GRC forum

How to add Multiple Risk Assessment Methodologies to a single entity?

I need to perform a task to create three risk records with single entity and three RAM's should be added to each risk record to perform assessment.Any solution ?Thanks,

IRM Issue Manager role is MIA

In Zurich - in IRM - I am looking for the role SN_GRC.Issue_Manager and its not there.What this means is that in an Issue record when trying to add an Issue Manager Group, I cannot add any because the role for issue manager is MIA. Can anyone else pl...

IRM Access - R/O access for Watch List

Hello! I have been getting stuck with an access use case. We leverage a MSP and they have a compliance team that requires read only access to issues that were identified by MSP employees. We have been adding the MSP employees to the watch list and pr...

What Function/Script Sets the Approver for a Policy Exception Extension

Hello!I've recently been asked to review how the approval is being generated for Policy Exception Extensions (and potentially change it). I know that it goes to the person in the "assigned_to" field on the Policy Exception, but what I can't find is w...

Smart Assessment Engine

Hi Everyone!In order to migrate legacy attestation to Smart Assessment, we have an OOTB Workflow - Generate smart assessments for control. This workflow is not getting triggered on updating the state of control to Attest. It's throwing an error - "Ta...

BCM module has complete button inactive for dependency assessments

I have a user who is attempting to complete their BIA. In one of their BIA's, there are no vendors to add in the dependency assessment for that particular BIA. However, the Complete button is grayed out, and they are unable to submit the BIA since ...

How to edit Declarative action 'Risk Assessment' in Regulatory Alert records in Compliance workspace

I am trying to edit list of entities which should show up when clicked on 'Risk assessment' in Regulatory Alert record in compliance workspace. Could anyone help me on how to do it, please ?I am unable find the event which declarative action 'Risk As...

How to change order of related List in BCM

Hi Folks,I need help with reordering of the related list in Business Continuity Workspace(BCM) -> Plan.I have tried updating related list on sn_bcp_plan under workspace view and reordering workspace view rules but it haven't helped.Problem is when I ...

BCM Integration with Everbridge using OOB Connector

Hello,I am working on BCM and integrating Servicenow with Everbridge using OOB connector. However, Only Basic Auth is supported and I have noticed the same limitation with other connectors too. Is there any possibility to configure Oauth for the conn...

Resolved! What Happens to a Policy on the Valid to Date? Is it moved back to Draft state for revision/approval or its retired?

What Happens to a Policy on the Valid to Date? Is it moved back to Draft state for revision/approval or its retired?

OSCAL import error

got the following error when using OSCAL import standard SSP. Alert level: Critical.Profile JSON contains a 'href' tag with a URI reference UUID pointing to a Catalog that cannot be found in the specified Catalog/Catalog Overlay. got exact same ...

IRM Advanced Risk max, min, avg nad sum_calculated_ale

Does anyone know how these four fields for sn_grc_profile table are being filled? max_calculated_ale, min_calculated_ale, avg_calculated_ale and sum_calculated_ale. I found a script include that seems to do it but upon further analyzation and followi...

IRM How can I link/ relate one control to multiple entiies in different entity classes

By managing the control attestations I want to monitor one control which is related to different entity classes. For example entity class Business Processes (cmdb_ci_business_process) and entity class Business Unit (business_unit). The objective is t...

Vendor Risk Management - Licensing

Hi all, I know VRM is now replaced by TPRM, but I need some information about licensing.I am not looking for prices, just the structure. Indeed I know that TPRM works with "transaction", what about VRM? It still uses this approach or it follows same ...

Make documentation read only when working on the business continuity plan

Hi everyone, do you know how I can set as read only an specific documentation section for a bcp. I have 2 sections in this expample and I want to have the 'test text' as read only:

Forum Posts

How to add Multiple Risk Assessment Methodologies to a single entity?

IRM Issue Manager role is MIA

IRM Access - R/O access for Watch List

What Function/Script Sets the Approver for a Policy Exception Extension

Smart Assessment Engine

BCM module has complete button inactive for dependency assessments

How to edit Declarative action 'Risk Assessment' in Regulatory Alert records in Compliance workspace

How to change order of related List in BCM

BCM Integration with Everbridge using OOB Connector

Resolved! What Happens to a Policy on the Valid to Date? Is it moved back to Draft state for revision/approval or its retired?

OSCAL import error

IRM Advanced Risk max, min, avg nad sum_calculated_ale

IRM How can I link/ relate one control to multiple entiies in different entity classes

Vendor Risk Management - Licensing

Make documentation read only when working on the business continuity plan

I do not see option to create issue triage from cl...

What is the primary purpose of attestation service...

AICT Workspace – Take Assessment failing for AI As...

Policy Exception Automatically Closed After Extens...

Where to Import IRS SCSEM Data in GRC/IRM Module

Notifications for Smart Assessments

Due date for BIA smart assessment - to be complete...

Platform Analytics dashboard - list reports show n...

Error Message: Cannot invoke "java.io.ByteArrayOut...

I am currently working on the BCM (Business Contin...

Hi Team, I am currently working on the BCM (Busin...

Hi Team, I am currently working on the BCM (Bus...

Need Help with BCM “Create a Plan” Task – Adding P...

BIA Smart Assessment and Automations

Smart assessment for BIA