Users with the role incident_security can see and write incidents categorized as Security.

Spartan_snow · ‎05-20-2025

Hello all,

I created a role incident_security and added to group and Incident category = 'Security'. When a user creates an incident with Category = 'Security', it should only be available to users with the role 'incident_security'.

I created ACL with data condition Category = 'Security' and added role to the roles section with Decision type = 'Allow if'.

However, this is not working as expected; please check the attached ACL picture.

Ankur Bawiskar · ‎05-20-2025

@Spartan_snow

did you check which ACL is blocking?

see Access analyzer and check

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

Spartan_snow · ‎05-20-2025

Hi @Ankur Bawiskar , I checked Access analyzer same ACL messing and if I make Decision type = 'Allow if' then nothing happen and if Decision type = 'Deny Unless'. then no one without admin is able to see any incident.

I have a simple requirement if Category is Security and Subcategory is Vulnerability then users with role incident_security should see and update this incidents. but everyone can create incident with any category

Ankur Bawiskar · ‎05-20-2025

@Spartan_snow

also ensure the query business rule "incident query" which is OOTB also is satisfied for this user

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

Ankur Bawiskar · ‎07-23-2025

@Spartan_snow

Hope you are doing good.

Did my reply answer your question?

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader