Priority Matrix
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
6 hours ago
Hello!
We currently have two record producers, one for general incidents and the other for specific security incidents (only using ITSM module).
A requirement is to have a separate Priority Matrix for incidents logged under the security incident record producer.
Would this possible and if so, what would be the best practice to achieve this?
Thanks in advance,
Liam
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
5 hours ago - last edited 5 hours ago
Hi @LiamO ,
Yes, this is possible, and the cleanest way is to decouple the “security incident” priority logic from the standard ITSM priority matrix rather than trying to maintain two separate OOB matrices.
I would recommend one of these patterns, depending on how strict the requirement is:
1. Use a custom priority field for security incidents
- Add a custom priority field (e.g., u_security_priority) on the Incident table and expose it only in the security‑incident record producer.
- Keep the standard priority field driven by the OOB Impact/Urgency matrix for general incidents.
- For security incidents, either:
- Let the record producer script set u_security_priority based on a custom lookup table, or
- Use a business rule on incident that maps u_security_priority to the standard priority if you still need SLA‑driven behavior.
2. Drive priority from a custom matrix in the record producer
- If you must use the standard priority field for security incidents, I would suggest:
- Hiding impact and urgency from the security‑incident record producer and instead exposing a custom “severity” variable.
- In the record producer script, set impact and urgency based on that severity so the OOB priority matrix still works, but with values tailored to security‑incident logic.
3. Avoid multiple OOB priority matrices
The base priority matrix is not record‑producer‑aware, so you cannot natively have two different matrices for the same table; instead, use custom fields or scripts to keep the logic separated.
Another alternative would be creating a scoped app for the sec incident, which also let you manage access to security incidents separate from normal incidents and you could adjust the process flow too.
Hope this helps...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
5 hours ago
Hi @LiamO ,
Yes, and please avoid scripting this (Business Rules/Client Scripts). You will end up fighting the native priority calculation engine on every update.
The Best Practice: Use a separate Data Lookup Definition with a specific Condition.
Create a custom matcher table (e.g., u_security_priority_lookup) to hold your specific matrix rows.
Create a new Data Lookup Definition pointing to that table.
Add the Condition: Category IS Security (or however you identify the record producer).
This effectively "forks" the logic: Security incidents get your custom matrix, and everything else falls through to the standard global rules without any conflict.
If this helps, please mark it as Accepted Solution.
Best regards,
Brandão.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
an hour ago
Thanks for the info!
Would you have any further info for your point 3? Have not been able to find how to achieve this point...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
30m ago
Priority matrix works for backend and not for record producers or catalog items.
you will have to design your own approach here to handle the matrix.
💡 If my response helped, please mark it as correct ✅ and close the thread 🔒— this helps future readers find the solution faster! 🙏
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
