SOX Audit Justification – Flow Reporting Restriction (Australia Patch 2)

DianaBTX
Tera Expert

3 weeks ago

Has anyone else run into this after upgrading to Australia Patch 2?

  • com.snc.process_flow.reporting.level is now forced to BASIC in production
  • Setting it to FULL automatically reverts back
  • New flow executions only capture runtime state + duration (no step details) [support.se...icenow.com]

This is a deliberate platform change for performance, not a bug.

🚨 Concern

This creates a real challenge for:

  • Debugging flow failures
  • Root cause analysis
  • Audit / SOX evidence requirements (no input/output or step-level visibility)

If a flow runs at BASIC, the detailed execution data is permanently lost.

⚠️ Workaround isn’t scalable

  • Only option is enabling FULL reporting per flow
  • Requires knowing what will fail ahead of time
  • Not realistic for large environments or integrations

Questions for the community

  • How are you handling audit/compliance needs with this limitation?
  • Are you enabling FULL on all critical flows? Automating it somehow?
  • Has anyone pushed back successfully with ServiceNow?
  • 618 Views
1 REPLY 1

Diogo Ramos
Tera Sage

3 weeks ago

I had noticed this too, good overview.

In reality this change is just forcing the best practice that was already to be followed which was to not use FULL reporting on all your production flows (by updating the property). Since specific flow reporting is still available, this (on my use case) it still ok to be used for very critical flows.  If your use case requires to capture steps or specifically inputs and outputs I think you will need to create your own custom action that puts this data into a logging system, or into custom tables on your instance. 

Either way, keep us updated on the way you will go about it, might be useful for other people !

0 Helpfuls