Can we send RISK Assessments via a catalog item.

VuchiV · ‎07-22-2024

Requirement 1: Currently we have configuration to generate risk assessment via "Assess Criticality" or "Assess Risks" button on the processing activity record in privacy workspace. Can we have functionality to be implemented on the entity record in privacy workspace.

Requirement 2: Can we implement a functionality to trigger assessments via a catalog item. Catalog item should contain some fields, upon submission, an assessment to be triggered to mentioned user in the form.

Let me know if someone has some solution to the above requirements.

Dnyaneshwaree · ‎07-22-2024

Hello @VuchiV ,

Yes, you can send Risk Assessments via a catalog item in ServiceNow. This can be achieved by creating a catalog item that, when requested, triggers the creation of a Risk Assessment record and assigns it to the appropriate user or group. Here’s a step-by-step guide on how to do this:

Create the Catalog Item:
- Navigate to Service Catalog > Catalog Definition > Maintain Items.
- Click New to create a new catalog item.
- Fill in the necessary details such as Name, Category, and Description.
- Add any variables required for the user to complete when requesting the assessment.
Create a Flow or Workflow:
- You can use Flow Designer or the older Workflow Editor to automate the creation of the Risk Assessment record.
Using Flow Designer:
- Navigate to Flow Designer > Designer.
- Click New to create a new flow.
- Set the trigger to Service Catalog > Requested Item.
- Add an action to create a new Risk Assessment record. To do this:
  - Click Add an Action and select Create Record.
  - Choose the Risk Assessment table.
  - Map the fields from the catalog item to the Risk Assessment record as necessary.
- Add any additional actions needed, such as notifications or task assignments.
- Save and publish the flow.
Using Workflow Editor:
- Navigate to Workflow > Workflow Editor.
- Create a new workflow for the Risk Assessment.
- Add a Catalog Task activity to create the Risk Assessment record.
- Configure the activity to set the necessary fields for the Risk Assessment.
- Add any additional activities such as notifications or approvals.
- Publish the workflow.
Link the Catalog Item to the Flow or Workflow:
- Navigate back to the catalog item you created.
- In the Process Engine tab, select the flow or workflow you created from the dropdown.
- Save the catalog item.
Test the Catalog Item:
- Navigate to the Service Catalog and find your new catalog item.
- Submit a request for the catalog item.
- Verify that a new Risk Assessment record is created and assigned as expected.
Adjust Notifications (Optional):
- If needed, create or modify notification rules to alert the necessary parties when a Risk Assessment is created.

Please accept my solution if it works for you and thumps up to mark it as helpful.
Thank you!!

Dnyaneshwaree Satpute
Tera Guru

nagakarthik0721 · ‎07-23-2024

Hi @Dnyaneshwaree , thank for your reply. I can now create and trigger Privacy Risk Assessment using the flow, but the questions/metrics in the assessment is not displayed to user while taking the assessment which is triggered via flow. Can you please let me know if I missed something. PFA screenshots of the assessment.

Dnyaneshwaree · ‎07-23-2024

Where you have added questions of the assessment?

Please accept my solution if it works for you and thumps up to mark it as helpful.
Thank you!!

Dnyaneshwaree Satpute
Tera Guru

nagakarthik0721 · ‎07-24-2024

The assessment is the OOTB functionality configured under "RISK Assessment Methodologies" which contains 3 assessment types. Each type has questions list in it.

PFA screenshots for the same.