GRC Policy Version management

Go to solution
Ashik3
Tera Expert

‎09-02-2020 07:53 AM

Hello,

Have anyone come across requirement to policy version management ? Also The html content should be easily editable and reviewable same as in a word doc.
Any pointers ?

Best,
Ashik

0 Helpfuls
  • 1,654 Views
1 ACCEPTED SOLUTION

Go to solution
Phil Swann
Tera Guru
Tera Guru

‎09-02-2020 03:18 PM

A common request, I created an idea for you, please add comments and vote up: https://community.servicenow.com/community?id=view_idea&sysparm_idea_id=d9d0c28ddb0f9cd066f1d9d96896... if this makes sense...

 

I have created custom solutions in the past, but it is also battling between the KB article and the policy itself

View solution in original post

3 REPLIES 3

Go to solution
sachin_namjoshi
Kilo Patron
Kilo Patron

‎09-02-2020 09:26 AM

This is not available OOB with GRC policy.

I implemented custom solution for versioning of GRC Policies to provide checkout, check in UI actions and creating custom table to maintain versions of GRC policies.

 

Regards

Sachin

 

Go to solution
JohnJasinski
Tera Expert

‎09-02-2020 09:54 AM

YES - Policy version control is important and required for effectiveness and efficiency. 

Knowledge Base (KB) articles provide version control.   Also, see Managed Documents.

Policy Managers should understand version numbering and approvals workflows for policy document management. 

As automation of policy and controls testing evolves, the importance of version control increases.   

Formatting for Policy content should be simple for easy of use and clarity. 

Pointers - consider ....:   

  1. Take all the GRC Policy and Managed Documents related courses in NOW Learning.
  2. Multiple standards, frameworks and practice reference models should be considered for policies and controls.
  3. Subscribing to content from vendors like UCF or C2CSmartCompliance for Authoritative Document references can greatly support your policy and controls efforts.    
  4. For high level/leadership policies, consider a stable foundation based on the COBIT Framework - Objectives book from ISACA.  It offers industry-validated content suitable for Policies and Controls  - spanning all domains for governance and management.   
  5. Keep IT Simple Smarties (KISS) - looking to good practice references can be more effective and lower cost than customized policies. 
  6. Review the policy and documents topics found in the Product Documentation 
  7. Reminder: take all the GRC Policy and Managed Documents courses in NOW Learning.

Go to solution
Phil Swann
Tera Guru
Tera Guru

‎09-02-2020 03:18 PM

A common request, I created an idea for you, please add comments and vote up: https://community.servicenow.com/community?id=view_idea&sysparm_idea_id=d9d0c28ddb0f9cd066f1d9d96896... if this makes sense...

 

I have created custom solutions in the past, but it is also battling between the KB article and the policy itself