Why can't the role business user create a new risk event entry eventho I have given the permission?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-26-2025 08:20 PM
Dear experts,
I am facing a problem whereby my business user role given the role sn_grc.business_user cannot create a new risk event entry even though I have granted the permission and access to create to this role, may I know what else I could do to solve this problem? The sn_risk_manager role can perform so even tho I have not given the role any access. Please advise thks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-26-2025 08:30 PM
Hi @ChuanYanF ,
You need to verify following things that may helps you to resolve issue:
- Ensure that the sn_grc.business_user role has the necessary access control rules (ACLs) to create records in the Risk Management module..
- You might need to check both the table-level permissions and the form-specific permissions. Even if the role is granted permissions in theory, specific conditions or overrides in these settings might prevent the user from performing certain actions.
- There might be hidden permissions that the risk manager role inherits, such as specific permissions on related records or underlying tables that the business user role is missing.
- Make sure the risk event creation process is not restricted by a configuration or policy applied within GRC settings that is only allowing sn_risk_manager.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-27-2025 08:32 PM
Thank you for marking my response as helpful.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-27-2025 10:47 PM
Hi @ChuanYanF ,
To resolve the issue where users with the sn_grc.business_user role cannot create a new risk event entry while the sn_risk_manager role can.
Make changes in create acl like below
gs.hasRole('sn_grc.business_user') || gs.hasRole('sn_risk_manager');
-------------------------------------------------------------------------
If you found my response helpful, please consider selecting "Accept as Solution" and marking it as "Helpful." This not only supports me but also benefits the community.
Regards
Runjay Patel - ServiceNow Solution Architect
YouTube: https://www.youtube.com/@RunjayP
LinkedIn: https://www.linkedin.com/in/runjay
-------------------------------------------------------------------------
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-27-2025 11:01 PM
how is the script creating the records?
Did you check that? please share that
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader