OOTB - Can we create multiple risk responses of a single response type while it is active or even if it closed. Because I believe the assessment will move forward to monitor after it is closed right? Also just one response per risk assessment and do ...
Hi all, Can anyone provide a meaningful use case around risk appetite, risk tolerance and target risk assessment. Also perhaps steps to configure these. And finally with smart assessment engine, what is the significance of utilizing RAM anymore? And ...
Hi,I've a requirement to populate Availability Ratings prepopulated from Business Application table in the factor defined for assessment.Can any one advise on the script to be used in group or manual factor? I've created group factors for Confidentia...
I have created a button in the assessment workspace, for assessment template page but unable to execute approval request using this button tried to configure event and also tried to do it using data resource but not sure what's going wrong. sharing t...
I was wondering if anyone else has had these issues before with TPRM and what solutions/best practices they have to handle these scenarios.What can be done in cases where the approval user is no longer accurate (usually this is because of someone lea...
I am trying to add a Control Objective in the related list in the Indicator Template form and I am receiving the message "Cannot be added to this Indicator Template."I am not sure why this is happening and not able to locate where the info message is...
Dear experts, I would like to enable the export responses features for the internal assessments being done. How should I do so? Currently there is no feature that allows us to export as excel or even as pdf.
Dear experts, I have set the assessment questionnaire to allow retake but when I perform the internal assessment, it did not have the option to allow retake or a backflow? How can I allow the owner or someone to change the user's response rather than...
My organization is testing out CAM prior to buying. We have had several demos, and ServiceNow is present throughout our environment. We are switching from an outdated GRC tool to ServiceNow for continuous authorization and monitoring. The developers ...
During control attestation, I want issues created when a Control is "Not Applicable" in servicenow. I know OOTB it is via Business Rule and OOTB script include that creates issue record, when the question answer is selected "No" and it sets non compl...
Hi community, as far as I could see, Entity Classes can (or better must!) be assigned by the Entity Type.So what do I do with Entity Class rules? Doc says it determines the class of any new object in a table, so why is assigning a Class via filter ma...
Currently the activity log is used to track completed reviews. We would like to send reminder notifications, but the OOB workflow doesn't provide a way to determine which reviewers have not completed the reviews. Seeking ideas on how to meet this re...
OOB business rule for control status
Is there a low-code approach to making the document templates for some of the Continuous Authorization and Monitoring (CAM) generated reports? We have a requirement to make the generated reports (specifically the SSP Template) more dyanmic. By dynami...
operational resilience management(workspace) - no courses in Now Learning(ServiceNow University). Is the DORA course enough?
