 2. created a new entity class rule conecting cmn_locations to the location class 3. ...
Hi All, What is the use of "GRC Profile Generation" scheduled job. use case: Create profile based on Entity filter, other use case I don't know. this schedule job OOTB and run every a hour . Reduce this scheduled job in time if there is any effec...
Hello, Can anyone please explain in detail each and every state of the Issue life-cycle? I am really struggling to find a piece of documentation that would thoroughly walk-through every issue state ( New, Analyze, Response etc.. ) in order to descri...
Hi When creating/modifying a a control there is an option to tick a "key control" box indicating that the control is vitality important. However, when this box is ticked there is no obvious effect on compliance, risk scores, or anything else. Can any...
I created a new update set in DEV environment and unloaded all the dashboard data in that update set . When I exported that update set and imported the same update set in another instance the update set was retreived successfully but there were no cu...
Is there any relation between vendor tiering assessment and vendor risk assessment. Kindly clarirify
Hi, We are migrating from RSA Archer GRC to ServiceNow GRC and I have questions: 1. RSA Archer has a mail-merge capability, how can we create a mail-merge like formatted/structured reports in SNOW? We have been migrating from Archer to SNOW an...