I have a requirement suppose there is a new regulation coming for an organization and need to create new control objective and also new controls in an organization. Where is the that step in the control lifecycle where control owner needs to set up/c...
Hi there,I need clarification regarding GRC Business User Lite activities in relation to Advanced Risk Assessment.For one of our clients who is currently on the Xandu version (with no immediate upgrade planned), we want to confirm:Can a user with the...
I have a requirement on the due date of responding to attestation, if control owner/ respondent want to revise the due date of attestation how can he do that ? Because due date is coming from the attestation selected at control objective which is sam...
Hi All,I am facing two issues when using the "Set Component Value (Custom UI)" test step in ATF:When selecting assessment metric values, the component displays duplicate assessment metrics.While running the ATF, it throws the error: "assessment metr...
Hey all- my GRC team is publishing their Policy & Compliance documents into multiple categories under the GRC Knowledge Base. They have some categories that are suitable for public consumption (snc_internal) and others that need restricting for grc ...
I found a few practice exams online, but the provided answers are very questionable.Some basic answers that seem straight forward, but they have select the wrong answer. That makes me question the integrity of the other questions that I am trying to ...
Hi community,Hope that if you're reading this, you're doing well. I'm doing a Regulatory Change Management implementation and I'm thinking about using Smart Assessments instead of Risk Assessments because my client doesn't really have a Risk Assessme...
Hi,Anyone currently using Business Continuity Management module in their organization? i would like to ask some questions regarding the functionalities and usage, especially if you are in North America Thanks
I want to add the Implementation Statement to the SSP, but can't seem to figure out how to do that.Any help would be greatly appreciated.
We have been trying to add basic CI information to Business Plans: Owner for Applications, IP address for servers, and so on. ServiceNow insists it can be done. Has anyone been able to show this level of detail in the BCM module?
Hello everyone, I’m having an issue when trying to display data in a Data Visualization. I’m building one from the cmdb_rel_ci table, and when I try to show any data from the parent field related to cmdb_ci_business_app, the data shows up as null or ...
I can't find a DORM forum, so assuming this is the correct space? Q: What is the script driving the DORM data flow highlighted below? Context:The Register of Information within DORM (Digital Operational Resilience Management) leverages the [core_comp...
Hi Team, Need to know the use of the field "Methodology for status calculation" in the section Risk Appetite status within the Risk Statement form. There option for to select only one Risk Assessment Methodology in this field.1. What is the impact if...
Hi, I am setting up the Compliance Management workspace for the first time on Yokohama and am having errors while navigating the workspace. The type of error I am receiving is 'Part of the query on sn_grc_profile has been ignored because of insuffici...
Hi Team, When I add an entity manually to an entity type which is associated with control objective, generates a control for that entity.Please help me to understand the underlying process. How the control is generated and with the control owner as a...
