entity based access control

David347 · 3 weeks ago

I am looking to use Entity based access control for IRM.

I would like to restrict Controls and Risks from showing to people outside the hierarchy for that area of the business.

I have setup Entity Access Configuration as an 'Entity' and selected entity and downstream entities.

I have chosen a User Group and activated.

For the bulk upload selected the entity.

For the related record types I have selected Sn_risk_risk and sn_compliance_control

I did not add anything to the filter on this.

Results populate as expected positively but can still see risks and controls.

Any advice appreciated.

Hemanth M1 · 3 weeks ago

Hi @David347 ,

Not sure if i understand this "Results populate as expected positively but can still see risks and controls."

Group users outside of this configuration can see downstream Controls and Risks for this entity?

Accept and hit Helpful if it helps.

Thank you,
Hemanth
Certified Technical Architect (CTA), ServiceNow MVP 2024, 2025

David347 · 2 weeks ago

"Results populate as expected positively but can still see risks and controls."

When following the Entity based record update utility process, there is a state that applies your configuration and says it has updated X amount of records (View results). This states that it has updated, with zero failures.

But people outside that group can still see all controls, risks etc

David347 · 2 weeks ago

Update. Got the Controls and risks to mask. But there are still inconsistencies with it.

Hemanth M1 · 2 weeks ago

Hi @David347

is the plugin up to date?

Accept and hit Helpful if it helps.

Thank you,
Hemanth
Certified Technical Architect (CTA), ServiceNow MVP 2024, 2025