GRC forum

GRC Module

I would like to meet with some whom have used TPRM just to discuss the product. Would someone be interested?

Automated factors in a risk assessment

Hi guys, hope you're all doing great!I'm diving into risk assessment and trying to make the most of automation. I've got Advanced Risk up and running, but I need a hand with something.Here's the deal: I want to use a field's value on the Risk Stateme...

GRC-policy and compliance

Hi all,I want to know how the policy control is changing from non-compliant to complaint.when the policy exception is approved.what is happening in the approve ui action in policy expectation table and how it is changing the status of impact control ...

Move field to header inside workspace

Hi everyone, I need to move one field to the side of the title inside my workspace, I've been looking on the UI builder module but couldn't find much, this is how it should be displayed thanks a lot

How to filter Risk Assessment Methodologies for the populated Entity Class?

hi, I want to filter the Risk Assessment Methodologies options to only display the RAMs on which I have configured the applicable entity classes. Below is the Risk form which shows the Risk Assessment Methodology of the populated entity which is lin...

Screenshot 2024-05-07 at 12.56.02 PM.png

Expiration date relevance and significance on Attestation (assessment instance) form

I came across this link which explains Expiration date on survey instances.https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0656044#:~:text=The%20value%20of%20%22Expiration%20Date,days%20from%20the%20creation%20date. Though, it ...

Resolved! Compliance Management ; Actor responsible for review of Controls

Hi Everyone, Reaching out to all the experts here. As part of Control Lifecycle management, i see the workflow has now changed as Draft-->Review-->Attest--> Monitor--> Completed. We understood, it is the Compliance manager who is responsible to gener...

Is there a way to edit the RTO questions? (Customization of RTO in Business Continuity Workspace)

Hi All, I am working on the implementation of the Business Continuity Management module. I have a requirement to modify the Recovery time Objective questions. Is there any way to do this?PFA Kindly pour in your suggestions!! Thanks in advance!!Sange...

Resolved! I need to assign an Indicator Task to a different assignee than the Control Owner

I have a Control owner who is responsible for the overall control. (e.g. Do capacity trend analysis on servers) There are multiple manual Type Indicator Tasks linked to this Control. (e.g. Check CPU trends, Check Disk usage trends etc.) Each Indicato...

UI Builder has components but not display in the UI builder page

Hello, When I modify an experience in UI builder, I am able to add components in the left content tree, but the components are not displaying in the body. The way I am testing is to make a change in the UI builder then save it, and go back to the app...

SIG Questionnaire Upload FOR the vendor

Can we upload a SIG for the vendor/contact? We are pointed to a number of trust sites and have relationships with very large corporations where we have to retrieve the documents from the site and attach. They simply will not use ServiceNow. Along ...

Create Regulatory Alerts from an RSS Feed

Hello everyone,I was curious if it is possible to create regulatory alerts based on items that come from an RSS Feed. If I use the documentation to configure an RSS feed such as (https://iapp.org/rss/united-states-dashboard-digest) is there any way t...

Business Continuity Management - Recovery tasks

Hi All, I have a customer requirement where they want to initiate or close complete/incomplete the recovery tasks that we create for the recovery events during the planning phase of the Business Continuity management module from an external source.I...

Resolved! BIA dependency assessment reset

Hello We already complete a full RTO assessment for an application.But, after 6 months, the department start using a new function on this application.We would like to know how we could reset an assessment, because we add some new questions to define ...

Delete Policy: "1Policy/regulation compliance status" Message

When I attempt a deletion of a duplicate policy, I get the "1Policy/regulation compliance status" and see the policy is listed in the sn_compliance_documents_reports table.What is this table used for and how is it affected if I delete the policy reco...

Forum Posts

GRC Module

Automated factors in a risk assessment

GRC-policy and compliance

Move field to header inside workspace

How to filter Risk Assessment Methodologies for the populated Entity Class?

Expiration date relevance and significance on Attestation (assessment instance) form

Resolved! Compliance Management ; Actor responsible for review of Controls

Is there a way to edit the RTO questions? (Customization of RTO in Business Continuity Workspace)

Resolved! I need to assign an Indicator Task to a different assignee than the Control Owner

UI Builder has components but not display in the UI builder page

SIG Questionnaire Upload FOR the vendor

Create Regulatory Alerts from an RSS Feed

Business Continuity Management - Recovery tasks

Resolved! BIA dependency assessment reset

Delete Policy: "1Policy/regulation compliance status" Message

Adding Control Implementation Statement in SSP

Business Continuity Management - Add basic CI info...

Q - DORM Data Flow from Core_Company to Legal Enti...

"Workflow" tab in Vendor Management Workspace

GRC Control Playbook Brainstorming

Evidence Request Frequency?

Role needed to take control attestation

How attestation and indicators are different ?

Indicator Task due date

What is Smart Assessment Engine, how it is differe...

What does the exempt feature do in control table?

IRM/GRC - Associating Controls with Business Appli...

How do I change the field background colour?

1st line control testing

Adding Reliant Entities to Common Controls in Revi...