Hello @garkarpuja8 ,

To configure ACL Require role : security_admin(for this elevate role to security admin)

table :sys_security_acl(Access Control List )

Types of Security Level 

1)Table=>(table.none)

2)Record(row)=>(table.*)

3)Field(column)=>(table.fieldName)

Access Control Lists (ACLs) in ServiceNow are used to control who can access what data and which operations they can perform, such as read, write, create, or delete on a table or specific fields. ACLs are configured under System Security → Access Control (ACL) and can be applied at both the table level (for example, incident.*) and the field level (for example, incident.priority). When a user attempts to access a record, ServiceNow evaluates the ACL in three stages: roles, conditions, and scripts. The platform first checks whether the user has the required role, then evaluates any configured condition, and finally runs the script if present; access is granted only if all checks pass. For inherited tables and complex security requirements, multiple ACLs may be evaluated in order from most specific to most generic, meaning field ACLs can override table-level permissions. Best practice is to use role-based access wherever possible, add conditions for simple logic, and rely on scripts only when advanced validation is required, as heavy scripting can impact performance. During configuration, administrators should also test using Debug Security Rules to understand which ACL allows or denies access and avoid testing solely with the admin role, since admins may bypass some restrictions. Overall, properly designed ACLs provide secure, scalable, and maintainable control over data visibility and modification within the platform.

You ca refer this links for more undertanding :

What is Access Control List ? 

ACL with examples

Understanding ACL execution order 

If this helps you then mark it as helpful and accept as solution.

Regards,

Aditya,

Technical Consultant