Your employees and business users within your company can request a policy exception
through the ServiceNow®
Service Portal.
Before you begin
Role required: sn_compliance.user, sn_grc.business_user, sn_grc.business_user_lite, sn_grc_emp_user.grc_employee
Procedure
-
Navigate to .
-
In the screen header, navigate to to view all policy exceptions that you requested.
-
Click New Policy Exception.
-
On the form, fill in the fields.
Complete the
Policy Exception
form. Specify what the policy exception is for and select appropriate
policy, control objective, or issue. This question is for you to identify the
appropriate source type.
When you select a control objective, the
Impacted controls tab appears, where you can
select controls associated to the control objective. You can also search and
select an entity.
Select Control to associate
multiple controls from different control objectives. This option supports
your policy exception for multiple controls objectives, instead of creating
multiple policy exceptions that could be applied on multiple
controls.
If you are creating a policy exception from , then What is the exception for? field
auto-populates the value as Policy. The name of the policy also appears in
the Policy field.
In
Issue field, you can search by the description
and select the appropriate issue.
-
Click Submit.
If you raise a policy exception from Service Portal and if verification rules
are not configured, then the policy exception moves to the Analyze state.
However, if verification rules are configured for the policy exception, then
the policy exception moves to the New state and the verification approval
process is triggered. As verification rules are configured the approver is
required to verify the policy exception and approve it, only then the policy
exception moves to Analyze state.