Bringing a new department on to our instance for Request and Incident Mgmt

Bcrant
Tera Contributor

Hello, all!

 

Looking for some guidance on best practices. I'm reviewing a request where a department would like to use our instance of ServiceNow for their request and incident management processes. Ideally, we want to keep access and data separate. Meaning users from the new department will only see records pertaining to their requests and incidents so as not to interfere with our metrics. The new department would like to replicate our record structure for requests (REQ > RITM > SCTASKS) and Incidents (parent > child). I'm not all that familiar with domain separation but am starting to review the product documentation.

 

Has anyone out there fielded a similar request and can help point me in the right direction?

 

Thanks!!

4 REPLIES 4

Dr Atul G- LNG
Tera Patron
Tera Patron

Hi @Bcrant 

 

Looking for some guidance on best practices. I'm reviewing a request where a department would like to use our instance of ServiceNow for their request and incident management processes. Ideally, we want to keep access and data separate.

Atul: Domain separation is the solution here. 

 

Meaning users from the new department will only see records pertaining to their requests and incidents so as not to interfere with our metrics.

Atul: Create the department and provide them a visibility only for the specific domains only.

https://www.servicenow.com/community/itsm-forum/domain-contains-vs-visibility/m-p/669975

https://docs.servicenow.com/bundle/vancouver-platform-security/page/administer/company-and-domain-se...

 

 

The new department would like to replicate our record structure for requests (REQ > RITM > SCTASKS) and Incidents (parent > child). I'm not all that familiar with domain separation but am starting to review the product documentation.

*************************************************************************************************************
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.

Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]

****************************************************************************************************************

Sandeep Rajput
Tera Patron
Tera Patron

@Bcrant Domain separation would be needed when you would like to completely isolate the data from two department. Generally domain separation is used on multi tenant instances where multiple companies share a common instance. There data is usually kept along with the domain they are in.

 

In your case department level read ACLs defined at Group level are sufficient to prevent one group accessing data of other group.

My concern would remain the data separation. The ACLs would accomplish data restriction, but overall data management would be impacted (reports, queries, scripts, etc.). Does that sound accurate to you? Would you also suggest creating custom tables for these new departments along with the ACLs to aid in data separation?