Duplication of Risk Records

brandoncalero
Tera Contributor

I need a solution on how to address Duplicating Risk records.

The current build in the background prevents duplicate risks when there is the same combination of Risk Statement and Entity. 

My use case would be that we have to itemize these across a fleet, so the same risk could exist across multiple locations and they each have their own treatment plans and timelines.

Is there a way to either shut this off or add an extra field to the duplication calculation?

For example, allow duplication as long as Risk Statement and Entity and CustomField are different?

7 REPLIES 7

Rakesh Chigari
Tera Guru

@brandoncalero 

It is not recommended to change this configuration to avoid duplicate risk creation and resulting in presenting wrong risk posture at the org level.  but if the business requirement demands, There is a business rule "Enforce Unique Item" on Control/Risk [sn_grc_item] or table which control this behavior,  this rule will validate the unique combination of risk statement and entity and display error message. 

 

If I could help you with your Query then, please hit the Thumb Icon and mark as Correct. Thank you

 

Enforce Unique Item was already inactivated. I am receiving the error in the image posted.

Jan Spurlin
ServiceNow Employee
ServiceNow Employee

Why aren't your "locations" set up as entities?

What you have stated sounds like the reason ServiceNow provided entities and Entity types.

Without customization there is not a way to turn this off.

My entities are "business applications". I have these applications across a fleet of ships, and these apps have the same risk but we cannot mitigate at the same time. Could be a 6 month to 2 year period, depending on dry docking. We want to be able to measure risk and mitigations without leaving a risk open for 2 years, when half the fleet has been remediated.