Residual risk not applicable field GRC
Hi All, In what situations I should be selecting Residual Risk not applicable when performing the residual risk assessment?
Forum Posts
Resolved! Work notes do not show in the activity formatter once Security request is closed .
Hi Everyone ..Work notes do not show in the activity formatter once Security request is closed ..Please let me know if anyone knows about this Steps:1]Try to closed Security Request on form and add work notes.2]You can see worknotes remove from Activ...
To create flowdesigner using Table
i need to create flowdesigner from scratch.can any one help me on fulfilling this scenario for the better practice
SLA Definition in TPRM vendors
Hello - We have dozens of SLAs defined in ServiceNow. We are starting to use TPRM (formerly VRM), but I don't see how I can link any of our existing SLAs with a vendor in the "Vendor Management Workspace". An option does not exist - it seems that I...
Extend the use of Compliancy Workspace to entity owners (asset owners)
One of my industry customers would like to utilize the Compliancy Workspace for entity owners (SW asset managers). I am looking for a solution where the entity owner's view is limited to their entities. (controls, issues, indicator tasks...). They ar...
CIS Controls Service-Now
I have some questions regarding aspects of GRC, specifically CIS mappings to ServiceNow. I am currently only looking at the CIS controls that pertain to software. These are located in section 2 of the CIS controls. I need best practices as they perta...
What role is required to remove entities from an entity type?
We are running Vancouver release, but it wouldn't let me select Vancouver in the Label. We have setup some Entity Types for our SOX and HIPAA controls. We are not using filters on these because we want to phase this in slowly and manually add the Ent...
Hiding the Sync with toggle button from policy redlining
I have to hide the sync with toggle button from the policy redlining for updating policy text.Got the policy text UX Macroponent definition but not clear how to make the toggle button hide.
Create Risk report grouped by Entity and Risk statement
Hi Everyone, We want to create Risk report grouped by Entity and Risk statement, where we will be calculating the average of inherent rating, control effectiveness and residual rating coming from the risks based on entity and risk statement.For eg: i...
Provide Policy Name while creating new word document for policy text
Provide Policy Name for the document name while creating new word document for policy text for policy redlining in the sn_compliance_policy table in workspace view.
I am new here, how do l start learning
Hi everyone, Pl l need help to start learning servicenow, am new, don't know where to begin, help me it be appreciated. Thanks Helejojo
Resolved! Inactive entities: Not able to activate control, but able to activate and execute indicators? Why?
Hi all,I was looking into the OOTB functionality around inactive entities. I noticed that while users are unable to activate a control that is linked to an inactive entity, they are able to activate and execute an indicator of this control. Then, whe...
Resolved! Request Extension on Policy Exception
Hi, Currently, the default duration of the policy exception on my instance is 180 days. When requesting an extension beyond 180 days from the "Valid from" date I am prompted with the following error: "The duration of this policy exception cannot be m...
Can we perform control attestations on applications without having the control created in IRM
Our requirement is something to perform checks or control attestations on applications level without having the control in place , could someone please explain if they have also implemented or come across the similar use case
Event Dependency configuration in GRC:Crisis Map
How to use event dependency configuration in crisis map.What is its configuration?How we can map BIA through event dependency configuration.
