Risk response approval levels.

Matt125
Kilo Contributor

Why does a 'risk acceptance'  response require an additional management authorisation / approval step  vs. 'risk mitigation, avoidance and transfer' and can the system be configured so these are aligned??    In our business the person with authority to accept a risk is the same person who would approve a risk mitigation, transfer or avoidance plan and therefore it makes no logical sence for the 'accept response' to require an additional level of management approval as currently appears to be the case with the Paris vanilla module?

2 REPLIES 2

Matt125
Kilo Contributor

I'd be really interested to learn if any other users in the group encountered a similar challenge with the risk acceptance response and if so how has this been overcome? 

Hi Matt, in many org risk acceptance need to be accepted and approved also by leadership therefore ServiceNow introduces a Risk acceptance approval workflow.

if outbox workflow doesn't meet your need then you can customize it to meet your use case OR disable business rule Start risk acceptance approval flow which starts the workflow

 Please mark my answer as Correct / Helpful based on the Impact