GRC/IRM – How to find entities and controls tied to an Authority Document?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Monday
Hi All,
I’m trying to understand the available OOTB table relationships in GRC/IRM and have a couple of questions:
How can I identify which entities are directly related to a specific Authority Document?
Once I have those entities, what’s the correct way to pull the controls that are related to those entities but only from that same Authority Document?
Are these relationships managed in any mapping table (I wasn't able to find any direct OOTB mapping tables), or would I need some customization to get the desired output?
Any pointers on the right tables or joins to use would be very helpful.
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Monday
Hello @Ya_Ga
you use case, if I got you correctly, is where "content references" come into play.
Content references ('sn_grc_content_reference' ) represent a virtual object that is linked to many m2m tables like:
- Entities to reference: sn_grc_m2m_cont_ref_profile
- Authority Documents: sn_grc_m2m_cont_ref_auth_doc
- Controls: sn_grc_m2m_cont_ref_control
You can create new references, link them with one or many AutDocs, and link your controls and entities with the content references.
Your second point is a simple "filter"-problem. If you have your content references right, you can filter for controls, that have the same content reference as the entity for a specific content reference.
Let me know if I can help you further (and kindly mark aswers...yaddayadda, as usual 🙂 )
and "accepted solutions"This motivates others to take part, post solutions and find answers. Thanks! - Mat
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Tuesday
Take a look at my GRC: Content Reference Automation - Share | ServiceNow Developers update set. It removes the manual effort of creating those relationships
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Tuesday - last edited Tuesday
You should definitely take advantage of Content Reference – that’s the main reason it exists. I built something in the past to automate the relationships by adding the Authority Documents, and shared it here
GRC: Content Reference Automation - Share | ServiceNow Developers
Feel free to try it out and share your feedback so I can make it even better.