How to get NOBODY to be able to delete records within the instance? Even administrators.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-23-2023 01:35 PM
I have a requirement where it mentions that no one (including administrators) should have permissions to delete records in ServiceNow.
Is there any way to achieve this goal?
Any help is appreciated, thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-23-2023 05:02 PM
Hi, it would be possible to update ACL's and\or make all delete UI actions inactive, but I would not consider this best practice and may result in many operational issues IE the removal of many record relationships is a deletion of the relationship record. I would only consider this on a table by table basis, and would ensure any impact is fully evaluated before deployment to production.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-23-2023 09:09 PM - edited ‎06-23-2023 09:10 PM
Hi there,
Any records specifically? Asking because you defnitely NOT want this for your entire platform / every table / etc.. That's just an extreme no go.
Also you actually do want to delete records, hopefully automated. Out-of-the-box there is already a lot being maintained, automatically deleted, etc..
If this for example concerns Tasks, Incidents, etc, you could update the delete ACL, and add the "nobody" role. Works fine in general. Is it 100% solid, no... really smart administrators can get around this 🙂
Be aware, that this might work the restrict for administrators, though do test if this won't cause any issues on automated logic in your instance.
I would wonder though, what is the WHY of restricting such? Would auditing such activities be also an option?
Kind regards,
Mark
Kind regards,
Mark Roethof
Independent ServiceNow Consultant
10x ServiceNow MVP
---
~444 Articles, Blogs, Videos, Podcasts, Share projects - Experiences from the field
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-27-2023 01:16 PM
Thank you very much for your answers, is there any risk around "Upgrades" or anything related in case a role with certain privileges is added to the Access Controls?
Also if there is any documentation in which to have more details would be awesome.