entity based access control
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
I am looking to use Entity based access control for IRM.
I would like to restrict Controls and Risks from showing to people outside the hierarchy for that area of the business.
I have setup Entity Access Configuration as an 'Entity' and selected entity and downstream entities.
I have chosen a User Group and activated.
For the bulk upload selected the entity.
For the related record types I have selected Sn_risk_risk and sn_compliance_control
I did not add anything to the filter on this.
Results populate as expected positively but can still see risks and controls.
Any advice appreciated.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 weeks ago
Yes, its just not intuitive. So it works by selecting the areas you want to filter on in the bulk view. Still not adding up properly but have hid the controls, risks, issues and assessments.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 weeks ago
Can you please elaborate on the issue you are facing ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 weeks ago
With the use of Entity Based Access controls I am attempting to hide all sensitive information from other users on the tool.
Controls, Risks, Risk Assessments, Risk Identification Questionnaires (Smart assessments), Issues and remediation tasks.
It would be good if I could block it at the entity level rather than these individual areas.
I have found a way to block some, like Controls and Risks. Others like Issues I have found to be inconsistent with the filter from the table. When I filter them in the Bulk utility, I have say 10000, if I apply the same filter in the table to check the capture, it comes back with 12000.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 weeks ago
Entity based access does not restrict access to entities ; it only applies to related objects. Regarding issue number inconsistencies, if you are filtering from the bulk utility, an additional filter will be applied based on the entity you selected during the entity scoping stage, in addition to any filters you set. However, when viewing the actual issue table, you might have overlooked adding a filter for the entity field. Could you please check again?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
a week ago
I think that is where ServiceNow have got it wrong, ENITY based access control, doesnt restrict access to entities.
I am thinking its a hierarchy issues with some manual created entities.
What would you use as your filters in the bulk utility to block what I want?
