Dear expert, I am facing a problem where entities will keep on generating from my department table records, even tho I have inactive the refer to a record and defaulted it to false. What is the problem causing this?
Please share your use cases and best practices with me for the following: How do you determine (or train users to determine) when a situation should be a policy exception, an issue, a risk, or a combination of the three?Policy exceptions have an OOB ...
Dear experts, I would like to have a target tier of Green, Amber and Red thresholds in the Risk Indicator. But currently the target is just one fields but I wish to have three fields of green, amber and red. And the result is just passed or failed. S...
Hi Community, I am trying to figure out how to use 'External Source' Type - Automated GRC Metric. How to actually implement this? As soon as I select Type as 'External Source', Ther are no further options. Attaching the screenshot as well.Kindly enli...
Hello Is there a way to modify the Risk assessment form in the Workspace, example disable in line comments, add a new column to the list of controls
When tagging an associate with a work note while conducting a BIA, the link in the email notification is not sending the recipient back to the BCM, but rather a different view (not the details tab) where they are not able to take action. Is there a w...
As organizations evolve in complexity, so do the risks that surround them. In today's digital landscape, having a centralized, real-time, and intelligent risk management approach isn't optional — it's critical.ServiceNow’s Integrated Risk Management ...
Dear experts, I am facing a problem when defining a risk assessment methodology for my entity. Currently my client wants to have two different risk assessment methodologies for the same entity. As far as I know, currently the risk assessment methodol...
I have a requirement related to Controls, Indicators, and Issues in ServiceNow. Currently, when I open an Indicator and execute it, if the Indicator fails, it automatically creates an Issue. But my requirement is that the Issue should not be created ...
Hello, I am trying to load data on Control to Entity (sn_compliance_m2m_control_entity) using Transform Maps so that the Reliant entities get added to the Common controls. I am not sure how to achieve this. Can anyone help me on this??
HelloAny one of you dears ever meet this kind a scenario: If any CI in the ServiceNow database meets all the criteria defined in the ENTITY FILTER, does that automatically guarantee that a corresponding ENTITY will be created and assigned to the desi...
I'm creating a RAM in Advanced Risk and want to create the following structure - IMPACT (Group factor) containing 2 Group Factors (Confidentiality & Integrity) and 1 Manual Factor (Availability). Each of the C & I Group factors include manual factors...
Hi, Is there a way to load data using transform map, so that we can setup common controls with reliant entities. So, when we load data for reliant entities, they will get added to the common controls in the related list. Is this configurable or can ...
Hi Team, I found the permissions of GRC Business User role here. Now, I wanted to know the permissions assigned to the GRC Business User - Lite role and limitations or restrictions when compared to the Business User role. If anyone has insights, plea...
This is primarily a proof of concept to explore its feasibility.Is it possible for a regulation to have sub-regulations linked to it? For instance, we have Contoso Regulation 600, which is associated with related regulations such as: Contoso Regulat...
