Installing Service now GRC module

Pragati Sharma · ‎08-22-2022

Can i get Service now GRC module installed for my company of I do not have Service now IT module. Are these inter related?

Andrea M_ller · ‎08-22-2022

Yes you can. Depands what is your expectation from GRC. For riskmanagement you get a besser propability/meaningfullness if you using for example Change Prozess and CMDB.

View solution in original post

Community Alums · ‎08-22-2022

Hi @Pragati Sharma ,

Good Question!!

Let's understand other way ,a good place to start is to focus on data integrity. Good data not only supports a successful audit, but operationally removes some of the stumbling blocks that many in change managers and critical incident managers struggle with.

So GRC can be used without ITSM as well but if you have both then it makes more sense.

ServiceNow IT GRC provides automation, integration and flexible reporting that can ease and speed consolidation of GRC management and ITSM efforts in helpful ways. And the single version of the truth enabled by the ServiceNow Service Automation Platform can help enterprises to extend effective IT GRC management efforts to other areas of the business -- notably change management. Such an evolution parallels how the ServiceNow Platform is helping enterprises to extend effective service management beyond IT.

But tools are only part of the solution. Effective relevant processes -- and promotion and enforcement of their adoption across the enterprise -- are at least as critical as any tools. And ServiceNow partners are helping enterprises to assess and optimize the processes needed to succeed with GRC. One such partner, Intréis, focuses specifically on what it calls "GRC-enabled ITSM," and offers numerous services designed to help ServiceNow customers improve their efforts in GRC, ITSM and integration of the two. I expect you'll see more ServiceNow partners paying more attention to GRC-ITSM integration as well, as demands and requirements for accountability and transparency ratchet up, within and beyond IT.

Whether or not your enterprise is in a highly regulated business or simply wants to be more consistent and transparent in its compliance with ITIL, COBIT or some industry-specific guidelines, GRC is now or will soon be critical to your enterprise's operations. Perhaps as critical as management and optimization of the IT infrastructure that enables those operations. So now is the time to start identifying the key GRC-focused people, processes and tools available to you, and to begin bringing them together with the people, processes and tools making ITSM work. That way, you'll avoid doing a "spit take" with your tea and muffin, should you in fact see your boss doing the perp walk on TV one day. Which should never happen, if you get GRC-ITSM integration right.

Mark my answer correct & Helpful, if Applicable.

Thanks,

Sandeep

Community Alums · ‎08-22-2022

Hi @Pragati Sharma ,

Any update to this ?Any follow-up required? if not

Kindly mark the answer as Correct & Helpful both such that others can get help.

Thanks,
Sandeep

Andrea M_ller · ‎08-23-2022

Hi,

I totally agree with Sandeep. Tool is one point, but processes, data integrity... is the second and more important.

Our experience is, ServiceNow offers the best integrated tool on the market, to cover different aspect for companies.

I know two prominent customer, from a regulated market, using ServiceNow GRC (without ITSM) - Bank of Scotland, Santander Bank. Both needed to fulfill the DORA (Digital Operation Recilience Act). That happened in the past, maybe the decided in the meantime to use CDMB, ITSM as well. It will definitely makes sense and ServiceNow has absolut advantages as as a single system of records

Regards

Andrea

Andrea M_ller · ‎08-22-2022

Yes you can. Depands what is your expectation from GRC. For riskmanagement you get a besser propability/meaningfullness if you using for example Change Prozess and CMDB.