GRC: role matrix

M4XMU3 · 3 weeks ago

Hello community.

GRC is one of the most complex applications I have encountered so far. Therefore I feel a little bit overwhelmed with the amount of possible roles and how to connect them to the GRC tasks, such as attestations or risk assessments. Furthermore some users will require workspace access and others do not.

Moreover the major part of role assignment should be automated by e.g. flows.

By chance, is there a matrix (or s.th. else) which will help me define which roles I do have to assign to users for which GRC tasks they have to fulfill? Documentations I found or learnings I achieved did only cover part of the possibilities.

Regards

Max

Simon Hendery · 3 weeks ago

Hi @M4XMU3

Have you reviewed the GRC resources in Now Create/the Best Practices portal?

https://learning.servicenow.com/nowcreate

View solution in original post

M4XMU3 · 3 weeks ago

I forgot that source. Thank you for the reminder.

Closest I could find in there is the chapter "Policy & Compliance Roles and Responsibilities" from "GRC Policy and Compliance - Process Guide".

However this is only for PCM. Now for Risk Management I have to search anew. ("GRC Risk - Process Guide" has the same info.)