What is the purpose of policy exceptions?

Go to solution
Sanel
Tera Expert

‎07-02-2020 11:50 PM

Can anyone please tell me the purpose of policy exceptions? How are they linked to policy ? And who can create policy exceptions and the roles required to create them? 

If anyone can share any link to the document that would be so helpful.

Thanks

0 Helpfuls
  • 1,877 Views
1 ACCEPTED SOLUTION

Go to solution
Chander Bhusha1
Tera Guru

‎07-03-2020 12:05 AM

HI Sanel,

 

control owners can create policy exception. 

He can define the policy exception from the control objective. Using the related list present on the from or manually can create from the form. The policy will show in the controls as well when the control testing is happening to review the policy exception.

Please find the below links for the policy exception.

https://docs.servicenow.com/bundle/london-governance-risk-compliance/page/product/grc-policy-and-com...

https://docs.servicenow.com/bundle/london-governance-risk-compliance/page/product/grc-policy-and-com...

https://community.servicenow.com/community?id=community_article&sys_id=127dc5d7db9197404837f3231f961...

 

 

Mark helpful and correct if it helps.

Thanks,

CB

View solution in original post

9 REPLIES 9

Go to solution
Chander Bhusha1
Tera Guru

‎07-03-2020 12:05 AM

HI Sanel,

 

control owners can create policy exception. 

He can define the policy exception from the control objective. Using the related list present on the from or manually can create from the form. The policy will show in the controls as well when the control testing is happening to review the policy exception.

Please find the below links for the policy exception.

https://docs.servicenow.com/bundle/london-governance-risk-compliance/page/product/grc-policy-and-com...

https://docs.servicenow.com/bundle/london-governance-risk-compliance/page/product/grc-policy-and-com...

https://community.servicenow.com/community?id=community_article&sys_id=127dc5d7db9197404837f3231f961...

 

 

Mark helpful and correct if it helps.

Thanks,

CB

Go to solution
Sanel
Tera Expert
In response to Chander Bhusha1

‎07-03-2020 04:07 AM

I created a policy exception through a issue and I was the owner of the control owner but when I created the policy exception the approver field in it was showing as blank so I cant add an approver to my policy exception , does a specific role is required for me to add the approver

0 Helpfuls

Go to solution
Chander Bhusha1
Tera Guru
In response to Sanel

‎07-03-2020 04:25 AM

Hi Sanel,

You need sn_compliance.manager role to add the approver to the policy exception.

The approvals will be the members of Approval group which you have selected in the Policy exception.

Just verify that you have added the sn_compliance.manager role to the user with whom you are testing.

 

Thanks,

CB

Go to solution
Sanel
Tera Expert
In response to Chander Bhusha1

‎07-03-2020 04:36 AM

Thanks mate got it , Could you please tell me how can I put my state in risk assessment or when does it actually go into that state ?

0 Helpfuls