Evidence Requests/Tasks- different questions and responses needed on same entity/same control
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-21-2023 12:13 PM
Hello --
Wondering if the information provided below is correct and what recommendations you may have about best practice/best way to assign different evidence request questions that all pertain to the same entity on the same control, but that would need to be answered by different people (by this I mean, not assigning to a group, and it would be ideal if one parent evidence request could have multiple evidence collection details on the same control for the same entity, each assigned to a different "assigned to" -- but my experience with ServiceNow is that the system does not allow for this functionality).
- I have 5 audit questions on the same entity and same control (or control objective) for the entity, but I need a different person to answer each of the 5 questions.
- In the Evidence Request module, the only way I can assign an evidence request task which contains a different question but the question is about the same entity and same control (or control objective) is to create a separate parent evidence request (EVR) and then an ECD (evidence collection detail) for the separate parent evidence request.
- For example, I'd create one EVR for Test Entity 1, Control 0020001, and one ECD assigned to the particular person (Person A) and containing question 1.
- I'd then create a second EVR for Test Entity 1, Control 0020001, and one ECD assigned to a different person (Person B) and containing question 2.
- Repeat this process three more times to create a total of 5 EVRs all for the same entity and same control and each with its own ECD -- and each ECD contains a different question and is assigned to the particular person who needs to answer the particular question.
- When I click the Request Evidence button on each of the five EVRs, an individual EVD is sent to the assigned to listed on the ECDs.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-21-2023 11:01 PM
Hi @Shirl22 ,
We use Evidence collection primarily while using Audit management, else i would still stick to Indicator templates (manual indicators).
For Evidence collection, we can request it adhoc basis, it does not need to impact the control status, supports control tests can be multi-group effort and not mostly to the control owner only.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-22-2023 11:50 AM
Hello Sandeep,
Thank you for your reply. I don't find it helpful since it does not answer my specific questions. I'm not looking for information about indicators. I'd like GRC users' responses to my specific use case and questions.
Kind regards,
Shirl