Scope entities to discover processing activities with personal information

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • Determine which entities have and process personal information using the ServiceNow® Configuration Management Database (CMDB) application.

    Before you begin

    Ensure that you created the CMDB queries. For more information on the CMDB queries, see Querying the CMDB.

    Role required: sn_privacy.manager

    About this task

    In the Configuration Management Database (CMDB), you can search the database for entities that process personal data using one of the following methods:To filter entities that contain personal data, you must filter the entities using the appropriate queries. ServiceNow® provides two default queries for you to use to filter entities with personal data. The default queries are provided for the following tables:
    • Business process
    • Business application
    You can also create your own queries. This procedure demonstrates using the default queries.

    Procedure

    1. Navigate to All > Privacy Workspace > Scoping > Entity types.
    2. Open the entity you want to filter for personal information.
    3. Click the Entity Filters related list.
    4. Click New.
      The Entity Filter form is displayed.
    5. In the Filter conditions section, in the Entity filter type field, select Select from predefined queries.
    6. In the Query field, select Business applications by IO.
      The Table field is automatically set.
    7. Optional: To add more information objects that contain personal information such as email address, click Information objects and type Email.
    8. Click Submit.

    Example

    Figure 1. Usage of predefined queries
    Predefined queries with associated information objects.