Verify the NIST RMF Use Case Accelerator

  • Release version: Australia
  • Updated March 12, 2026
  • 2 minutes to read

    • After installing the GRC: NIST RMF Use Case Accelerator, review the NIST RMF application structure, core content, and demo data, if selected during installation.

    Before you begin

    Note:
    Starting with version 10.1.0, the NIST RMF Use Case Accelerator will be supported only for customers who currently use the product. New and existing customers should consider using the GRC: Continuous Authorization Monitoring application. For details, Continuous Authorization and Monitoring.
    Role required: admin

    Procedure

    1. Navigate to All > User Administration > Roles and review the roles installed with the NIST RMF application.

      These roles contain nist_rmf in their names; for example, sn_irm_nist_rmf.security_officer. The roles are associated with NIST RMF application modules to provide access based on the user's role.

      Note:
      Use the basic NIST RMF user role is to access the application. This role contains the reader or user roles from the ServiceNow® GRC suite of applications.
    2. In the Application Navigator, type NIST RMF, and verify the application core content.
      Navigate to Verify
      NIST RMF > Content > Control Objective Review the Policies and Control objectives installed for NIST RMF.
      NIST RMF > Content > Risk Statements Review the Risk Frameworks and Risk Statements installed for NIST RMF.
      NIST RMF > Content > Test Templates Review the Test Templates installed for NIST RMF.
      NIST RMF > Content > Indicator Templates Review the Indicator Templates installed for NIST RMF.
      NIST RMF > Content > Attestation Types Review the Control Attestation Types installed for NIST RMF.
      NIST RMF > Content > Assessment Types Review the Risk Assessment Types installed for NIST RMF.
    3. Validate the application demo content, if loaded.
      Navigate to Verify
      NIST RMF > Impact Analysis Review the sample Targets installed in the system for use with the NIST RMF application.
      User Administration > Users Review the sample Persona users installed in the system for use with the NIST RMF application. The User IDs for these users end with .RMF and their names contain RMF.
      Policy and Compliance > Scoping > Profile Classes Perform a search for profile classes with the Name field containing with NIST. Review their relationships by reviewing their roll up to field in respective profile classes.
      Policy and Compliance > Scoping > Profile types Perform a search for profile types with the Name field starting with NIST RMF.
      Policy and Compliance > Policies and Procedures > All Controls Perform a search for all controls referencing Control Objectives with a Source = NIST 800-53-r4.
      Risk > Risk Register > All Risks Perform a search for all risks referencing Risk Statements with a Source = NIST 800-53-r4.
      Audit > Audit Testing > Test Plans Perform a search for test plans with Test Templates that begin with NIST RMF.
      Policy and Compliance > Indicators > Indicators Perform a search for all indicators where Item.Content.Source = NIST 800-53-r4.
      Risk > Indicators > Indicators Perform a search for all indicators where Item.Content.Source = NIST RMF.
      Policy and Compliance > Issues > All Issues Perform a search for all issues whereItem.Content.Source = NIST 800-53-r4.
      Risk > Issues > All Issues Perform a search for all issues where Item.Content.Source = NIST 800-53-r4.
      Policy and Compliance > Remediation Tasks > All Open Remediation Tasks Perform a search for all Remediation tasks where an issue identified on the remediation task hasItem.Content.Source = NIST 800-53-r4.
      Risk > Remediation Tasks > All Open Remediation Tasks Perform a search for all Remediation tasks where an issue identified on the remediation task has Item.Content.Source = NIST 800-53-r4.