Configuring AI Risk and Compliance
To use the AI Risk and Compliance application, you download and activate the application and then you must publish the assessment templates and set up the assessments and their automation logic to ensure accurate risk assessment scores.
Configuration overview
- Install AI Risk and Compliance
- AI Risk and Compliance Content Pack
- Install AI Risk and Compliance content
- Configure AI Risk and Compliance Workspace
- Set up AI Risk and Compliance properties
- Set up Advanced Risk assessments properties
- Configure email-based intake for AI Risk and Compliance
For more information on assessments and publishing assessments, see Assessment templates.
Some AI capabilities are available only when the required plugins are installed.
- AI Risk and Asset Management capabilities in AI Control Tower with Now Assist require the AI Risk and Asset Management for Now Assist plugin (sn_aict_irm_aiam), which depends on:
- AI Risk and Compliance Integration with Control Tower (sn_grc_ai_irm_intg)
- AI Asset Management (sn_ai_asset_mgmt)
- AI Control Tower supports governance of both enterprise AI assets and ServiceNow AI assets, while AI Control Tower with Now Assist supports governance of ServiceNow AI assets only.
- When AI Control Tower Core (sn_ai_governance) is used with AI Risk and Compliance in a new IRM deployment, the IRM Standard (sn_irm_std) plugin is required to make AI intake request forms available. These intake forms are used to submit requests through the Employee Portal for registering AI systems, AI models, and datasets for governance and risk evaluation.
This requirement applies only to AI intake request forms and does not apply to AI cases, inquiries, or the Anonymous Reporting Center. For more information on applicable requests, see Request an AI use case, Request an AI model, and Request a dataset.
For information about AI Control Tower setup and plugin dependencies, see Activation and installation of AI Control Tower.