Exploring Regulatory Change Management application

  • Release version: Washingtondc
  • Updated February 1, 2024
  • 1 minute to read

    • The Regulatory Change Management application provides a framework and guidelines to integrate with third-party regulatory intelligence providers. It provides a centralized process for managing regulatory changes and ensures compliance with external regulations.

    Regulatory Change Management application

    Various regulatory actions, rulings, and guidance documents are issued in the regulatory world. It is important to track regulatory change information and know how it impacts your organization.

    The Regulatory Change Management application enables you to manage your upcoming regulatory changes efficiently. The application provides structured workflows that assess the applicability of the regulatory changes, that assess their impact, and that implement risk and compliance-related changes.

    The Regulatory Change Management application works with the following types of components:

    • Integration component: The regulatory intelligence partners typically provide the integration component. Through this integration, you can consume regulatory alerts into your ServiceNow® instance.
    • Application framework component: The Regulatory Change Management application has an application framework component. This component provides structured workflows so that you can analyze and process regulatory alerts that are received in the regulatory alerts table.
    The Regulatory Change Management application consists of the following key functions:
    1. Manage regulatory taxonomy: Create an internal regulatory taxonomy that is specific to the ServiceNow platform. Map the taxonomy with the external taxonomies that are provided by third-party regulatory intelligence providers for standardization. The internal taxonomy contains the following design elements:
      • Content Type
      • Jurisdiction
      • Regulatory Body
      • Sector
      • Theme

      These elements are created and mapped with the external taxonomy during the setup process.

    2. Integrate for regulatory intelligence: Integrate with third-party regulatory intelligence providers and consume the alerts into your ServiceNow instance at regular intervals. Monitor regulatory data in a rapid and complex changing environment.
    3. Triage regulatory events: Analyze the regulatory alerts and identify the regulatory events that are relevant to your organization.
    4. Assess impact: Assess the impact of regulatory events by using configurable impact assessment methodologies.
    5. Manage changes: Identify changes that should be done. These changes are implemented through the following action tasks:
      • Update underlying GRC objects, such as policies, processes, risks, and controls in the regulatory library.
      • Update existing citations or import new citations from the providers in the regulatory library.
    6. View reports and dashboards: Assess the state of the regulatory compliance by using reports and dashboards. Maintain an audit trail of the compliance activities.

    These component functions are illustrated in the following image:

    Figure 1. Key functions of the Regulatory Change Management application
    Regulatory Change Management key functions.