Security Best Practices

  • Release version: Australia
  • Updated March 12, 2026
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Security Best Practices

    Security Best Practices in ServiceNow assist organizations in implementing privacy and security configurations effectively. This feature allows users to track their progress, manage tasks, and follow detailed steps to enhance their security posture.

    Show full answer Show less

    Key Features

    • Home Page Overview: Provides a summary of progress on implementing security best practices, including completed tasks and maturity levels.
    • Task Management: Users can create and delegate security tasks, filter lists, and track activities related to security best practices.
    • Details Page: Each best practice has a dedicated page with information on priority, maturity level, and status, alongside step-by-step implementation instructions.
    • Tracking Progress: Users can view a progress card showing completed versus total steps and access a history of activities related to each best practice.

    Key Outcomes

    By utilizing Security Best Practices, ServiceNow customers can expect to:

    • Improve their security posture through structured implementation of best practices.
    • Efficiently track and manage security tasks, ensuring timely completion and delegation.
    • Gain insights into their security efforts through visual metrics and activity logs.

    Use Security Best Practices to implement privacy and security configuration tasks on your ServiceNow instance.

    Identify best practices to improve your security posture, and follow step-by-step instructions on how to implement them. Security Best Practices provide the following:

    • The home page shows an overview of your progress on implementing security best practices. You can also organize and manage lists of security best practices according to your organization's goals.
    • The overview page provides details of each security best practice, the steps to implement them, and a record of all activities and comments.
    • The task steps page provides you with instructions on how to implement security best practices.
    • The activity page tracks the history of the user and system actions related to your security best practices.

    Security Best Practices home page

    Best practices overview
    The home page displays a Manage your best practices section, which includes graphs provide an overview of your progress.
    Completed overall
    Displays a count and trend line of best practices you have completed. Select the card to view the Completed Overall metric page in Security metrics.
    Completed by maturity level
    Displays a chart of completed best practices organized by maturity level (see a description of maturity levels in the proceeding table). Select the card to view the Completed by Maturity Level metric page in Security metrics.
    Build a foundation
    Select the Build a foundation button to filter the table on this page to display only best practices in the Build a foundation maturity level. These are lower impact changes you can make to start improving instance security.
    Create a task
    Use the +Create task button to create a Security Task to track or delegate best practice work. For details on Security Tasks, see Security Tasks.

    The table enables you to apply filters so that you can sort and save filtered lists, which you can use as work lists for different use cases or roles. See save a filtered list for more information.

    The following are explanations of the fields related to the security best practices table.
    Table 1. Summary of fields used in the security best practices table
    Name Description
    Name Word used to identify a security best practice.
    Maturity level Applications and features that have been arranged by the order of impact to provide you measurable results. The values for maturity levels are:
    • Build a foundation
    • Enhance the experience
    • Optimize the functionality
    • Add advanced features

    These can also be thought of as crawl, walk, run, and fly phases.
    Status Current state of a best practice:
    • Open
    • In progress
    • Completed
    Priority Order of importance for implementing a best practice in your organization:
    • Immediate
    • Later
    • Not applicable
    Goals Security category that a best practice addresses:
    • Address initial security configurations
    • Secure emails
    • Monitoring logs
    • Manage access controls
    • Protect with encryption
    • Keep instances up to date
    First introduced Which Security Center version the best practice was introduced.
    Changed Which Security Center version the best practice was changed.
    Removed Which Security Center version the best practice was removed.

    Security Best Practices details page

    Best practice details page

    Select a best practice from the table to view its page. At the top of the details page, you can view general information about the security best practice including priority, maturity level, and status. Use Complete Best Practice button to mark a the practice as complete, or Reopen Best Practice button to mark the practice complete. Use the +Create Task to create a Security Task to track and delegate this task. For details on Security Tasks, see Security Tasks.

    This page provides more information on the best practice, divided into tabs:

    Overview

    This tab contains the Priority drop-down menu, which enables you to specify the security best practices that are important to you at this time and which are not applicable.

    The details section provides content about the features associated with the security best practice, and the documentation section provides one or more links where you can find additional information.

    The Progress card on the right shows the number of steps completed versus the total number of steps included. Select go to next step to navigate to the next incomplete step.

    The best practice update history card provides a snapshot of the release information for the best practice. You can track which ServiceNow Security Center version the security best practice was released in, and which versions it was subsequently last updated in.

    Task Steps

    This tab provides step-by-step instructions for how to implement this security best practice. See complete a security best practice for more information.

    Activity

    This tabe displays timestamped activities listed from newest to oldest. Use search and filter to query for information. See apply filters to the security best practices table for more information.