Entity Based Access

manikandank3877
Tera Contributor

Hello experts,


I’m setting up Entity-Based Access in GRC and running into a weird issue.

  I’ve done the following so far:

  • Installed the Entity-Based Access  plugin

  • Enabled the property: sn_grc_ent_access.enable_entity_based_access

  • Created an Entity Access Configuration for the Entity Owner 

But even with all that, everyone can still see all the entities, not just the owners. 😕

Is there something else I need to do? 

 

1 REPLY 1

SrinivasMeV
ServiceNow Employee
ServiceNow Employee

Hi @manikandank3877 

The Entity-Based Access feature does not restrict visibility of the entities themselves. Instead, it is designed to control access to records that are related to those entities—such as risks, issues, controls, and similar items.

This means that even after enabling the configuration, all users will still be able to see all entities.

Example:
If you configure access for the entity "Finance Department" and assign access only to the entity owner, then activate the configuration and apply record-level restrictions (e.g., via bulk update), only the owner of the Finance Department entity will be able to view the related records—such as risks, controls, risk response tasks, and issues.

However, the entity "Finance Department" itself will remain visible to all users. This is because the access restrictions apply only to the related records, not to the entities themselves.