Risk acceptance task rejection workflow bug

Trey7
Tera Contributor

‎12-06-2023 09:10 AM

We identified a flaw in the risk assessment workflow when a risk acceptance task is rejected. If a risk acceptance task is rejected, the task is automatically closed and if the acceptance task is the only risk response for a risk, the risk is automatically moved to the Monitor state. Process-wise, a rejected risk acceptance means the approver does not accept the risk and the task should be sent back for changes or there should be opportunity to create a different type of risk response task (i.e. a mitigation task).

 

We opened a case with ServiceNow, but they responded saying they decided not to address this issue in a current or future release. Has anyone else noticed this problem? What are you doing as a workaround, if any?

  • 882 Views
3 REPLIES 3

telmo_nabais
Tera Expert

‎12-06-2023 09:37 AM

Never had this reported by a customer but I admit this scenario might be an issue, if there isn't any other risk response task.

 

When the acceptance task is approved the next risk assessment is scheduled to happen on the approved "Acceptance end date".

I think that to be consistent with the approval scenario, when a risk acceptance task is rejected a risk assessment should be raised immediately.

Since ServiceNow will not address the issue, you'll need to implement that or any other workaround you can think of.

0 Helpfuls

UTKARSH JAIN
ServiceNow Employee
ServiceNow Employee

‎12-07-2023 08:48 PM

Hi Trey,

 

I am the Product Manager for risk management and my sincere apologies for the response that was communicated to you earlier. Due to some internal confusion, our stance on this was miscommunicated. We are committed to fixing this workflow and agree with your suggestion earlier functionally. If a risk acceptance is rejected, you are effectively i am not ready to accept this risk and hence please either Mitigate / Avoid / Transfer the risk which should move the risk back into the assess state and the user should be required to select a different response strategy around this risk. I am in discussion with my team on this and will give you an update in terms of the timeline for when we can deliver this fix to you. Please give us a couple of days we will get back to you with a plan for fixing this. 

 

Thanks again for raising this and providing us feedback. My sincere apologies again for the miscommunication and i am discussing it internally to make sure we do not make the same mistakes again. 

 

If you have any concerns or feedback, please drop me a note at: Utkarsh.Jain@servicenow.com 

 

Regards,

Utkarsh Jain

 

Trey7
Tera Contributor
In response to UTKARSH JAIN

‎12-08-2023 12:14 PM

Thank you, Utkarsh!

0 Helpfuls