Configure Digital resilience incident reporting

Release version: Australia

Updated March 12, 2026

3 minutes to read

Summarize

Summarized using AI

Summary of Configure Digital resilience incident reporting

The Digital Resilience Incident reporting feature in ServiceNow enables Operational Resilience administrators to automate incident reporting workflow, manage regulatory mappings, and generate detailed reports for digital resilience cases. It integrates with Incident Management and Security Incident Response applications to track and report incidents affecting digital operational resilience.

Show full answer Show less

Setup and Configuration

Templates and Modules: Administrators configure Word templates and template configurations to generate Microsoft Word reports for incident cases. The Digital Resilience Incident Case module allows viewing all related cases and regulatory mappings.
Prerequisite Data: Populate legal-entity and third-party tables from the Digital Resilience Third-Party Registers application before generating reports. This enables auto-filling key fields like entity names and LEI codes in report templates.
Workflow Studio Configuration: Use Workflow Studio to access and configure flows that automate the creation and updating of Digital Resilience Incident (DRI) cases from incident records. Several prebuilt flows handle approvals, case creation, updates, and task automation for regulatory compliance.
Conditions: Predefined conditions include incident priority, urgency, and duration (e.g., critical priority, high urgency, open >24 hours) to trigger automatic reporting. Update conditions handle reopened or updated incidents.
Deprecated and Active Flows: Some older flows have been deprecated and replaced by new flows that better manage multi-regulator scenarios and action task automation.

Licensing and Plugins

The Digital resilience incident reporting application is part of the Integrated Risk Management (IRM) family and is available via the ServiceNow Store.
Required Plugins: Include Document designer, Digital Operational Resilience Management, GRC modules (Base Workspace, Case Management, Operational Resilience, Policy and Compliance Management), Regulatory Agency Library, and Smart Assessment components.
Optional Plugins: Include Security Incident Response and Digital Resilience Third-party Information Register for enhanced integration and data management.

Practical Benefits for ServiceNow Customers

Automates digital resilience incident reporting to regulatory bodies based on defined incident conditions.
Ensures consistent and compliant reporting through customizable templates and regulatory mappings.
Integrates seamlessly with Incident and Security Incident Response applications for streamlined workflows.
Supports multi-regulator environments with advanced flow automation for managing regulatory requirements and action tasks.
Facilitates data accuracy by requiring prerequisite entity and third-party data population.

Digital Resilience Incident administrators can configure conditions in Workflow Studio to auto-trigger incident reporting in Digital resilience incident reporting.

Setting up templates and modules

Operational Resilience administrators set up Word templates, Template configurations, and the Digital resilience incident (DRI) case type required for Digital resilience incident reporting as shown in the example.

Configure Word Templates and Template Configurations for generating reports in Microsoft Word format. For more information, see Generating Microsoft Word reports using Document designer.

The Digital Resilience Incident Case module lists all Digital Resilience Incident Cases associated with an incident or security incident. A new 'Regulation Mappings' related list is now available in each Digital Resilience Incident Case record. It displays the relationships between entities related to the cases and their corresponding regulations.

Conditions for setting up the Workflow

Workflow Studio contains preconfigured flows and conditions for creating DRI case tasks from incidents in the Incident Management or Security Incident Response applications. Access the Digital resilience incident reporting flows by navigating to Workflow Studio > Flows > Flow Designer.

The following flows, previously used in the Digital resilience incident reporting application, have been deprecated:

Digital Resilience Incident Flow
Digital Resilience SIR Flow
DRI Business service Trigger

Note:

To use the previously deployed flows, deactivate the new flows (listed in this section) and then activate the Digital Resilience Incident Flow, Digital Resilience SIR Flow, and DRI Business Service Trigger Flow.

The following flows in Digital resilience incident reporting are still active:

Digital Resilience Incident Approval Flow
DRI case create/update on incident update
DRI case create/update on security incident update
DRI case creation on incident entity insert
DRI case creation on SIR entity insert

New flows have been introduced in Digital resilience incident reporting to manage action tasks, regulations, and trigger conditions for multiple regulators, as illustrated in the example:

Action task automation for regulation addition
Action task automation on action task update
Action task automation on DRI case updates
Action task automation on regulation updates
DRI Business Service Trigger For Multiple Regulators

Digital resilience incident reporting flows. For the text description, refer to the text that precedes this image.

Note:

If the Security Incident Response application is installed in your instance, flows related to the security incidents (SIR) are listed in the Flows list view.

The Digital Resilience Incident Flow and Digital Resilience SIR Flow are prebuilt into the Digital resilience incident reporting application. The flow configuration impacts all incident records in the instance. As administrators of the Operational Resilience application, you can update (customize) the flow configurations to meet your organizational requirements as shown in the example.

Conditions. For the text description of the conditions, refer to the text that follows.

Insert condition: Conditions such as the priority of the incident is Critical, the urgency is High, and the incident has been open for more than 24 hours, are prebuilt in the flow. When all these conditions are met, it’s automatically reported in the Digital resilience incident reporting application.
Update condition: When an incident is reopened or updated, that classification condition is also defined in the flow. When the configured conditions are met, the incident is reported in the Digital resilience incident reporting application.

Required and optional plugins

The Digital resilience incident reporting application is available from the ServiceNow Store. This section details its required and optional plugins.

Table 1. List of required plugins
Application name	Plugin
Document designer	(com.sn_grc_doc_design)
Digital Operational Resilience Management	(com.sn_app_grc_digital_resilience)
GRC	(app-grc)
GRC Base Workspace	(app-grc-base-workspace)
GRC: Compliance Case Management	(app-grc-case-mgmt)
GRC Operational Resilience	app-grc-operational-resilience (com.sn_grc_oper_res)
GRC: Policy and Compliance Management	(com.sn_compliance)
Regulatory Agency Library	(com.sn_reg_body_mgmt)
Reusable impact framework	(sn-reusable-impact-framework)
Smart Assessment impact automation	(app-smart-assessment-impact-automation)
Smart Assessment response automation	(app-smart-assessment-response-automation)
Smart Assessment Core	(sn_smart_asmt)
Smart Assessment designer	(sn_smart_asmt_desg)

Table 2. List of optional plugins
Application name	Plugin
Security Incident Response	(app-sir)
Digital Resilience Third-party Information Register	(sn_info_reg)