Governance, Risk, and Compliance - Data segregation

Go to solution
Brad Fleming
Tera Contributor

‎10-14-2022 05:29 AM

We are planning to use GRC for IT and non-IT (i.e., environmental) risk and compliance.  We are a single service provider with a dedicated instance, & no domain separation.  Within GRC do we have the ability to restrict visibility to data that mimics domain separation?  For example, Users within ABC department/groups only see IT related risk and compliance dashboards/reports/data, and Users withing XYZ department/groups only see non-IT related risk and compliance data?

0 Helpfuls
  • 1,503 Views
1 ACCEPTED SOLUTION

Go to solution
Sebastien Fix
Giga Guru
Giga Guru
In response to SanjivMeher

‎10-17-2022 12:35 PM

the question related to implementing something similar to domain separation for the different teams. Using the confidentiality tags achieve the same as that: you cannot see the records if you do not belong to the correct group 🙂

View solution in original post

0 Helpfuls
6 REPLIES 6

Go to solution
SanjivMeher
Kilo Patron
Kilo Patron

‎10-14-2022 05:42 AM - edited ‎10-14-2022 05:43 AM

We had similar requirements. But OOB there is no solution. I am not sure if they have it in their future roadmap, but you should check with your sales rep.

You may need to make changes to ACL based on entity associated to the control to implement such kind of restriction.


Please mark this response as correct or helpful if it assisted you with your question.
0 Helpfuls

Go to solution
Brad Fleming
Tera Contributor
In response to SanjivMeher

‎10-14-2022 05:52 AM

Thank you for your insight, Sanjiv, much appreciated!

0 Helpfuls

Go to solution
Sebastien Fix
Giga Guru
Giga Guru

‎10-16-2022 11:26 PM

@SanjivMeher  This is incorrect, this is OOTB using Confidentiality tags:
https://docs.servicenow.com/en-US/bundle/tokyo-governance-risk-compliance/page/product/grc-common/co...

 

You can also leverage another OOTB function for Functional domains:
https://docs.servicenow.com/bundle/tokyo-governance-risk-compliance/page/product/grc-workspace-compl...

 

 

0 Helpfuls

Go to solution
SanjivMeher
Kilo Patron
Kilo Patron
In response to Sebastien Fix

‎10-17-2022 03:39 AM

@Sebastien Fix I think the confidentiality tags are more like marking a particular record as confidential. Not for different compliance team.

And Functional domains are to segregate data, but not to restrict users from seeing each others data.

But this fields may be used to build the functionality.


Please mark this response as correct or helpful if it assisted you with your question.
0 Helpfuls