Grid configuration

Zurich Governance, Risk, and Compliance
Release
zurich
ft:locale
en-US
ft:publication_title
Zurich Governance, Risk, and Compliance
ft:clusterId
grc
bundleId
grc
workflow
Technology
  • Governance, Risk, and Compliance
  • GRC and the ServiceNow Store
  • Download a GRC application from the ServiceNow Store for the first time
  • Get entitlement for a GRC product or application
  • Activate an entitled GRC ServiceNow Store application
  • Install GRC content packs and integrations
  • Update a GRC application
  • Upgrade your instance to the next GRC family release
  • AI Risk and Compliance
  • Explore
  • AI assets
  • AI systems
  • AI models
  • Datasets
  • 360° AI asset view
  • Entity Based Access for AI assets
  • AI Risk and Compliance workspace
  • Risk & compliance tab
  • Operations tab
  • AI cases tab
  • AI risk heatmap workbench
  • Tasks landing page
  • Risk assessment project in AI Risk and Compliance
  • Workflow of risk assessment project in AI Risk and Compliance
  • AI Risk and Compliance Content accelerator
  • Automatic AI case and inquiry creation from email
  • AI governance life cycle
  • Intake requests
  • AI cases and inquiries
  • Assessment templates and risk assessment methodologies
  • Offboarding AI assets review
  • Configure
  • Install application
  • Content pack
  • Install content
  • Configure workspace
  • Set up properties
  • Advanced Risk assessment properties
  • Configure email intake
  • Publish assessment templates
  • Use
  • Request an AI use case
  • Request an AI use case form
  • Request an AI model
  • Request an AI model form
  • Request a dataset
  • Request a dataset form
  • Raise an AI inquiry
  • Raise an AI inquiry form
  • Report an AI case from the Employee Center
  • Report an AI case form
  • Create an AI case in the AI Risk and Compliance workspace
  • Create New AI case form
  • Report an AI case anonymously
  • Report an AI case form
  • Follow up on an anonymous report
  • Create an AI issue in the AI Risk and Compliance workspace
  • Create New AI Issue form
  • Remediate an issue
  • Initiate AI assessment on an AI asset
  • Perform impact assessment on an AI use case
  • Initiate risk assessment on AI asset
  • Perform risk assessments on AI systems
  • Manage controls using AI Risk and Compliance
  • Add controls
  • Remove controls
  • Delete controls
  • Create control attestations for AI asset
  • Initiate risk assessment on AI asset's risks
  • Create risk assessment project
  • Perform bulk assessment in stacked view
  • Perform bulk assessment in grid view
  • Activate or update NIST Risk Management Framework
  • Activate or update EU Artificial Intelligence Act
  • Reference
  • Roles installed
  • Tables installed
  • AI governance email notifications
  • Audit Management
  • Explore
  • Configure
  • Activate Audit Plugin
  • Audit Setup Checklist
  • GRC Audit Test Suite
  • Advanced Audit App Setup Checklist
  • Use
  • Audit Report Templates
  • Audit Test Template and Plans
  • Audit Test Template Creation
  • Link Test Template to Control Objectives
  • Audit Test Plan Creation
  • Multiple Test Plan Creation
  • Manage engagements
  • Audit task management
  • Create audit engagement
  • Schedule job for audit date enhancement
  • Create exclusion table for audit date
  • Audit Report Generation
  • Copy Audit Engagement
  • Control Test Creation
  • Auto Control Test Creation
  • Audit Task Activity Creation
  • Audit Interview Task
  • Audit Walkthrough Task
  • Audit KB Article Creation
  • Engagement Approval Actions
  • Add Engagement Entities
  • Use the Audit Engagement
  • Workbench Engagement Setup
  • Cloud Document Management
  • Prerequisites to Manage your Documents using Microsoft
  • Cloud File Access Setup
  • Cloud File Configuration
  • Cloud File Form Setup
  • File Access Permissions
  • File Access Form Setup
  • File Access Configuration
  • Cloud File Upload
  • Link Cloud File
  • Link a reference cloud
  • Mark a cloud file
  • Mark a cloud file as shareable
  • Remove a linked cloud
  • Risk Monitoring & Indicators
  • Audit Engagement Overview
  • Create a GRC indicator
  • Create GRC indicator template
  • Confidentiality flag for Audit
  • Audit Issues & Remediation
  • Manually create issues
  • Issue form
  • Audit Evidence Request
  • Evidence request workflow
  • Request evidence for audit
  • Provide requested evidence
  • Approve evidence before evidence
  • Accept, reject, or cancel
  • Audit Plan Overview
  • Create an audit plan
  • Approve a plan
  • Engagement with advanced planning
  • Add auditors for an engagement
  • Create an auditable unit
  • Audit Types Overview
  • Audit Milestone Management
  • Create an engagement milestone
  • Create a milestone from
  • Audit observations
  • Audit Expense Rollup
  • Integrate
  • Audit Workspace
  • Audit Supervisor Workspace
  • Create a test template
  • Create a test plan
  • Create a plan
  • Create an audit engagement
  • Manage an engagement from
  • Create an auditable unit
  • Create a milestone for an engagement
  • Audit Task Management
  • Create a control test
  • Create an activity
  • Create an interview
  • Create a walkthrough
  • Add entities to an engagement scope
  • Create an issue
  • Request evidence during audits
  • Request evidence using Audit
  • Audit observations in Audit
  • Create an observation
  • Unified content management
  • Activate unified content management
  • Audit Workspace Limited
  • Create the Tests step
  • Create test step plans
  • Create test step templates in the test templates
  • Approve or reject an engagement in Audit Workspace
  • Generate an audit report for an engagement using Microsoft Word template
  • Create a Microsoft Word template record for an audit report
  • Word template form
  • Word template category form
  • Generate a report for an engagement in a classic report template
  • Audit Workspace for the Auditor
  • Update an assigned control test in Audit Workspace
  • Update other assigned audit tasks in Audit Workspace
  • Create an observation for an audit task
  • Matrix report in Audit Workspace
  • Configure matrix report registry to set up base table for audit matrix report
  • Matrix relationship form
  • Configure target table fields as columns for matrix report
  • Matrix column configuration form
  • Create matrix report configuration for Audit Workspace
  • Matrix report configuration form
  • View matrix report in landing page and record page of Audit Workspace
  • Analytics and Reporting
  • Audit Engagement Overview Performance Analytics dashboard
  • Audit Manager Performance Analytics dashboard
  • Reference
  • Components installed with Audit Management
  • Roles required for Engagement project planning for Project Portfolio Management
  • Roles required for Advanced planning capability
  • Domain separation and Audit Management
  • Business Continuity Management
  • Explore
  • BCM Configurable Workspace
  • Home page view
  • My tasks page view
  • List view
  • Crisis map view
  • Business impact analysis
  • Use cases for BIA
  • Business impact analysis
  • Grid configurations and categories
  • Business continuity planning
  • Assets and plans
  • Recovery teams, loss scenarios
  • Use cases for business continuity planning
  • Element definitions and variables
  • Exercises
  • Crisis events
  • Crisis map interface
  • Emergency notifications in Everbridge
  • Configure
  • BCM and ServiceNow Store
  • Get entitlement for the BCM application
  • Install BCM from ServiceNow Store
  • BCM lite operators
  • General administration setup for BCM
  • Dependency Configuration records
  • Configuring impact analysis dependency updates
  • Set up Impact analysis dependency update configuration
  • Impact analysis dependency update configuration form
  • Configuring planning dependency updates
  • Set up Planning dependency update configuration
  • Planning dependency update configuration form
  • Configuring sources for adding event dependencies
  • Configure Event dependency source configuration record
  • Event dependency source configuration form
  • Configure impact category for BIA
  • Impact Category record form
  • Configuring the documentation section
  • Configure documentation section
  • Documentation Section record form
  • Configure element definition
  • Element definition record form
  • Configure element variables for element definitions
  • Element variable record form
  • Configure loss scenarios in the plan
  • Loss Scenario record form
  • Configure impact ratings
  • Impact Rating record form
  • Configure recovery tiers for BIA
  • Recovery Tier record form
  • Set up recovery timeframes
  • Configure grid categories
  • Grid category record form
  • Configure grid for BIA assessment
  • Grid configuration record form
  • My tasks page configurations
  • Approval configuration
  • Set up approval configuration
  • Set up approval levels
  • Set up approval rules
  • BCM properties
  • Properties installed with BCM
  • Setup for BIA
  • Configure BIA templates
  • BIA template form
  • Create Smart Assessment templates for BIA
  • Configure BIA templates with SAE
  • BIA template record
  • Setup for a BCP
  • Configuring plan template
  • Configure the BCP template
  • Plan Template form
  • Set up the phases
  • Phase form
  • Generating reports using Document designer
  • Install Document designer with Microsoft Word
  • Set up the template configurations
  • Configuring the data relationships
  • Set up the content configurations
  • Define the scripted variables
  • Manage Microsoft Word document templates
  • Microsoft Word template form
  • Install the Document designer add-in
  • Save Microsoft Word document as template
  • Generate reports for the BIAs, BCPs, and events
  • Format PDF templates for BIAs, BCPs, and Events
  • Configure 360° relationship registries and views
  • Setup for Everbridge notifications
  • Create connections and authenticate credentials
  • Create Connection and Credentials form
  • Import the delivery channels
  • Import the record types
  • Create templates for emergency notifications
  • Notification Template form
  • Create contacts for emergency notifications
  • Contact form
  • Create the contact import rules
  • Contact Import Rules form
  • Create notification contact groups
  • Notification Contact Group form
  • Setup for Crisis map
  • Customization properties
  • Customization properties table
  • Google Maps APIs
  • Configure Scheduled Imports
  • Scheduled Data Imports form
  • Configure Resource Configuration records
  • Resource Configuration form
  • Configure alert rules
  • Alert Rules form
  • Configure alert actions
  • Alert Action form
  • Setup by system administrators
  • Update number of records for reference fields
  • Update count of element definitions
  • Application menu options
  • Setup for the UI Builder
  • BCM implementation
  • BCM in the Classic Workspace
  • Element definitions in Classic Workspace
  • Impact rating in Classic Workspace
  • Recovery tier in Classic Workspace
  • Grid configuration
  • Set up element variable
  • Set up grid configuration
  • Set up recovery timeframe
  • Configure a documentation section
  • Configure a plan for a loss scenario
  • Configure a BIA template
  • Configure a BCP template
  • Configure an impact category
  • Manage
  • Structured workflows for BIAs
  • Impact categories and ratings
  • RTO, RPO, and recovery tiers
  • Calculating RTO and RPO
  • BIA states and UI actions
  • Configuring dictionary, UI policy, and element variables
  • Using latest assessment for conducting BIAs
  • Create a business impact analysis
  • Create New Impact analysis form
  • Scheduling an auto-update of dependencies
  • Update the BIA dependencies
  • Assess impact categories and dependencies
  • Approve the business impact analysis
  • Update dependencies of BIAs in Self-Service
  • Visualize 360° relationships for BIAs
  • Generate BIA reports in PDF or Microsoft Word
  • Structured workflows for BCPs
  • States and UI actions for a BCP
  • Create a business continuity plan
  • Create New Plan form
  • Scheduling auto-update of related assets
  • Update the planning dependencies
  • Add asset and scope to the BCP
  • Create documentation sections
  • Add associated plans and recovery teams
  • Associating related plans to a recovery task
  • Add loss scenarios
  • Add recovery strategies for dependencies
  • Create New Recovery strategy form
  • Mapping recovery tasks to phases
  • Add recovery tasks
  • Create New Recovery task form
  • Automate recovery tasks
  • Create a subflow form
  • Submit the BCP for approval
  • Visualize 360° relationships for the BCP
  • Generate BCP reports in PDF or Microsoft Word
  • Structured workflows for exercises
  • States for an exercise and crisis event
  • Event assets
  • Mapping event tasks to phases
  • Using nested plans
  • Adding dependencies of impacted assets
  • Enhancing event task management with Hierarchical view
  • Create an exercise
  • Create Exercise Event form
  • Update the event dependencies
  • Track impacted assets and add associated plans
  • Creating action items in events
  • Create task and assessment-type action items in events
  • Create New Action item form for events
  • Creating similar tasks groups
  • Create a similar tasks group
  • State changes for event tasks in groups
  • Import plans and recovery tasks
  • Monitor event tasks and create ad-hoc tasks
  • Create New Event Task form
  • Start an event
  • Request an approval and approve the event
  • View recovery tasks from Self-Service
  • View 360° relationships for exercises and crises
  • Generate reports in PDF or Microsoft Word
  • Structured workflows for crisis events
  • Start a crisis event
  • Create Crisis Event form
  • Using nested plans
  • Track impacted assets and add related plans
  • Add a task to the crisis event
  • Import automated tasks and start an event
  • Creating action items in crisis events
  • Create task and assessment-type action items
  • Create New Action item form for crisis events
  • Create a similar tasks group in a crisis
  • Request an approval and approve the crisis
  • Structured workflows for Crisis map
  • Enhanced performance with UIB pages
  • Manage alerts from the map interface
  • Set controls to customize the alerts
  • Select resource layer clustering
  • Monitor assets within the impacted areas
  • Initiate the response actions
  • Managing plans with BCM mobile application
  • Set up the BCM mobile application
  • Log in to the BCM mobile application
  • Monitor the plan list and generate the PDF
  • Platform Analytics dashboards
  • Create an inline-editor dashboard
  • Create a technical editor dashboard
  • Using BCM Classic Workspace
  • Customizing BCM classic Workspace
  • Migrating reports and custom changes
  • Structured workflows for BIA
  • Create a business impact analysis
  • Assess impact categories and dependencies of process
  • review-impact-category-bia
  • Assess RPO impact of technology assets
  • Identify critical dependencies
  • Add dependencies based on CI relationships
  • View business impact analysis details
  • View approval state flows for BIA
  • Update dependency details of a BIA in Self Service
  • Structured workflows for Business Continuity Planning
  • Create a business continuity plan
  • View plan details
  • Plan overview scorecards
  • Add an asset to the scope of BCP
  • Add related assets and related plans
  • Manage plan documentation sections
  • Assign roles to recovery teams
  • Identify loss scenarios
  • Establish recovery strategies
  • Group recovery tasks
  • View details of a business continuity plan
  • View approval state flows for BCP
  • Structured workflows for Exercise and Crisis Management
  • Start an exercise event
  • Start a crisis event
  • Review and start an exercise event
  • Manage a crisis event
  • Monitor event task completion
  • Add assets and plans to an event
  • Data flow, planning, and execution in an event
  • View recovery tasks from Self-service
  • Crisis Management map
  • Setting up the crisis map
  • Configure search for places in crisis map
  • Configure scheduled data imports for crisis map
  • Configure a resource for crisis map
  • Configure alert rules to display alerts in crisis map
  • Configure an alert action
  • View and manage alerts in the crisis map
  • Set controls to customize alerts
  • View resource layer clustering
  • View assets at risk within the impacted area
  • Notify stakeholders and initiate response workflows
  • Integrating Crisis Management with Everbridge
  • Setup steps for emergency notification
  • Create connection and authenticate credential
  • Import delivery channels from Everbridge
  • Import delivery channels from Everbridge
  • Define a template for emergency notification
  • Create contacts for emergency notifications
  • Create contact import rules
  • Create a notification contact group
  • Create an emergency notification and monitor its workflow
  • Create an emergency notification
  • Integrate
  • Workflow status of emergency notifications
  • Create emergency notifications
  • Create New Notification form
  • Reference
  • Components installed with Business Continuity Management
  • Data Relationships Framework
  • Create a main node configuration record
  • Main node configuration new record form
  • Create a relationship registry record
  • Relationship registry new record form
  • Configure the properties
  • Data Relationships Framework properties form
  • GRC record page template for BCM records
  • Stepper component in the Overview tab of the records
  • Compliance Case Management
  • Explore
  • Compliance case workflow
  • Compliance request workflow
  • Landing page
  • Using
  • Smart assessments in Compliance Case Management
  • 360 degree relationship visualization
  • Configure
  • Download application
  • Install application
  • Create a case type
  • Case Type form
  • Create view rule
  • View Rule form
  • Create assignment rule
  • Assignment Rule Form
  • Create Request type
  • Request Type form
  • Create compliance state model
  • GRC state model form
  • Create workflow state
  • Workflow State form
  • Define model state transitions
  • Model state transition condition form
  • Create assessment template
  • Assessment Metric Type form
  • Use
  • Report compliance case
  • Employee Center
  • Report compliance case form
  • Create compliance case form
  • Compliance case form
  • Report a compliance case anonymously
  • Anonymous compliance case form fields
  • Raise compliance request
  • Employee Center
  • Raise a Compliance Request form
  • Compliance workspace
  • Compliance request form
  • Compliance case task workflow
  • Create action task
  • Case task form
  • Work on action task
  • Reassign Action Task
  • Review and close action task
  • Add impacted area
  • Add related area
  • Add cause and consequence
  • Cause and Consequence form
  • Add compliance regulations
  • Add issue
  • Create an Issue form
  • Export report to PDF
  • Compose email
  • Configure due dates
  • Smart assessments
  • Reference
  • Installed Tables
  • Installed Roles
  • Continuous Authorization and Monitoring
  • Explore
  • Configure
  • Checklist for Continuous Authorization and Monitoring setup
  • Assign Continuous Authorization and Monitoring roles to users and groups
  • Use
  • RMF step 0 - Prepare the authorization package
  • Define the authorization boundary
  • Create an authorization package
  • RMF step 1 - Categorize the authorization package
  • RMF step 2 - Select controls for an authorization package
  • Set up baseline controls
  • Inherit from a common control
  • RMF step 3 - Implement controls
  • RMF step 4 - Assess implemented controls and document findings
  • RMF step 5 - Authorize the authorization package
  • RMF step 6 - Monitor the approved authorization package
  • CAM workflow configuration
  • Enable CAM workflow configuration
  • Run migration scheduled job
  • GRC state model configuration
  • Create GRC workflow states
  • Configure transition between state models
  • Create GRC model state transition conditions
  • Add existing attributes to a GRC workflow state
  • Create a new state model attributes
  • Workflow configuration
  • Add version to workflow
  • Add impact to version
  • Add view rules to workflow
  • Implement
  • Generate assessment procedure plans for a test plan
  • Determine control effectiveness of a control test
  • Define Control Requirements
  • Modify control requirement
  • Control requirement generation and upgrade steps
  • CAM Workspace
  • Monitoring and managing security from the CAM Workspace Home page
  • Monitor and manage your NIST security posture
  • Monitor and manage CAM tasks
  • Managing POA&Ms
  • View authorization boundary details
  • Configure boundary hierarchy
  • Create a boundary filter
  • View package details in CAM Workspace
  • Apply overlays to the baseline controls
  • Request control trailoring
  • Create a control tailoring request
  • ATO artifacts for an authorization package
  • Generate ATO artifacts
  • CAM OSCAL
  • Export in OSCAL format
  • Export OSCAL catalog
  • Export OSCAL files from authorization package
  • Export OSCAL SSP
  • Export OSCAL POA&M
  • Export OSCAL AR
  • Export OSCAL POA&M from list view
  • Import in OSCAL format
  • Import OSCAL catalog
  • Import OSCAL SSP
  • Import OSCAL POA&M
  • Import OSCAL AP
  • OSCAL namespace
  • Analytics and Reporting
  • CAM Overview dashboard
  • AO Overview dashboard
  • SCA Overview dashboard
  • Reference
  • CAM user roles
  • Control Requirement Details View
  • Compliance impact on control requirements
  • Fields on the Authorization Boundary form
  • Fields on the Authorization Package form
  • Components installed with Continuous Authorization and Monitoring
  • Configuring ATO artifacts report templates
  • Install the add-in
  • Create content configurations for CAM
  • Word template form
  • Word template category form
  • Tables installed with CAM
  • Model Risk Management
  • Explore
  • Model Risk Workspace
  • Configure
  • Install Model Risk Management
  • Configure Model Workflow Settings
  • Use
  • Request a new model
  • New Model Intake form
  • Initiate a model risk assessment
  • Perform model risk assessment
  • Create a validation task
  • Perform model validation
  • Request evidence for model
  • Request evidence form
  • Approve or reject model assessment and validation tasks
  • Create an issue for model
  • Create an issue form
  • Create assessment in the Pre-deployment stage
  • Schedule assessment and validation tasks
  • Reassign model assessments and validations
  • Copy assessment responses
  • Override model ratings
  • Link existing documents to a model record
  • Reference
  • Model Risk Management email notifications
  • Roles installed with Model Risk Management
  • Tables installed with Model Risk Management
  • Operational Resilience
  • Explore
  • Key dependencies for Operational Resilience
  • Common Service Data Model for Operational Resilience
  • CSDM data workflow and business model views
  • Main node configurations: A component of the Data Relationship Framework
  • Node relationship configurations
  • Relationships between CSDM objects
  • Nexus map configurations
  • Node and edge configurations and property setting from the UI
  • Main node configuration source
  • Configure
  • Install Operational Resilience application
  • Assign Operational Resilience roles to users
  • Set up pillars, entity types, and generate entities
  • Configuring the pillars
  • GRC Choices form
  • Configuring entity types and entity filters
  • Entity Type New record form
  • Configure the Main node configurations
  • Main node configuration form
  • Configure the Node relationship configurations
  • Node relationship configuration form
  • Relationship registry record form
  • Configure the Nexus map configurations
  • Nexus map configuration form
  • Configure the Node configurations
  • Node configuration form
  • Configure the Node status configurations
  • Node status configuration form
  • Configure the Edge configurations
  • Edge configuration form
  • Configure the Edge status configurations
  • Edge status configuration form
  • Configuring Operational Resilience properties
  • Configuring 360º views for services and processes
  • Opres with CSDM header Main node configuration
  • Service (CMDB) Main node configuration
  • Business process to dependencies Main node configuration
  • Business service to dependencies Main node configuration
  • Service offering to dependencies Main node configuration
  • BCM dependencies related Main node configurations
  • Sample Services to dependencies configuration
  • Sample Application service to dependencies configuration
  • Sample end-to-end workflow for business services
  • Sample end-to-end workflow for services
  • Completing general administrative tasks
  • Create a scenario and link it to an event
  • Scenario New record form
  • Create an event group for the scenario
  • GRC Choice New record form
  • Create an event for the scenario
  • Event New record form
  • Add a participant role for the scenario analysis
  • GRC Choice New record form for participant roles
  • Update the Important choices module
  • GRC Choices form
  • Set up the Importance and Impact Tolerance Rating Scale
  • Rating Scale New Record form
  • Create and edit the attestation template
  • Assessment Metric Type New Record form
  • Create a Smart Assessment template
  • Set up Legacy assessment template
  • Assessment Metric Type form
  • Create HTML and PDF document templates
  • HTML Template form
  • Show Business services overview tab in Workspace view
  • Setting up the Operational vulnerability module
  • Set up the Operational vulnerability type
  • Vulnerability Type form
  • Set up the State model and Action task model
  • GRC state model form
  • Define the state transitions model
  • Set up the Vulnerability Assessment Template
  • Assessment metric type form
  • Set up the Document Template
  • HTML Template form
  • Manage
  • Gathering data aligned with the CSDM setup
  • Using the flexible data model
  • Data setup for business services
  • Add a service to Operational Resilience reporting
  • Create New Service form
  • Add a business service to Operational Resilience reporting
  • Create New Business Service form
  • Add a service offering to Operational Resilience reporting
  • Create New Offering form
  • Add a business process to Operational Resilience reporting
  • Create New Business Process form
  • Add an application service to Operational Resilience reporting
  • Create New Service Instance form
  • Verify the Main node configurations and relationships
  • Execute the scheduled jobs
  • Interacting with the Nexus map UI from the Workspace
  • Fetching dependencies from the CMDB and BIA
  • Performing Importance and impact tolerance assessment
  • Create an Importance and impact tolerance assessment
  • Create New Importance and impact tolerance assessment form
  • Define the scope and begin the assessment
  • Submit the assessment
  • Request an approval for the assessment
  • Close the assessment
  • Conducting a scenario analysis
  • Create a scenario analysis
  • Create New Scenario analysis form
  • Associate a scope and define the dependencies
  • Request the plan approval
  • Approve the plan for the scenario analysis
  • Adding a scenario event to the analysis
  • Add a scenario event
  • Scenario event form
  • Scenario analysis response task form
  • Add a participant and monitor the responses
  • Link issues and operational vulnerabilities
  • Submit the scenario analysis and receive an approval
  • Close the scenario analysis
  • Certifying services using self-attestation
  • Perform the self-attestation assessment
  • Create New Self attestation form
  • Submit the self-attestation report
  • Managing Operational vulnerability
  • Operational vulnerability
  • Reporting Operational vulnerability
  • Report an Operational vulnerability from the Employee Center
  • Report operational vulnerability form
  • Assign the reported vulnerability to an analyst
  • Report an Operational vulnerability from the module
  • Create New Operational vulnerability form
  • Report an Operational vulnerability from the Importance assessment
  • Report an Operational vulnerability from the Scenario analysis
  • Report an Operational vulnerability from the Self-attestation module
  • Report an Operational vulnerability from the Service record
  • Add the primary origin
  • Primary origin form
  • Add the impacted area
  • Impacted area form
  • Update the state of the operational vulnerability
  • Creating an action task for the operational vulnerability
  • Manage an assessment-type action task
  • Create New Action task form
  • Reassign or accept the assigned action task
  • Perform an assessment on the action task
  • Manage an investigation-type action task
  • Request an approval for the action task
  • Decide the treatment and perform a root cause analysis
  • Add or create an issue for the operational vulnerability
  • Request an approval
  • Approve the operational vulnerability
  • Close the operational vulnerability
  • Maintaining Digital resilience third-party registers
  • Exploring Digital resilience third-party registers
  • Use cases for updating the information registers
  • Register of information regulatory packages
  • Validation framework for Register of Information in Operational Resilience
  • Configuring Digital resilience third-party registers
  • Creating and reviewing the records
  • Create records in bulk
  • Update existing records in bulk
  • Validate the Register of Information packages
  • Display the help tips on the forms
  • Using Digital resilience third-party registers
  • Create a legal entity and enhance digital resilience data
  • Create New Company form
  • Create New Legal entity form
  • Create a branch and enhance digital resilience data
  • Create New Branch form
  • Create a function and enhance digital resilience data
  • Create Function form
  • Create a third party and enhance digital resilience data
  • Create New Company form
  • Create New ICT third-party service provider form
  • Create a third-party engagement and enhance digital resilience data
  • Add Digital resilience information to third-party engagements
  • Create New Third-party engagement form
  • Create a contract and enhance digital resilience data
  • Create New Contract form
  • Create New Contractual arrangement form
  • Create a supply chain and enhance digital resilience data
  • Create an assessment and enhance digital resilience data
  • Create Microsoft Excel download and upload request
  • Create New Excel download/upload request form
  • Currency conversion and third-party aggregation
  • Convert and aggregate contractual expenses to regulator-required currencies
  • Update existing records in bulk
  • Create records in bulk
  • Generate a register of information package
  • Using Digital resilience incident reporting
  • Explore
  • Configure
  • Set up entities for the targets
  • Map regulations to the entities
  • Set up DRIR Smart Assessment templates in the Assessment Workspace
  • Set up action task templates in Regulatory agency profile
  • Set up the flows in Flow Designer
  • Manage
  • Reporting incidents from SOW and SIR Workspace in DRIR
  • Report a major incident from Incident Management
  • Report a major incident from Security Incident Response
  • Report a major incident manually
  • Create New Digital Resilience Incident form
  • Reporting incidents or security incidents for multiple regulations
  • Complete action tasks and report incidents associated with regulations
  • Generating Microsoft Word reports using Document designer
  • Install Document designer with Microsoft Word
  • Create Template configurations
  • Create Data relationships
  • Create Content configurations
  • Download the manifest file
  • Build Microsoft Word template using the add-in
  • Generate Microsoft Word report
  • Creating or adding an issue
  • Create New Issue form
  • Monitor
  • Resilience metrics
  • Business services overview tab
  • Services overview tab
  • Pillars overview tab
  • Task page and List view
  • Reference
  • Properties installed with Operational Resilience
  • Roles installed with Operational Resilience
  • Scheduled jobs installed with Operational Resilience
  • Script includes installed with Operational Resilience
  • Tables installed with Operational Resilience
  • Tables relevant to CSDM
  • Tables relevant to Operational vulnerability
  • Digital resilience third-party registers reference
  • Roles installed with Digital resilience third-party registers
  • Tables installed with Digital resilience third-party registers
  • Digital resilience incident reporting reference
  • Roles installed with Digital resilience incident reporting
  • Script includes installed with Digital resilience incident reporting
  • Tables installed with Digital resilience incident reporting
  • Applications provided with IRM Pro and BCM Pro SKUs
  • Policy and Compliance Management
  • Explore
  • Structural overview
  • An overview of policy life cycle in Policy and Compliance Management
  • Implement
  • Implement setup checklist
  • Download
  • Quick start tests
  • Perform
  • Assign roles
  • Set properties
  • Mandatory setup
  • Create policy
  • Create control objective
  • Relate control objective
  • Create control attestation
  • Create control indicator
  • Enhancement steps
  • Create article template
  • Create or deactivate citation
  • Set notification properties
  • Set up GRC Virtual Agent
  • Set up dynamic approval configuration for policy
  • Policy dynamic approval setup
  • Policy dynamic approval setup with redlining
  • Allow policy exception requests
  • Configure policy exceptions
  • Register other applications
  • Define policy exception reason choices
  • Define policy categories
  • Create exception questionnaire
  • Define policy exception verification rules
  • Define policy exception approval rules
  • Policy exceptions and extensions with GRC Approval Configurator
  • Enable GRC Approval Configurator
  • Define policy exception verification rules
  • Define policy exception approval rules
  • Define extension rules for policy exceptions
  • Use
  • Classic UI
  • Manage control objectives and policies
  • Create policy
  • Approve and publish policy
  • Acknowledge policy
  • Set up campaign
  • Create audience
  • Submit acknowledgement request
  • Respond to acknowledgement request
  • Work with acknowledgements
  • Retire policy
  • Create article template
  • Create control objective
  • Deactivate a control objective
  • Relate control objective
  • Relate control objective
  • Create or deactivate citation
  • Create authority document
  • Deactivate authority document
  • Manage policy exceptions and extensions
  • Request policy exception
  • Request policy extension
  • Review policy exception and extension
  • Request policy exception
  • Request policy extension
  • Integration with Vulnerability Response
  • Manage issues
  • Manually create issues
  • Group issues under new parent
  • Group issues under existing parent
  • User hierarchy access control
  • Report self-identified issues
  • Triage self-identified issue
  • Remediate issue
  • Manage UCF integration
  • Activate Compliance UCF
  • Configure UCF integration through API key
  • Configure UCF integration using UCF CCH
  • integrate with UCF Common Controls Hub
  • Create Now Support Case
  • Download a UCF shared list
  • Eliminate duplicate citations
  • Manage controls
  • Create control
  • Follow control
  • Attest control
  • Create multiple controls
  • Manage control attestations
  • Manage control indicators
  • Monitor controls
  • Manage evidence requests
  • Evidence request workflow
  • Request evidence during audits
  • Reuse evidence from related engagement items
  • Provide requested evidence
  • Approve evidence
  • Review and manage evidence requests
  • Enable Related Evidence related list
  • GRC Compliance Workspace
  • Explore
  • Compliance Manager home
  • Compliance Analyst home
  • IT Compliance Manager home
  • Configure
  • Configure IT compliance manager data filter
  • Use
  • Manage control objectives and policies
  • Create policy
  • Manage compliance of policy
  • Approve and publish policy
  • Acknowledge policy
  • Set up policy acknowledgement campaign
  • Create audience
  • Submit acknowledgement request
  • Respond to acknowledgement request
  • Retire policy
  • Create article template
  • Manage control objective
  • Create control objective
  • Add control objective requirements
  • Control assessment through attestation
  • Respond to attestations from Employee Center
  • Respond to attestations on the Risk Portal
  • Respond to attestations from Compliance Workspace
  • UI updates for GRC attestation
  • Group assessments for control attestations
  • Combine assessments for control attestations
  • Perform CRI tiering questionnaire
  • Perform CRI profile assessment
  • Deactivate control objective
  • Relate control objective to policy
  • Relate control objective to citation
  • Create citation
  • Create authority document
  • Deactivate authority document
  • Manage policy exceptions and extensions
  • Request policy exceptions
  • Manage policy exception from the Overview page
  • Review policy exception and extension request
  • Assess risks of policy exception
  • Set up advanced risk assessments
  • Manage issues
  • Manually create issues
  • Compliance workspace issue form details
  • Group similar issues under new parent issue
  • Group similar issues under existing parent issue
  • Link issues to multiple objects
  • Triage self-identified issues
  • Remediate issues
  • Manage controls
  • Create control
  • Link automatically generated issues
  • Test common control and implement results
  • Convert standard control to common control
  • Impact of common control
  • Entity enhancements
  • Group assessments for similar assessments
  • Take attestation at control requirements level
  • Compliance score calculation
  • Set up compliance score calculation
  • Logic for compliance score calculation
  • Manage control indicators
  • Create control indicator
  • Create indicator template
  • Performance enhancements
  • Manage evidence requests
  • Request audit evidence
  • Provide requested evidence
  • Approve evidence
  • Manage evidence request
  • Review related evidence
  • Policy authoring and redlining
  • Import policy text for redlining
  • Pre-requisites to enable policy redlining
  • Create and associate policy texts
  • Create and associate policy document in Microsoft OneDrive
  • Connect policy to existing document in Microsoft OneDrive
  • Upload Word document to Microsoft OneDrive
  • Create and associate policy document in Google Drive
  • Connect policy to existing document in Google Drive
  • Upload a Microsoft Word document to Google Drive
  • Create and associate policy document in Microsoft SharePoint
  • Connect policy to existing document in Microsoft SharePoint
  • Upload Word document to Microsoft SharePoint
  • Sync cloud document and view policy text
  • Provide document access to policy users
  • Complete publishing checklist and request policy approval
  • View history for redlining-enabled policy
  • Manage GRC tasks from Employee Center
  • Report GRC issues
  • Create policy exception
  • Complete control assessments
  • Policy knowledge base
  • Group similar assessments
  • Manage continuous monitoring for controls between Configuration Compliance and Policy and Compliance Management
  • Manage mobile experience for GRC Policy and Compliance
  • Setup checklist for the GRC Mobile application
  • Log in to the GRC Mobile application
  • Process pending Policy and Compliance Management approval requests with the GRC Mobile application
  • Process pending approvals for Policy exceptions with the GRC Mobile application
  • Assign Policy and Compliance Management indicator tasks with the GRC Mobile application
  • Assign Policy and Compliance Management issues with the GRC Mobile application
  • Assign Policy and Compliance Management remediation tasks with the GRC Mobile application
  • Reassign overdue Policy and Compliance Management attestations with the GRC Mobile application
  • Reassign overdue Policy and Compliance Management issues with the GRC Mobile application
  • Filter records with the GRC Mobile application
  • Explore the 360° relationship view
  • Preventive compliance with Policy as Code Engine
  • Configure compliance data source registry
  • Map PaCE policy to control objective
  • Association of citations to controls
  • Enable associations of citation to controls mapping
  • Compliance score calculation for a citation
  • Factors affecting compliance score for citations
  • Add related controls to a citation manually
  • Add related citations to a control manually
  • Integrate
  • Policy and Compliance integrator workflow
  • Use Policy and Compliance integrator
  • Manage content integration batch records
  • Assign library import task
  • Approve library import task
  • DevOps Accelerator plugin
  • Analytics and Reporting
  • Compliance Overview Performance Analytics dashboard
  • Policy Overview Performance Analytics dashboard
  • Policy Exception Overview Performance Analytics dashboard
  • Policy Acknowledgement dashboard
  • My Attestation Overview dashboard
  • GRC Attestation Overview dashboard
  • NIST Cybersecurity Framework Overview dashboard
  • NIST Framework Profiling Overview dashboard
  • Application Risk and Compliance Overview dashboard
  • Reference
  • Components installed with Policy and Compliance Management
  • Domain separation in GRC: Policy and Compliance Management
  • Privacy Management
  • Explore
  • Processing activities
  • Understanding Processing activity hierarchy
  • Hierarchy tab
  • Classic assessments
  • Smart assessments
  • Risk assessments
  • Risk Assessment Methodology (RAM)
  • Privacy assessment configurations
  • Information objects
  • Privacy Workspace for the privacy manager
  • Processing activity tab
  • Risk and compliance tab
  • Operations tab
  • Privacy cases tab
  • Privacy Workspace for the privacy analyst
  • Privacy Management solution
  • Data subject types
  • Configure
  • Download application
  • Manage information objects
  • Create
  • Configure categories
  • Classify as personal information
  • Configure smart assessment templates for screening assessments
  • Configure smart assessment templates for impact assessments
  • Create a privacy assessment
  • Write a processing activity script
  • Map a control objective to a question response
  • Map an information object to a question response
  • Map a risk statement to a question response
  • Map the processing activity fields to a question response
  • Create and validate an assessment configuration
  • Map a table with a processing activity
  • Use
  • Entity scoping to plan a privacy program
  • Discover processing activities involving personal data
  • Types of privacy assessments
  • Initiating privacy assessments
  • Send a privacy assessment from an entity
  • New privacy assessment creation form
  • Send a privacy assessment to multiple entities
  • Send a privacy assessment from a processing activity
  • Send privacy assessments from multiple processing activities
  • Create a Risk Assessment Methodology
  • Risk assessment methodology form
  • Respond to a smart assessment
  • Respond to a screening assessment
  • Review a privacy assessment
  • Create or update a processing activity
  • Create or manage an information object
  • Modify an information object
  • Add data subject type to a processing activity
  • Add data subject type to privacy impact assessment
  • Classify data subject type as vulnerable
  • Add key stakeholders and send privacy assessments
  • Add a regulatory agency
  • Regulatory agency form
  • Create a lineage for a processing activity
  • Edit a lineage
  • Delete a lineage
  • Update maximum node level
  • Create or manage a control on a processing activity
  • Delete a control from a processing activity
  • Create or manage risks on a processing activity
  • Manage chat collaborations of a processing activity
  • Create or add issues on a processing activity
  • Assign a processing activity to a key stakeholder
  • Access control by legal entity
  • Configuring access control
  • Entity-based access configuration
  • Create an entity configuration
  • Add hierarchical relationships
  • Set access restrictions using an entity based record access update utility
  • Set Entity-based record access rules
  • Integrate Employee Center and Risk portal
  • Privacy Case Management
  • Explore
  • Home page
  • Overview page
  • Workflow
  • Smart assessments
  • Privacy breach assessments
  • Overview page of a breach assessment
  • States of a privacy breach assessment
  • Elements of a privacy breach assessment
  • Configure
  • Install
  • Create a view rule
  • View rule form
  • Create an assignment rule
  • Assignment rule form
  • Create state model transition
  • Define the workflow states for a privacy case
  • Define model state transitions
  • GRC model state transition condition form
  • Create a privacy case assessment template
  • Assessment metric type form
  • Configure inbound email to enable privacy case creation
  • Configure Record Type Area
  • Configure privacy breach assessment
  • Create a breach factor type
  • Create breach factors
  • Create a PI data element type
  • Create PI data elements
  • Create a region
  • Create a jurisdiction
  • Use
  • Report a privacy case
  • Report a privacy case from the Employee Center
  • Employee Center privacy case creation form
  • Create a privacy case in the Privacy Workspace
  • Privacy new case form
  • Report a privacy case through email
  • Report a privacy case anonymously
  • Anonymous privacy case form fields
  • Initiate a breach assessment from a case
  • Work on a privacy breach assessment
  • Case task workflow
  • Create a case task
  • Case task form
  • Work on a case task
  • Reassign an assessment type case task
  • Review and close a case task
  • Add an impacted area to a privacy case
  • Add PI information objects to a privacy case
  • Add key stakeholders to a privacy case
  • Add a related area to a privacy case
  • Add causes and consequences to a privacy case
  • Cause and consequence form
  • Add a privacy regulation related to a case
  • Add or create an issue for a privacy case
  • Export a privacy case as a PDF
  • Send an email from a privacy case
  • Perform smart assessment on privacy action task
  • Integrate for RadarFirst
  • Reference
  • Components installed with Privacy Case Management
  • Personal Data Rights (PDR)
  • Explore
  • Workflow
  • Workspace
  • Configure
  • Configure request type
  • Personal Data Rights request type form
  • Create an action task template
  • Create a data registry
  • Generate action tasks for a request
  • Use
  • Create a request
  • Personal data rights request form
  • Add action tasks to a request
  • New action task form
  • Accept and work
  • Personal Data Rights (PDR) external-facing form
  • Submit a privacy request using the external facing PDR form
  • Privacy data request fulfillment workflow
  • Configure request types and map jurisdictions
  • Modify email templates
  • Now Assist for Privacy Management
  • Install Now Assist for Privacy Management
  • Use Risk assessment summarization skill to generate summary
  • Summarize an issue
  • Use Recommendation of similar control objectives skill to generate suggestions
  • Act on the recommendations
  • Review rationalization process
  • Case summarization for privacy cases
  • Summarize a privacy case
  • Privacy content accelerator
  • Update Privacy Content
  • Reporting
  • Home page
  • Processing activity overview page
  • Reference
  • Tables installed
  • Roles installed
  • Roles and tables installed with PDR
  • Email notifications
  • Uses of a processing activity
  • Workflow
  • Domain separation
  • Regulatory Change Management
  • Explore
  • Landing page
  • Tasks page in the Compliance Workspace
  • Source document import tasks
  • Regulatory process flow and tasks
  • Overview of RSS feeds
  • General guidelines
  • Overview of regulatory taxonomy
  • Impact assessments for the regulatory alerts
  • Regulatory assessment for a regulatory alert
  • Next Experience Discuss and Chat Collaboration
  • RCM in the Compliance Workspace
  • Now Assist in RCM
  • Configure
  • Download and install
  • Setup checklist
  • Set up the RSS feeds infrastructure
  • Activate and pull RSS feeds
  • Set up RSS feed sources
  • Map the taxonomy
  • Configure a provider taxonomy configuration record
  • Manage feed request responses
  • Admin module
  • Use
  • Create an action task
  • Create an issue related to the regulatory tasks
  • Delete an issue
  • Regulatory Change Management Core UI
  • Regulatory alerts
  • Perform actions on regulatory alerts
  • Add an AI-recommended citation to a regulatory alert
  • Manage and assign regulatory event alerts
  • Train and use the similarity solution to recommend citations on regulatory alerts
  • Auto-assign configuration for regulatory alerts
  • Similarity Definition Form
  • Manage and assign source document alerts
  • Regulatory change tasks
  • Users and associated actions for the regulatory change tasks
  • Manage the regulatory change tasks
  • Source document import tasks
  • Users, associated actions, and states for the source document import tasks
  • Manage the source document import tasks
  • Regulatory Change Management dashboard
  • Manage regulatory tasks
  • Regulatory alerts
  • Differences between regulatory event alert and source document alert
  • Link Change tasks
  • Change tasks
  • Link Action tasks
  • Regulatory event alerts view
  • Impact radius for regulatory events
  • Source document alerts
  • Respond to a regulatory assessment
  • Respond to a regulatory alert risk assessment
  • Assess the impact of a regulatory alert
  • Create regulatory event alerts manually
  • Assign a regulatory event alert to a coordinator
  • Assess the impact of a regulatory event alert
  • Manage regulatory change tasks
  • Regulatory Change Task form
  • Manage a source document import task
  • Assign a source document alert to a coordinator
  • Create a new action task for the alert
  • Complete the action task associated with the alert
  • Create or add an issue related to a regulatory task
  • Create New Issue form
  • Associating an AI-recommended citation to an open regulatory alert
  • Action tasks in Regulatory Change Management
  • Import the regulatory event alerts in bulk
  • Manage the taxonomy
  • Export a report to PDF
  • Reference
  • User roles
  • Types of alerts, user roles, and states of regulatory alerts
  • Roles and tables installed with Regulatory Agency Library
  • Email notifications in Regulatory Change Management
  • Risk Management
  • Explore
  • GRC Risk Workspace
  • Risk Workspace for the operational risk manager
  • Risk Workspace for the business operational risk manager
  • Risk Workspace for the IT risk manager
  • User experience enhancements in the Risk Workspace
  • GRC Portal
  • Advanced Risk Assessments in the Risk Workspace
  • Advanced Risk Assessment
  • Workflow of Advanced Risk Assessment
  • Factors in Advanced Risk Assessment
  • Types of risk rating methodologies
  • Transformation criteria
  • Any object assessment using Advanced Risk Assessment
  • Delegation of risk assessment
  • Understanding the risk assessment instance
  • Managing risk responses
  • Risk score rollup in Advanced Risk Assessment
  • Privacy risk management
  • Risk score rollup in Privacy Management
  • Manage risk assessment scheduler
  • Integration of advanced risk assessments with risks and controls
  • Risk appetite and tolerance in Advanced Risk
  • Target risk assessment in Advanced Risk
  • Manage risk events
  • Business process management
  • Exploring the entities
  • Entities
  • Entity types in GRC
  • Entity classes in GRC
  • Entity tiers in GRC
  • Manage risks, risk statements, and risk frameworks
  • Workflow of a risk using Advanced Risk
  • Manage risks linked to the same risk statement
  • Risk hierarchy and scoring
  • Association of entities at any level of a risk statement
  • Manage classic risk assessments
  • Risk indicators, control indicators, and indicator templates
  • Manage risk issues and remediation
  • Reporting views from Risk Assessment Methodology
  • Configure
  • Risk Management implementation
  • Download Risk Management
  • Install Risk Management
  • Setup checklist for the Risk Management application
  • Setup checklist for GRC Advanced Risk
  • Download Advanced Risk
  • Risk Management detailed setup
  • Quick start tests for GRC Advanced Risk
  • Configure Risk Management
  • Risk Management Administration
  • Quick start tests for Risk Management
  • Set up checklist for the GRC Mobile application
  • Risk appetite setup
  • Configure a risk appetite and tolerance in Advanced Risk
  • Set up a risk appetite scale
  • Change a risk appetite status
  • Modify Advanced Risk messages
  • Create related list groupings in Advanced Risk
  • Integrate
  • Project Risk Assessment using Advanced Risk Assessment
  • Workflow of project risk assessment
  • Configure Project Portfolio Management and Advanced Risk integration
  • Assign project risks to stakeholders for assessment
  • Assess project risks using Advanced Risk Assessment
  • Elevate a project risk to enterprise risk
  • Application risk assessment using Advanced Risk Assessment
  • Workflow of risk identification for business applications
  • Set up risk identification integration
  • Respond to an application questionnaire
  • Create a smart assessment template for risk identification
  • Review responses and perform inherent risk assessment
  • Associate risks, citations, policies, and controls with a risk identification record
  • Recommendation engine for risk and compliance mapping
  • Information objects
  • Integration of advanced risk assessment with other applications
  • Integration of Employee Center and GRC
  • Manage continuous monitoring for risks between Risk Management and Vulnerability Response
  • Integrating Microsoft 365 with Management Reporting of Risk
  • Workflow of Management Reporting of Risk
  • Install the ServiceNow Reporting add-in for risk reporting
  • Set up Microsoft 365 reporting configuration in risk
  • Configure a business domain role in Management Reporting of Risk
  • Add additional reporting configuration filters for a Microsoft 365 configuration record in risk
  • Add the ServiceNow Reporting add-in into Microsoft Word
  • Import risk data in to a Microsoft Word
  • Use
  • Mobile experience for GRC Risk Management
  • Log in to the GRC Mobile application
  • Process pending Risk acceptance tasks with the GRC Mobile application
  • Assign Risk Management indicator tasks with the GRC Mobile application
  • Assign Risk Management issues with the GRC Mobile application
  • Assign Risk Management remediation tasks with the GRC Mobile application
  • Reassign overdue Risk Management assessments with the GRC Mobile application
  • Reassign overdue Risk Management issues with the GRC Mobile application
  • Filter records with the GRC Mobile application
  • Use Risk Events
  • Configure risk event integration
  • Create a risk event response template
  • Risk Event Response Template form
  • Define a threshold amount for the risk event response template
  • Financial Impact Approval Thresholds
  • Report risk events from the Service Portal
  • Report a risk event from Employee Center
  • Report a risk event from an incident
  • Create a risk event task
  • Analyze a risk event
  • Create a risk event
  • Approve a risk event
  • Close a risk event
  • Reopen a closed risk event
  • Add a risk event cause to the cause library
  • Add a risk event consequence to the consequence library
  • Set up GRC Virtual Agent to report risk events
  • Perform Advanced Risk Assessment
  • Create a manual factor
  • Create a group factor
  • Scoring logic for predefined formulas for group factors
  • Create an automated factor
  • Create a scripted automated factor
  • Copy a factor
  • Configure a risk assessment methodology
  • Risk Assessment Methodology form
  • Copy a risk assessment methodology
  • Retire a risk assessment methodology
  • Configure an inherent assessment
  • Inherent Assessment form
  • Configure a control effectiveness assessment
  • Control Assessment form
  • Configure a residual assessment
  • Residual Assessment form
  • Configure a target assessment
  • Target assessment form
  • Create risk color styles
  • Configure risk heatmaps
  • Create a risk assessment scope and initiate assessments
  • Simulate a risk assessment
  • Assess risks and objects on an assessment instance
  • Assess risks
  • Create a risk assessment using the Risk Assessment Designer
  • Create an assessment type
  • Assess risk for a policy exception
  • Assess a risk
  • Manage a business process
  • Create a business process
  • Approve, reject, or delete a business process
  • Create a risk framework and associate risk statements to it
  • Define risk statement hierarchy
  • Create a risk statement
  • Visualize risk hierarchies using the GRC: Workbench
  • Generate a risk from a risk framework
  • Generate a risk from a risk statement
  • Relate risks to each other
  • Create a risk manually
  • Follow a risk
  • Add a control to a risk
  • Manually create issues
  • Report issues from the Service Portal
  • Issue assignment using the Governance, Risk, and Compliance Predictive Intelligence plugin
  • Train and use the similarity solution definition for issue assignment prediction
  • Use entity and risk dependencies using the GRC: Workbench
  • Activate GRC: Workbench
  • Create entity class using the GRC: Workbench
  • Create relationships between entity classes using the GRC: Workbench
  • Associate a risk framework or risk statement with an entity type to generate risks
  • Visualize and edit entity dependencies using the GRC: Workbench
  • Delete entity dependencies using the GRC: Workbench
  • Delete an entity class using the GRC: Workbench
  • Create a risk using the GRC: Workbench
  • Visualize and edit risk dependencies using the GRC: Workbench
  • Delete risk dependencies using the GRC: Workbench
  • Monitor risks using GRC Performance Analytics Indicators
  • Activate performance analytics integration
  • Associate PA indicator with risk or control objective
  • Associate PA indicator with risk or control
  • Update associated indicators
  • Create GRC indicator template
  • Create a risk indicator
  • View the Risk Overview
  • Use Risk Workspace
  • Create a risk framework in the Risk Workspace
  • Create a risk statement in the Risk Workspace
  • Associate a risk statement with a control objective in the Risk Workspace
  • Common controls in Risk Management
  • Create and run a manual risk indicator in the Risk Workspace
  • Create and run a basic risk indicator in the Risk Workspace
  • Create and run a scripted risk indicator in the Risk Workspace
  • Issue management in the Risk Workspace
  • Create a risk assessment scope in the Risk Workspace
  • Schedule risk assessments in the Risk Workspace
  • Perform advanced risk assessment in the Risk Workspace
  • Perform any object assessment in the Risk Workspace
  • Workflow of risk response task
  • Workflow of action item in risk response task
  • Create a risk response task in the Risk Workspace
  • Create an action item in the risk response task
  • Create New Action Item form
  • Workflow for risk identification in the Risk Workspace
  • Create a risk event in the Risk Workspace
  • Associate similar risk events
  • Categorizing risks with the Governance, Risk, and Compliance: Predictive Intelligence plugin
  • Analyze a risk event in the Risk Workspace
  • Create a risk event entry in the Risk Workspace
  • Create an ORX external event
  • Report a risk event from the Risk Portal
  • Chart colors for risk data
  • Create a business process in the Risk Workspace
  • Add related assets to a business process
  • Create a test plan in Risk Workspace
  • Filter data in the risk heatmap workbench
  • Define the risk appetite for an entity
  • Risk appetite fields on the Entity form
  • Define the risk appetite for a risk
  • Risk appetite fields on the Risk form
  • Define the risk appetite for a risk statement
  • Risk appetite fields on the Risk Statement form
  • Parallel Review and Feedback in Advanced Risk
  • Parallel Review and Feedback workflow
  • Feedback dashboard
  • Configure a feedback integration
  • Feedback integration configuration form
  • Create feedback in Advanced Risk
  • Create feedback in the Risk Workspace
  • Create New Feedback form
  • Create Feedback from the record side panel
  • Feedback Details form
  • Initiate a chat from Sidebar in Parallel Review and Feedback
  • Respond to the feedback
  • Review and close the feedback
  • Roles for Parallel Review and Feedback
  • Risk assessment project
  • Workflow of risk assessment project
  • Create a risk assessment project
  • Perform assessment on a risk assessment project in stacked view
  • Perform assessment on a risk assessment project in grid view
  • Reassess a risk assessment project
  • Reassign assessor for a risk assessment project
  • Matrix report in Risk Workspace
  • Configure Matrix report registry
  • Create Matrix report configuration for Risk Workspace
  • Matrix report configuration form
  • View matrix report in the landing page and record page of Risk Workspace
  • GRC: Metrics in Integrated Risk Management
  • Configure
  • Create a manual metric definition
  • Create New Metric Definition form
  • Create an assignment configuration
  • Create an automated metric definition
  • Automated metric definition form
  • Create a calculated metric definition
  • Calculated metric definition form
  • Formula building in a calculated metric definition
  • Configure the formula builder
  • Create a formula
  • Update a metric definition
  • Create a metric
  • Create New Metric form
  • Create a metric unit
  • Convert metric data to a different unit
  • Update a metric
  • Update a manually created metric
  • Create a threshold for a metric
  • Metric Definition Threshold form
  • Copy thresholds
  • Customize threshold colors
  • Use
  • Provide data for a metric data task
  • Provide responses for multiple metrics
  • Review a metric data task
  • Override metric data task response
  • Override metric data
  • Reviewing calculation details with formula trees
  • View the calculation breakdown in a formula tree
  • Reference
  • Components installed with the GRC: Metrics application
  • Analytics and reporting solutions for Risk Management
  • Operational risk heatmap for Advanced Risk Assessment in the Risk Workspace
  • Risk heatmap for classic risk assessment
  • Risk heatmap workbench
  • Operational Risk Management dashboard
  • GRC Advanced Risk plugin indicators
  • GRC Audit Management plugin indicators
  • GRC Policy and Compliance Management plugin indicators
  • GRC Risk Management plugin Performance Analytics indicators
  • GRC Profiles plugin indicators
  • Risk register in the Risk Workspace
  • Project Risk Overview dashboard
  • Risk Identification Overview dashboard
  • Basel dashboard
  • GRC Risk Overview dashboard
  • Advanced Application Risk dashboard
  • Performance Analytics dashboards for risk events and risk hierarchy
  • Advanced risk assessment dashboard
  • Reference
  • Components installed with Risk Management
  • Roles installed with Risk Management
  • Roles installed with the GRC Risk Workspace
  • Properties installed with Risk Management
  • Tables installed with Risk Management
  • Components installed with Advanced Risk
  • Tables installed with Advanced Risk
  • Roles for performing advanced risk assessment
  • Properties installed with Advanced Risk
  • Business process roles
  • Domain separation in Risk Management
  • Smart Assessment Engine
  • Exploring Smart Assessment Engine
  • Accessing templates in the Assessment Workspace
  • Domain separation and Smart Assessment Engine (SAE)
  • Configure
  • Triggering assessments
  • Configure the Trigger Smart Assessment Flow action
  • Trigger assessments from a script
  • Creating an assessment template from legacy assessment metric types
  • Migrate a legacy metric type to an assessment template
  • Manage
  • Use template designer
  • Create an assessment template
  • Create assessment template form
  • Add instructions and questions to an assessment template
  • Create a text question
  • Create a drop-down list question
  • Create a radio button question
  • Create a check box question
  • Create a number question
  • Create a reference question
  • Create an attachment question
  • Create a date question
  • Create a code question
  • Add reference information to an assessment template
  • Create an assessment template category
  • Copy an assessment template
  • Scoring assessments
  • Scoring results
  • Configure scoring for an assessment
  • Scoring forms
  • Normalization in assessment
  • Score normalization
  • Configure normalization in assessment
  • Create a normalization strategy
  • Edit a normalization strategy
  • Retire a normalization strategy
  • Delete a normalization strategy
  • Automate response
  • Configure an automatic response for a question
  • Post-assessment automations
  • Configure post-assessment actions
  • Link subflow to template category
  • Quick edit for published templates
  • Modify a published template using quick edit
  • Respond to assessments
  • Respond to an assessment
  • Submit an assessment
  • Reassign an assessment
  • Filter unanswered questions
  • Adding attachments to assessment
  • Adding comments to assessments
  • Cancel assessment
  • Copying responses from previous assessments
  • Combining assessments and copying responses
  • Submit combined assessments
  • Collaboration in assessments
  • Manage assessment contributors
  • Reference
  • Roles in Smart Assessment Engine
  • Flow actions for fulfillment subflow definitions
  • Settings in the Test action pop-up window
  • Trigger Smart Assessment action form
  • How legacy metric types are migrated to sections in templates
  • Results of migrating a metric category to an assessment template
  • Third-party Risk Management
  • Explore
  • Risk profile
  • Why conduct due diligence
  • Types of due diligence
  • Reasons for multiple engagements with one third party
  • Types of engagement with third parties
  • Regulations that affect third-party risk
  • Benefits of your TPRM program
  • Onboarding third party example
  • Due diligence workflow
  • Smart Assessment Engine
  • Configure
  • Assign roles to users and groups
  • Add users to groups
  • Configure properties
  • Enable risk concentration map
  • Enable email with third-party contacts
  • Update email notification header and footers
  • Import existing data
  • Configure related lists for vertical navigation on record pages
  • Run quick start tests
  • Classic assessments
  • Risk rating scales for scoring
  • Third-party risk domains
  • Third-party risk area criteria
  • Component criteria
  • Third-party risk scoring rules
  • Engagement risk scoring rules
  • Event-driven management rules
  • View the run history
  • View generated assessments
  • Recall event-driven questionnaires and doc requests
  • Normalize scores for metrics
  • Set up a question bank
  • Define a question
  • View the sample questions
  • Create an external assessment template
  • Configure a scheduled risk assessment
  • Import a questionnaire from a spreadsheet
  • Create a questionnaire or document request template
  • Create templates using the designer
  • Create an issue generation rule
  • Set up internal responses to attach external questionnaires to assessments
  • Smart Assessment Engine assessments
  • Migrating from Classic Assessment Engine to Smart Assessment Engine
  • Migrate templates to SAE format
  • Create a TPRM SAE questionnaire or document request template
  • Managing TPRM SAE templates with Unified Content Management
  • Activate or update Smart Assessment templates
  • Integrate
  • TPRM with Policy and Compliance Management
  • Add a control
  • Create new control form
  • Add a control objective
  • Control objectives form
  • TPRM with Risk Management
  • Add a risk
  • Create new risk form
  • Scores from risk intelligence providers
  • Register a risk intelligence provider
  • Set up a risk intelligence provider service
  • Set up a provider request type
  • Add a risk intelligence score to a third party
  • Automate actions upon risk intelligence updates
  • TPRM with EcoVadis
  • Create an EcoVadis connection and configuration
  • Customize EcoVadis system properties
  • View EcoVadis scores
  • Risk intelligence providers
  • Request due diligence
  • Request engagement due diligence
  • Offboarding engagements without due diligence
  • Assess third-party risk
  • Create internal assessments
  • Respond to internal assessments
  • Create external assessments
  • Respond to questionnaires for a third party or engagement
  • Review responses to external questionnaires
  • Reopen an assessment
  • Create an issue
  • Manage issues
  • Create a task
  • Manage a task
  • Export responses to a spreadsheet
  • Monitor third-party risk
  • Overview of a third party
  • Viewing summarized third party risk information
  • Viewing general third party information
  • Viewing third-party subsidiary risk information
  • Viewing fourth-party information
  • Viewing risk intelligence scores
  • Overview of an engagement
  • Viewing summarized engagement risk information
  • Viewing third-party risk reports
  • TPRM Home page
  • TPRM Due diligence management reports
  • TPRM Risk activity page
  • TPRM Dashboards page
  • TPRM Risk concentration map
  • TPRM Task page
  • TPRM Unified content management page
  • TPRM List page
  • Monitor data using dashboards
  • Create a TPRM dashboard
  • Edit TPRM dashboard details
  • Edit TPRM dashboards
  • Edit TPRM dashboard elements
  • Share a TPRM dashboard
  • Delete a TPRM dashboard
  • Monitoring the due diligence request process
  • Monitoring your fourth-nth parties
  • Register a fourth-nth party
  • Create a fourth-nth party record
  • Promote a fourth-nth party to a third party
  • Monitoring third-party elements
  • Create a third-party element record
  • Add a third-party element record to an engagement
  • Tracking a managed activity
  • Approve or reject due diligence requests
  • Set up the approval levels for DD requests
  • Set up the approval rules for DD requests
  • Manage the contract process
  • Accessing DD requests in the contract risk process
  • Now Assist
  • Exploring
  • Issue summarization skill
  • Issue recommendation skill
  • Supporting information
  • Configure
  • Activate issue summarization skill
  • Activate issue recommendation skill
  • Use generative AI skills
  • Generate a summary of a TPRM issue
  • Generate TPRM issue recommendations
  • Act on the recommendations for issues
  • Document Management system
  • Create a document
  • Create new document form
  • Create a document version
  • Define document sharing permissions
  • Link documents to a TPRM record
  • Use digital resilience third-party registers
  • Create a legal entity and enhance digital resilience data
  • Create New Company form
  • Create New Legal entity form
  • Create a branch and enhance digital resilience data
  • Create New Branch form
  • Create a function and enhance digital resilience data
  • Create New Function form
  • Create a third party and enhance digital resilience data
  • Create New Company form
  • Create New ICT third-party service provider form
  • Create an engagement and enhance digital resilience data
  • Create New Third-party engagement form
  • Add Digital resilience information to engagements
  • Create a contract and enhance digital resilience data
  • Create New Contract form
  • Create New Contractual arrangement form
  • Create a supply chain and enhance digital resilience data
  • Create an assessment and enhance digital resilience data
  • Create a Microsoft Excel download request
  • Create New Excel download/upload request form
  • Create records in bulk
  • Update existing records in bulk
  • Register of information regulatory packages
  • Generate a RoI package
  • Validation framework for RoI
  • Validate Register of Information packages
  • Currency conversion and third-party total expense aggregation
  • Convert and aggregate contractual expenses to regulator-required currencies
  • Manage the third-party portal
  • Set up third-party contacts
  • Manage the access for your third-party contacts
  • E-signatures on questionnaires or document requests
  • Upload and manage documents in the portal
  • TPRM and the Explicit Roles plugin
  • Using a Microsoft Excel spreadsheet template for external questionnaires
  • Respond using a Microsoft Excel template
  • Using the SIG questionnaire for a risk assessment
  • Respond using the SIG
  • Use risk intelligence reports and scores
  • Request a RI report
  • Request a RI report associated with a DD request
  • Track sanctions-related information
  • Reference
  • Terminology
  • Roles in TPRM
  • Unique ID numbers for TPRM records
  • Results of migrating a template to a TPRM SAE template
  • Guidelines for importing spreadsheet data
  • Sample questionnaires
  • Due diligence request process management
  • Request third-party risk due diligence request form
  • IRQ process management
  • Create new internal assessment form
  • Third-party (external) risk assessment management
  • Life cycle states of a external assessment
  • Assessment metric type form
  • Create new external assessment template form
  • Create New TPRM SAE questionnaire template form
  • Third-party risk assessment form
  • Third-party element form
  • Approval process management
  • Approval rule form
  • Risk intelligence report requests management
  • Risk intelligence report request form
  • Scoring calculations using the classic assessment engine
  • Verifying scoring calculations using the classic assessment engine
  • Third-party risk management data model
  • Domain separation and Third-party Risk Management
  • Vendor Risk Overview reports — Legacy view
  • Common GRC features
  • Now Assist
  • Explore
  • AI-driven regulatory alert summarization skill
  • AI-generated recommendations for similar control objectives
  • AI-generated recommendations for a regulatory alert skill
  • Control objective impact analyzer skill
  • Control objective change agent
  • Issue summarization skill
  • Get regulatory analysis workflow
  • Generate regulatory action plan workflow
  • Supporting information
  • Suggest potential risks agentic workflow
  • Report a GRC issue AI agent
  • Case summarization for compliance cases
  • Configure
  • Activate skills
  • Activate recommendation for similar control objectives skill
  • Activate common control objective creation skill
  • Activate Control Objective Impact Analyzer
  • Activate the control objective change agent
  • Activate regulatory alert summarization skill
  • Choose input data form
  • Activate regulatory alert recommendation skills
  • Customize a skill
  • Customize Issue summarization skill
  • Activate agentic workflows
  • Activate the get regulatory analysis agentic workflow
  • Activate the generate regulatory action plan agentic workflow
  • Activate the Report a GRC issue AI agent
  • Post activation indexing and customization
  • Activate GRC case summarization
  • Case summarization configuration fields
  • Use agentic AI
  • Agentic workflows
  • Optimize issue resolution
  • Get regulatory analysis
  • Generate regulatory action plans
  • Suggest potential risks for an entity
  • AI agents in Now Assist for IRM
  • Use Control Objective Change Agent to update control objectives
  • Report a GRC issue
  • Use generative AI skills
  • Summarize an issue
  • Generate a regulatory alert summary
  • Generate recommendations for regulatory alert impacted areas
  • Act on the recommendations for citations
  • Act on recommendations for control objectives
  • Act on recommendations for controls
  • Act on recommendations for policies
  • Add impacted areas manually to a regulatory alert
  • Generate a risk event summary in the classic UI
  • Generate a risk event summary in the Risk Workspace
  • Generate a risk assessment summary
  • Use Recommendation of similar control objectives skill to generate suggestions
  • Act on the recommendations
  • Review rationalization process
  • Use the control objective impact analyzer skill to identify control objectives
  • Summarize a compliance case
  • Assignment Configurator for non-regulatory alerts
  • Configure assignments
  • Regulatory Agency Library
  • Download and activate plugin
  • Add a regulatory agency
  • Create New Agency form
  • Add a regulatory contact to an agency
  • Create New Regulatory Contact form
  • Add a jurisdiction to an agency
  • Add an authority document to an agency
  • Compose and send an email
  • Recommendation contexts and templates
  • User roles
  • Extension points
  • Create a recommendation context
  • Recommendation context form
  • Create a recommendation template
  • Mobile experience for GRC
  • GRC notification redirection
  • Configure
  • Modify email notifications
  • GRC application nomenclature
  • GRC content packs
  • SOX content pack
  • Install
  • Verify in Policy and Compliance Management
  • Verify in Risk Management
  • Verify in Audit Management
  • Dashboard and reports
  • GRC integrations
  • Integration with Thomson Reuters Regulatory Intelligence (TRRI)
  • Install application
  • Establish an SFTP or REST API connection
  • Modules in Thomson Reuters Regulatory Intelligence (TRRI)
  • GRC: integrations with third-party content
  • User roles for the integration process
  • Create a user
  • Standardized Information Gathering (SIG) Questionnaire Integration
  • Install
  • Verify in Third-party Risk Management
  • GRC use case accelerators
  • Cyber Risk Institute accelerator
  • Cybersecurity Controls Accelerator
  • Financial Services Control accelerator
  • NIST CSF Use Case Accelerator
  • Install
  • Verify
  • Supporting concepts
  • Tables
  • Dashboards and reports
  • Process overview
  • Identify the core framework
  • Review the framework core
  • Align and prioritize cybersecurity activities
  • Generate a target for an entity
  • Set up target for NIST CSF framework
  • Orient target
  • Create activity
  • Perform gap analysis
  • Review action plan
  • (Deprecated) NIST RMF Use Case Accelerator
  • Install
  • Verify
  • Supporting concepts
  • Dashboards and reports
  • Process overview
  • Categorize targets
  • Generate target from profile or entity type
  • Set up a target for use with NIST RMF
  • Perform preliminary risk assessment and impact analysis
  • Monitor the NIST RMF Categorize Overview
  • Select baseline control definitions
  • Review baseline controls
  • Tailor baseline controls
  • Implement security controls
  • Manage and implement controls
  • Manage and implement control tests
  • Assess controls, risks, issues, and remediation tasks
  • Review and perform control attestations
  • Review and evaluate control effectiveness
  • Manage and address risks
  • Review and perform risk assessments
  • Manage and address issues
  • Manage and address remediation tasks
  • Monitor the NIST RMF Assess dashboard
  • Authorize targets
  • Authorize targets
  • Monitor the NIST RMF Authorize dashboard
  • Monitor security controls
  • Review and manage indicators
  • Monitor the RMF Monitor dashboard
  • Technology Controls Monitoring Accelerator
  • Download
  • Ensure all appropriate indicator templates are activated
  • View your operational status
  • View the Cybersecurity Controls module
  • Use indicator templates
  • Indicator templates for controls
  • 360° Relationship Visualization
  • Download and activate
  • Set up
  • Explore
  • Tag records with functional domain
  • Functional domain bulk update
  • Bulk update functional domain for multiple records
  • Use the item generation process
  • Components installed
  • Operational changes of common controls
  • Use Approver Configurator for setting up approvals for setting up approvals
  • Set up an approval configuration record
  • Approval Configuration New Record
  • Assignment Configuration New Record
  • Assign an approval level
  • Approval Level New Record form
  • Set up an approval rule
  • Approval Rule form
  • Approval Rule New Record form
  • Base system tables configured with GRC: Approver Configurator
  • Roles installed with GRC: Approver Configurator
  • Confidential records
  • Create
  • Configure confidentiality in GRC tables
  • Confidentiality configuration form
  • Configure confidential inheritance
  • Create confidentiality inheritance
  • Confidentiality Inheritance Configuration form
  • User hierarchy
  • Create a user hierarchy configuration record
  • User group-based access on the GRC tables
  • Content references in GRC
  • Entity Based Access
  • Sample use case scenarios
  • User roles
  • Entity based record access update utility
  • Entity-based record access rules
  • Deactivate entity-based access configuration
  • Configure Entity Based Access
  • Install
  • Set up properties
  • Manage Entity Based Access
  • Configure access to an entity's related records
  • Entity configurations form
  • Configure an entity class for a linked object
  • Entity Class Configurations form
  • Configure an entity type for a linked object
  • Entity Type Configurations form
  • Set access restrictions using an entity based record access update utility
  • Configure entity-based record access rules
  • Deactivate
  • Reference
  • Entity based record access update utility configuration states
  • Entity-based access applicable record types
  • Manage issues
  • Issues in the Workspace
  • Configure an issue relationship
  • Steps to configure an issue relationship
  • Issue Relationship Configuration form
  • Group issues
  • Domain separation in GRC
  • Create a domain
  • Breadcrumb navigation
  • Taxonomy management in GRC
  • Landing Page Configurations module
  • Tasks Page Configuration module
  • Update the Tasks Page Configuration record
  • Issue Page Configuration module
  • Create a record
  • Link a record to a workspace
  • Update a record
  • My tasks in the workspace
  • Monitor my tasks
  • Explore entities
  • Entities
  • Composite entity
  • Create a composite entity
  • Create new composite entity form
  • Entities in workspace view
  • Create
  • Functionality enhancements
  • Entity scoping
  • Generate risks and controls from entity types
  • Create independent entities
  • Relate entities
  • Entity classes
  • Create
  • Update
  • Scheduled jobs
  • Entity class rules
  • Create
  • Create an entity class rule filter
  • Entity class rule filter fields
  • Entity types
  • Create
  • Entity filters
  • Create
  • Create an entity filter in the Core UI
  • Entity tiers
  • Create
  • View and update exceptions
  • Cybersecurity Executive dashboard
  • Advanced Application Risk dashboard
  • Licensing summary dashboard
  • Role hierarchy of a user
  • Microsoft Word based audit report templates using Document designer
  • Explore audit report templates
  • Configure document templates using Document Designer
  • Configure templates
  • Create data relationships
  • Create content configurations
  • Configure Data columns
  • Configure Intermediate filters
  • Define the scripted variables
  • Create an audit report template
  • Install the add-in
  • Reference information
  • Workspace page
  • Configure
  • Workspace page configuration form
  • Revert templates to an older version
  • Record type icons configured for forms in GRC Common Workspace Elements
  • GRC reference
  • Components installed
  • Common roles
  • Tables installed
  • GRC properties
  • Anonymous Reporting Center
  • Submit an anonymous case
  • Follow up on an anonymous report

Grid configuration in BIA dependency assessment

  • Release version: Zurich
  • Updated July 31, 2025
  • 1 minute to read

    • Grid configuration for column display helps you to capture specific columns in the dependency grid that corresponds to an element.

    Set up these configurations to display the desired columns in each dependency group grid by selecting the fields from the configuration table.

    • Set up element variable for BIA dependency assessment grid
    • Set up grid configuration for BIA dependency assessment
    Back to home page