Bringing a new department on to our instance for Request and Incident Mgmt
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-15-2023 11:30 AM - edited 12-15-2023 11:31 AM
Hello, all!
Looking for some guidance on best practices. I'm reviewing a request where a department would like to use our instance of ServiceNow for their request and incident management processes. Ideally, we want to keep access and data separate. Meaning users from the new department will only see records pertaining to their requests and incidents so as not to interfere with our metrics. The new department would like to replicate our record structure for requests (REQ > RITM > SCTASKS) and Incidents (parent > child). I'm not all that familiar with domain separation but am starting to review the product documentation.
Has anyone out there fielded a similar request and can help point me in the right direction?
Thanks!!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-15-2023 12:27 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-17-2023 08:13 AM
Hi @Bcrant
Looking for some guidance on best practices. I'm reviewing a request where a department would like to use our instance of ServiceNow for their request and incident management processes. Ideally, we want to keep access and data separate.
Atul: Domain separation is the solution here.
Meaning users from the new department will only see records pertaining to their requests and incidents so as not to interfere with our metrics.
Atul: Create the department and provide them a visibility only for the specific domains only.
https://www.servicenow.com/community/itsm-forum/domain-contains-vs-visibility/m-p/669975
The new department would like to replicate our record structure for requests (REQ > RITM > SCTASKS) and Incidents (parent > child). I'm not all that familiar with domain separation but am starting to review the product documentation.
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.
Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]
****************************************************************************************************************

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-17-2023 10:08 AM - edited 12-17-2023 10:15 AM
@Bcrant Domain separation would be needed when you would like to completely isolate the data from two department. Generally domain separation is used on multi tenant instances where multiple companies share a common instance. There data is usually kept along with the domain they are in.
In your case department level read ACLs defined at Group level are sufficient to prevent one group accessing data of other group.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-19-2023 03:22 PM
My concern would remain the data separation. The ACLs would accomplish data restriction, but overall data management would be impacted (reports, queries, scripts, etc.). Does that sound accurate to you? Would you also suggest creating custom tables for these new departments along with the ACLs to aid in data separation?