https://www.servicenow.com/community/grc-forum/risk-assessment-questionnaire/m-p/1323934#M9578 <P>Hi David&nbsp;</P> <P>When you say "... the risks they are raising" it makes me want to verify if your team is&nbsp;raising risks or issues. &nbsp;</P> <P>A simple difference is issues are current (something that is happening now, like Log4Shell, etc.) while Risks are more forward-looking (i.e. Risk of Unauthorized access) - Risks Statements are generally defined&nbsp;at an enterprise level while Issues are created by end-users. &nbsp;</P> <P>I'm hoping it's not the case, but we sadly often see teams struggle with that difference which then impacts implementing other aspects of GRC and the complexity just increases from there.&nbsp;</P> <P>The Quick answer is your actual questions would be to create your assessments using the Risk Assessment Designer. &nbsp;&nbsp;https://docs.servicenow.com/bundle/sandiego-governance-risk-compliance/page/product/grc-risk/task/create-assessment-using-assessment-designer.html</P> <P>However, you may want to reach out to an implementation partner to verify if your roadmap of implementing Risk, Controls (with Issues) and Entities is sustainable.</P> <P>Hoping you find that helpful.</P> <P>Roy &nbsp;</P> Tue, 31 May 2022 18:48:07 GMT Roy Verrips 2022-05-31T18:48:07Z https://www.servicenow.com/community/grc-forum/risk-assessment-questionnaire/m-p/1323933#M9577 <P>We are partly into configuring our GRC instance and I will be completely honest, not 100% up to speed at the moment. But we currently use a risk questionnaire to help us understand the risk that they are raising.</P> <P>Are there any good guides or videos on a step by step?</P> <P>Thanks in advance</P> Tue, 31 May 2022 15:06:19 GMT https://www.servicenow.com/community/grc-forum/risk-assessment-questionnaire/m-p/1323933#M9577 David347 2022-05-31T15:06:19Z https://www.servicenow.com/community/grc-forum/risk-assessment-questionnaire/m-p/1323934#M9578 <P>Hi David&nbsp;</P> <P>When you say "... the risks they are raising" it makes me want to verify if your team is&nbsp;raising risks or issues. &nbsp;</P> <P>A simple difference is issues are current (something that is happening now, like Log4Shell, etc.) while Risks are more forward-looking (i.e. Risk of Unauthorized access) - Risks Statements are generally defined&nbsp;at an enterprise level while Issues are created by end-users. &nbsp;</P> <P>I'm hoping it's not the case, but we sadly often see teams struggle with that difference which then impacts implementing other aspects of GRC and the complexity just increases from there.&nbsp;</P> <P>The Quick answer is your actual questions would be to create your assessments using the Risk Assessment Designer. &nbsp;&nbsp;https://docs.servicenow.com/bundle/sandiego-governance-risk-compliance/page/product/grc-risk/task/create-assessment-using-assessment-designer.html</P> <P>However, you may want to reach out to an implementation partner to verify if your roadmap of implementing Risk, Controls (with Issues) and Entities is sustainable.</P> <P>Hoping you find that helpful.</P> <P>Roy &nbsp;</P> Tue, 31 May 2022 18:48:07 GMT https://www.servicenow.com/community/grc-forum/risk-assessment-questionnaire/m-p/1323934#M9578 Roy Verrips 2022-05-31T18:48:07Z https://www.servicenow.com/community/grc-forum/risk-assessment-questionnaire/m-p/1323935#M9579 <P>Thanks, that is helpful.</P> <P>It is the former. The users will be people like Project Managers or Service owners who are looking to make changes in their environment, so we need a certain amount of information to make these assessments.&nbsp;<BR /><BR />Is that what you would use these questionnaires/Assessments for?</P> <P>&nbsp;</P> Wed, 01 Jun 2022 08:07:26 GMT https://www.servicenow.com/community/grc-forum/risk-assessment-questionnaire/m-p/1323935#M9579 David347 2022-06-01T08:07:26Z https://www.servicenow.com/community/grc-forum/risk-assessment-questionnaire/m-p/2544583#M14583 <P>I understand how to use these but how are they triggered? When a new risk is identified, I want the questionnaire going out to them.</P> Tue, 25 Apr 2023 15:24:52 GMT https://www.servicenow.com/community/grc-forum/risk-assessment-questionnaire/m-p/2544583#M14583 David347 2023-04-25T15:24:52Z