- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-05-2019 03:25 AM
Hi,
What is the purpose of GRC indicator and indicator templates? How is the indicators in Policy and Compliance related to Audit mangement indicators?
Thanks.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-06-2019 02:13 AM
Hi Balaji,
Controls can be monitored via Assessment (= Questionnaire assigned to someone, that generate an attestation), manual Indicator (= Manual Task assigned to someone, to be closed as Passed or Failed), or automated indicator (= Script).
Risk calculation: The Calculated Risk Score utilises data from the Inherent and Residual to determine an adjusted ALE and score.
The adjustments are driven by Control and Indicator statuses.
Indicator: A metric used to collect data to monitor controls and risks, and collect audit evidence.
Note that Indicators are not weighted, unlike Controls. When looking at their impact on a Control or Risk they will all be considered equally.
Indicator Templates can be created for Policy Statements (aka Control templates) or Risk Statement (aka Risk templates) to automatically create Indicators for related Controls and Risk.
Audit management and Policy & Compliance use Indicators for the same reason: Assess Controls and Risks.
https://docs.servicenow.com/bundle/madrid-governance-risk-compliance/page/product/grc-indicators/reference/continuous-monitoring.html
∴
Best regards from Switzerland
Shiva :¬,
If this reply assisted you, please consider marking it 👍Helpful or ✅Correct.
This enables other customers to learn from your thread.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-05-2019 05:04 AM
objective can be understood from the below link
https://docs.servicenow.com/bundle/london-governance-risk-compliance/page/product/grc-common/reference/r_WhatIsGRC.html
for Audit Management relation see the below
The GRC: Audit Management product enables users to schedule internal audits, conduct resource planning, scope engagements, conduct audit activities, review continuous monitoring results, and report findings.
https://docs.servicenow.com/bundle/london-governance-risk-compliance/page/product/grc-audit/concept/c_GRCAudits.html
Mark my ANSWER as CORRECT and HELPFUL if it helped
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-06-2019 02:13 AM
Hi Balaji,
Controls can be monitored via Assessment (= Questionnaire assigned to someone, that generate an attestation), manual Indicator (= Manual Task assigned to someone, to be closed as Passed or Failed), or automated indicator (= Script).
Risk calculation: The Calculated Risk Score utilises data from the Inherent and Residual to determine an adjusted ALE and score.
The adjustments are driven by Control and Indicator statuses.
Indicator: A metric used to collect data to monitor controls and risks, and collect audit evidence.
Note that Indicators are not weighted, unlike Controls. When looking at their impact on a Control or Risk they will all be considered equally.
Indicator Templates can be created for Policy Statements (aka Control templates) or Risk Statement (aka Risk templates) to automatically create Indicators for related Controls and Risk.
Audit management and Policy & Compliance use Indicators for the same reason: Assess Controls and Risks.
https://docs.servicenow.com/bundle/madrid-governance-risk-compliance/page/product/grc-indicators/reference/continuous-monitoring.html
∴
Best regards from Switzerland
Shiva :¬,
If this reply assisted you, please consider marking it 👍Helpful or ✅Correct.
This enables other customers to learn from your thread.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-25-2020 08:17 AM
Does indicator or indicator templates create automatically? there is script "Auto generate indicators for item" but does not seem to work.