In ServiceNow IRM, if we have a control and want to perform an attestation with a control owner, the current outcome we receive based on their inputs is either 'Compliant' or 'Non-Compliant.' I was wondering how I can change the outcome to 'Effective...
Primary and secondary alerts are created due to correlation. Currently when Primary Alert is closed it automatically closes all secondary alerts. Client want secondary alert should be closed first, then only Primary alert should close which will then...
Hi Team, Is there any clean documentation on how repeating assessment process works in TPRM? What scripts/ BR and other technical components are used to trigger repeating assessments? I see the assessments takes 6 months as default? but how this can ...
Hi, Does anyone help with linking custom action to SAE, as I see no actions available. I have linked the flow cateogry into action category in template category record, still it is not showing in SAE automation. Thank you,Arkesh
Hi, Looking for documentation on the capabilities that were changed/renamed, introduced, and retired as part of VRM being rebranded into TPRM
Hi All, I want to leverage the Help section in the top-right corner of the screen for my users and point them to our internal Documentation for ServiceNow IRM/GRC. I would like to have this based on the form the user is on, Issue, Policy, Engagement...
Hello GRC Community, During a control attestation campaign, I've noticed that some attesters don't complete their assessments, which results in certain controls remaining stuck in the "Attest" phase. Is there a way (excluding Fix Script) —either via ...
Hi,Requirement: I want to automate the process of risk assessment scope and risk created should be making use of that scope. Currently I've configured Entity Class >> Entity type and entity filter based on business application and when the scheduled ...
I am currently exploring the implementation of the Secure Controls Framework (SCF) in our organization. While conducting my research, I came across the Autorotative sources and control objectives on the official SCF website (https://securecontrolsfra...
Dear Experts,Does anyone know how to add new fields in the control table in the risk assessment form (control assessment tab) as shown in the screenshot below. I have surf the community and has prompt me to edit the UI page related to this but since ...
Dear experts, I would like to know whether this GRC Vendor Portal plugin is expired or changed its name? Because I could not find this plugin even though I type in the ID of this vendor portal. I already installed the vendor risk management plugin, a...
Hi,I want to schedule assessments with multiple assessors. In assessment scheduler, i do not find an option to specify multiple users under assessors as in assessment scope. Can anyone please suggest how this could be done? Regds,Shanker
Hi Everyone, Can anyone provide me policy management lifecycle detailed document?Lifecycle comprises of all five stages - Draft , Review,Awaiting approval,publish , retired.How policy moves from one state to another ,which business rule gets activate...
Is there a way to bring the "Implementation" UCF Common Controls into IRM along with the "Mandated" and "Implied" common controls?
What is ServiceNow's stance on the best way to integrate updates to UCF in ServiceNow? If we have a control objective that we are actively using, and UCF remaps their common controls in a manner that removes that control objective IRM from our baseli...
