Risk Assessment Project vs Risk Assessment Scope

Anurag22 · ‎03-17-2025

Hi Community, I am trying to figure out the difference between usage of 'Risk Assessment Project' vs 'Risk Assessment Scope' in Advanced Risk solution. As far as I have explored, both functionalities look similar to me i.e.

1. Scope the Assessable Entity and RAM.

2. Finalize the Risks for Assessment

3. Conduct the assessment

These both functionalities seem to be serving the same purpose. Please enlighten if someone knows the difference usages of both.

PrudeAnurag · ‎03-17-2025

Hello @Anurag22 ,
Even though both tools may appear similar, they are designed for different purposes and use cases.

- If an organization needs to conduct a periodic risk assessment that requires auto-assignment and is performed one risk at a time, the traditional risk assessment functionality should be used. This approach utilizes the assessment scope and scoped entities.

- On the other hand, the project risk assessment is used when the risk assessor wants to perform multiple risk assessments in a single view for a specific entity belonging to the same RAM. This method is often referred to as bulk risk assessment. The advantage of this approach is that the user does not need to navigate through multiple screens when assessing multiple risks.

The main difference between the two is the scheduling feature, which is available in traditional assessments but has not yet been introduced in project risk assessments.

Best Regards,
Anurag

View solution in original post

PrudeAnurag · ‎03-17-2025

Hello @Anurag22 ,
Even though both tools may appear similar, they are designed for different purposes and use cases.

- If an organization needs to conduct a periodic risk assessment that requires auto-assignment and is performed one risk at a time, the traditional risk assessment functionality should be used. This approach utilizes the assessment scope and scoped entities.

- On the other hand, the project risk assessment is used when the risk assessor wants to perform multiple risk assessments in a single view for a specific entity belonging to the same RAM. This method is often referred to as bulk risk assessment. The advantage of this approach is that the user does not need to navigate through multiple screens when assessing multiple risks.

The main difference between the two is the scheduling feature, which is available in traditional assessments but has not yet been introduced in project risk assessments.

Best Regards,
Anurag

JBashta · ‎05-07-2025

Hi - can you please tell me if you can assign a Risk Assessment Project to Risk Owners as the Assessor? Its not an option in the drop down list but it is an option in Risk Assessment Scope.

We have many risks against one entity but multiple risk owners and was hoping to set up the Risk Assessment Project for one entity but different Risk Owners assess their risks only.

Anurag22 · ‎05-08-2025

@JBashta good catch, I just tried to achieve this but no go. It's a bit problematic to use Risk Assessment Project in this case. Risk Assessment Scope do support Risk assessment assignment to Risk owners.

@PrudeAnurag - Any suggestions? Should it be highlighted as a design flaw?

JBashta · ‎05-08-2025

Thanks @Anurag22 - glad it's not just me.

In my opinion it's definitely a design flaw and something our organisation wants. I am going to talk to our internal ServiceNow developers to see how they can help us solve this problem for the immediate project but it would be great if ServiceNow considered improving this functionality and introducing Projects by Risk Owner.

Thanks for starting the conversation on Risk Assessments 🙂