ServiceNow for BCP/DR

Not applicable

I would like to know if anyone is using ServiceNow to meet their Business Continuity Planning requirements, such as building and maintaining business continuity/disaster recovery plans.

Thanks.

6 REPLIES 6

TSP666
Kilo Contributor

I'm also very interested by this topic.

Our Service-Now instance will be a hosted one, if I understand correctly we can access it external to the SSO method using side_door. This means that if we have a disaster e.g. a major fire in our head office (loss of primary data center) , people would still be able to access our Service-Now instance from their home PC.

We could add Business Continuity Plans in the Service-Now knowledge base which would still be available in such a disaster. We could use Service Portfolio Management to see which users are registered for impacted services, maybe even build a workflow to automate / help with the recovery, etc

Sounds good in practice but I don't see anyone already doing this......

It would be nice to see some more comments on this, especially from the Service-Now folks.

Thanks.


TSP666
Kilo Contributor

It looks like the GRC application can be used for Disaster Recovery planning / exercise tracking.

Each critical application should have a DRP (Disaster Recovery Plan), each DRP should be tested on a regular basis (at least annually), risks associated to critical app failures could be documented / mitigated.

DRPs can be published in the knowledge base.

Is anyone else using Service-Now for such activities ?

It would be interesting if Service-Now.com could enhance the GRC module to optionally cover DR related activities.


It seems to me that the current GRC plugin could cover DR-related activities without needing to be extended or enhanced.

The DRP could be stored as a "Policy" record (which is published in the Knowledge Base):
http://wiki.service-now.com/index.php?title=IT_Governance_Risk_and_Compliance_Plugin#Policies

The risks of failure would be stored as Risks:
http://wiki.service-now.com/index.php?title=IT_Governance_Risk_and_Compliance_Plugin#Risks

You could then define the risk controls, and automate the testing with Risk Control Tests:
http://wiki.service-now.com/index.php?title=IT_Governance_Risk_and_Compliance_Plugin#Control_Tests

I don't know if anyone has deployed IT GRC in this way yet (it's a fairly new app) but I don't think it would take any extension of functionality to use it this way. Disaster Recovery policies are the sort of governance it was designed for.

Is there other DR-related functionality that you think IT GRC would need to meet your needs?


I am also interested in it. Can you please let me know how to test DR Plan in ServiceNow