- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Good morning,
I have two questions about attachments handled in ServiceNow. Regarding privacy: I can restrict access to attachments. Not all attachments, so it can't be a general rule. There are certain Service Offerings that should have their attachments restricted to the Assignment Group, Requester, and the Requester's immediate manager.
Another behavior in attachment handling is the possibility of deleting attachments in RITMS. We also have some Service Offerings that, for legal reasons, need to maintain traceability and immutability of the documents attached to RITMS. The ServiceNow - Brazil partner that serves our company informed us that this is a standard platform behavior and could hardly be changed. Is this correct? Thank you.
Solved! Go to Solution.
- Labels:
-
Request Management
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi @gilsondo
For your 1st query : Yes, this is true and a common use case . You can achieve this by creating a scripted Read Access Control (ACL) on the sys_attachment table
For your 2nd query: It is not true that this is an unchangeable platform behavior.
While the default behavior of ServiceNow allows users with write access to a record to also manage (add/delete) its attachments,
the platform provides several standard configuration (/tools) to restrict or entirely disable the deletion of attachments for specific scenarios like legal compliance.
Refer : KB0825743: How to restrict users from deleting attachments on specific tables
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Thank you for marking my response as helpful.
💡 If my response helped, please mark it as correct ✅ and close the thread 🔒— this helps future readers find the solution faster! 🙏
Ankur
✨ Certified Technical Architect || ✨ 10x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
this is partially correct.
you can handle this using customization on top of the platform.
💡 If my response helped, please mark it as correct ✅ and close the thread 🔒— this helps future readers find the solution faster! 🙏
Ankur
✨ Certified Technical Architect || ✨ 10x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Thank you for marking my response as helpful.
💡 If my response helped, please mark it as correct ✅ and close the thread 🔒— this helps future readers find the solution faster! 🙏
Ankur
✨ Certified Technical Architect || ✨ 10x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi @gilsondo
For your 1st query : Yes, this is true and a common use case . You can achieve this by creating a scripted Read Access Control (ACL) on the sys_attachment table
For your 2nd query: It is not true that this is an unchangeable platform behavior.
While the default behavior of ServiceNow allows users with write access to a record to also manage (add/delete) its attachments,
the platform provides several standard configuration (/tools) to restrict or entirely disable the deletion of attachments for specific scenarios like legal compliance.
Refer : KB0825743: How to restrict users from deleting attachments on specific tables
