Review the remediation tasks created for the controls or risks associated with cybersecurity activities. You can only edit or update action plans if you have sufficient privileges for the GRC suite.

Before you begin

Policy and Compliance Management Role required: admin

NIST CSF role required: sn_irm_nist_csf.risk_executive or sn_irm_nist_csf.security_officer or sn_irm_nist_csf.control_provider

About this task

Action plans are typically created in the ServiceNow® GRC product through the Policy and Compliance Management, Risk Management, or Audit Management applications.

Procedure

1. Navigate to All > NIST CSF > Framework Profiling > Action Plan.
2. Search for an action plan using parameters, such as issue, control, or risk, that are associated it.
3. Open the record.
4. Review the action plan.