Forum Posts
Assessment Approval Configuration (Third-party Risk Management)
The assessment needs to be approved before submitting to the third-party. What do you recommend as the filter condition for the assessment instance in the approval configurator? Any other options to make this happen?
Trigger a BR after all records are updated
Hello,I’m facing an issue with my Business Rule, and I’m not sure how to resolve it.Here’s the scenario:I have a questionnaire for a Risk Assessment (4 questions).When a user fills it out, it creates or updates records in the asmt_assessment_instance...
Automated Scripted Factor for Non-Compliant Controls
I have created a group factor to assess individual controls on a risk assessment. The group factor contains a manual factor (manual selection of control effectiveness) and an automated scripted factor (to check if the associated control is non-compli...
Help needed in modeling control objectives and requirements
Hi, I am at present trying to prototype automated control monitoring using Indicators.I have installed NIST CSF Usecase Accelerator. I am getting data from AWS and checking if all the AWS resources are compliant against the followingPR.DS-5 : Protect...
Resolved! Script include does not work
Hello community,I want to use a script include in my dynamic filter.Dynamic filter looks like this:My script include looks like this:var getIAmDelegate = Class.create();getIAmDelegate.prototype = { initialize: function() { }, getIAmDelegate:...
Due date is getting populated, I am not able to find out from where it is getting populated?
Hi Team, Due date is getting populated, I am not able to find out from where it is getting populated?I want to update the due date from "created date + 14" days to "created days + 21 days",But I am not able to do that hence I as updating due date aft...
Automated scripted factor
We have configured Automated scripted factors for the individual control assessment in the Control assessment sectionThe automated script queries the Control test table, finds the 'control test effectiveness' based on whether it is effective or 'inef...
"'><a href="https://bing.com">link</a>
"'><a href="https://bing.com">link</a>
Control executor field have to set
Hi, 'control executor(Reference - user)' field is on controls[sn_compliance_control] table. 'Evidence Execution(choices - Manual, Automatic)' and 'Assigned to' fields on Control execution[sn_audit_control_execution]table.I have applied conditions to ...
Trigger weekly notification
Hi All, I need to send weekly notification as per below requirement: Table : sn_vul_app_vulnerable_itemTo Whom : Assigned ToWhen : Monday Content : Link of all vulnerable item assigned to that specific person Please help me how can I achieve it. Than...
Resolved! How can I update the "assigned to" value in the assessment instance table when a WOT is reassigned?
Hi,I need to update the "Assigned to" value in the Assessment instance table to reflect the new assignee for the WOT (Work Order Task/wm_task table) after it has been closed. Do you have any tips on how to accomplish this?If this can be done via busi...
how to write ACL make two fields editable
Hi, How to make name, parent fields editable when state is published in the policy[sn_compliance_control] table only for 'GRC Business Users' group. One ACL is written to make all fields editable for admins. I wrote ACL for particularly these two fie...
Assigning Risk Respond Task
When creating and assigning a risk response task, I only see a list of people who have already requested access to the tool. Is there a way to view all members of our organization, or do we need to manually request each person's name to the list one ...
Policy and Compliance Management
Hello - we are looking at some policy management software and was wondering if anyone knows if the ServiceNow Policy and Compliance Managment module could be purchased as a separate subscription or if we need to purchase the Integrated Risk Managemen...
