Operational Resilience release notes

  • Release version: Zurich
  • Updated July 31, 2025
  • 9 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Operational Resilience release notes

    The ServiceNow® Operational Resilience application helps organizations maintain business service continuity during adverse events such as pandemics, severe weather, and cyber attacks. The Zurich release introduces enhancements for visualizing dependencies, regulatory compliance reporting, improved metrics, and expanded assessment capabilities to strengthen operational resilience.

    Show full answer Show less

    Key Features

    • Interactive Node Map Visualization: Configure nexus maps with nodes and edges to define relationships between business services, application services, offerings, and processes. Enhanced visuals and summary panels improve clarity and insight into dependencies.
    • Word Report Generation: Use the Document Designer to create Microsoft Word templates for action task reports within Digital Resilience Incident Reporting (DIR), enabling customizable, audit-ready documentation saved locally or in SharePoint.
    • Multi-Regulation Incident Reporting: Report incidents linked to multiple regulations and legal entities with automated workflows generating regulatory assessment reports and action tasks compliant with timelines.
    • Register of Information (RoI) Packages: Generate and validate EU DORA-compliant RoI packages in a structured ZIP format with metadata to support automated validation and regulatory submission.
    • Enhanced CSDM Fix Scripts: Improved data management of operational resilience metrics by storing hierarchical nodes separately and optimizing scheduled jobs for efficient processing and retrieval.
    • Smart Assessment: Evaluate service importance and impact tolerance via flexible, role-based assessments. Generate tailored self-attestation reports in PDF format to streamline compliance workflows.
    • DORA Enhancements: Configure contracts with supply chain and assessment data, upload records, and generate detailed Excel reports for third-party risk and contract management.
    • Third-Party Risk Tracking: Track third-party risk assessments as red flags in reports and dashboards accessible within the Operational Resilience Workspace, with simplified role management for access control.
    • UI and Configuration Updates: New modules and related lists for node, edge, and regulation mappings; vertical layouts for services and processes; improved contract forms; and introduction of the Coral theme with dark mode support for enhanced user experience.

    Activation and Upgrade

    Operational Resilience is available through the ServiceNow Store. After upgrading to version 21.0.x, rerun the Update CSDM and dependencies scheduled job to populate new metadata introduced in this release.

    Browser and Accessibility

    Supported browsers include Google Chrome, Firefox (including ESR), Microsoft Edge Chromium, and Safari 12.0 or later. The new Coral theme offers a dark mode option to improve readability and reduce eye strain.

    Related ServiceNow Applications

    • Risk Management: Supports identification and monitoring of high-impact risks to improve decision-making.
    • Advanced Risk Assessment: Provides workflows for risk and event assessment management.
    • Policy and Compliance Management: Manages policies and controls aligned with external regulations.
    • Business Continuity Management: Ensures continued delivery of products and services during disruptions.
    • Vulnerability Response and Incident Management: Facilitate security incident life cycle management and restoration of services.
    • Digital Operational Resilience Management: Supports uploading and downloading DORA-related data tables.
    • Data Registry: Visualizes critical data relationships affecting business operations.

    The ServiceNow® Operational Resilience application supports organizations to help keep business services running during adverse events like pandemics, severe weather, or cyber attacks. Operational Resilience was enhanced and updated in the Zurich release.

    Operational Resilience highlights for the Zurich release

    • Set up the nexus map configurations and use the interactive node map view to define dependencies and relationships between records.
    • Generate a Microsoft Word document for the action tasks in Digital resilience incident reporting.
    • Create DIR cases for multiple regulations from either an incident or a security incident report. You can map entities to regulations and configure the Smart Assessment Engine (SAE) template for each regulation within the regulatory agency profile.
    • Generate and validate regulator-ready Register of Information (RoI) packages for EU DORA compliance.
    • Use the enhanced fix scripts in the Common Service Data Model for improved Operational Resilience metrics.
    • Evaluate the importance and impact tolerance of services and self-attest their status by using Smart Assessment.

    See Operational Resilience for more information.

    Important:
    Operational Resilience is available in the ServiceNow Store. For details, see the "Activation information" section of these release notes.

    Important information for upgrading Operational Resilience to Zurich

    After upgrading to Operational Resilience version 21.0.x, rerun the Update CSDM and other dependencies scheduled job to populate the additional metadata that was introduced in this release.

    New in the Zurich release

    Use the interactive Node Map visualization

    Navigate operational dependencies using the interactive Node map visualization. Configure node and edge settings in the Nexus map, then display Main node configurations directly within the Operational Resilience Workspace. The Resilience map action provides access to relationships for Business Services (BS), Application Services (AS), Supporting Offerings (SO), Business Processes (BP), and Dependencies modules in the map view.

    You can configure node dependency directions and enhance visual elements with improved colors and icons for clarity. Additionally, you can gain comprehensive insights from the summary panel and address missing 'red flags' for a complete picture.

    Generate Word reports of action tasks
    Use the Document designer to set up Microsoft Word templates and download action task reports in Digital resilience incident reporting. This functionality enables you to customize predefined templates or create templates, incorporating specific data like tables and columns from records, to generate intuitive, audit-ready reports. You can then save these reports within the ServiceNow® instance or as cloud documents in Microsoft SharePoint.
    Report incidents associated with multiple regulations for various legal entities
    Report incidents or security incidents associated with multiple regulations for various legal entities in Digital resilience incident reporting. Its automated workflow generates regulatory reporting assessment of IT incidents, DRI Initial report, DRI Intermediate report, and DRI Final report within regulatory timelines, each with dedicated action tasks. You can complete these tasks and generate reports in Microsoft Word format required by regulatory authorities for analysis.
    Generate Register of Information (RoI) regulatory packages

    Generate regulator-ready Register of Information (RoI) regulatory packages using the Plain-CSV Report Package option on the download page in Digital resilience third-party registers. The resulting ZIP file, structured to regulator specifications, includes metadata and report folders with file names containing LEI, entity ID, and release version.

    This format helps you to verify EU DORA compliance and supports automated validation workflows. For suggested steps and permissions, refer to the user guide on the Download and Upload request page.

    Validate downloaded Register of Information regulatory packages

    Validate downloaded Register of Information (RoI) regulatory packages against requirements using the Plain-CSV Report Package option on the Digital resilience third-party registers download page. This process verifies file format, structure, encoding, naming conventions, and field-level data across multiple tables.

    If validation warnings are detected, an automated report is attached, mapping issues to regulator fields like Template Code, Row Code, and Column Code. These reports include real-world field labels, rule expressions, and record identifiers. You can easily cross-reference validation errors using a downloadable Excel template that mirrors the CSV structure, simplifying issue location and resolution. Further enhancements include support for 'Not applicable' values, enforced file size limits, and clearer error messages for malformed data.

    Improve resilience metrics with the enhanced CSDM model

    Leverage the enhanced fix scripts in the Common Service Data Model (CSDM) to enhance your Operational Resilience metrics. Each node in the hierarchy is now stored separately, with its class and parent nodes, to help you manage your data more efficiently.

    The Update CSDM and other dependencies scheduled job script has been optimized to process the main node configurations in parallel, triggering a separate event for each node. Any node can be at the top level. Additionally, you can store impacted objects, including all parents, in a single table, so that you can efficiently retrieve children nodes and improve your data retrieval.

    Configure the sn_oper_res.top_class_name property to designate any class as the top class. You can view the downstream data and various dashboards based on the selected top class, such as the number of application services that are under a business service.

    Analyze importance and impact tolerance of a service using Smart Assessment
    Analyze a service's importance and impact tolerance through flexible assessments by using one or multiple Smart Assessment templates. Role-based access controls and auto-assigned tasks help you to streamline the process. You can reopen and complete assessments as needed and send email notifications to relevant users.
    Generate customized and flexible self-attestation reports using Smart Assessment
    Generate customized and flexible self-attestation reports by using Smart Assessment. Start with the default template, add relevant scopes and users, and generate a PDF report on completion of the self-attestation process. By creating custom templates with various data types, you make the self-attestation process more efficient.
    Leverage enhanced DORA capabilities for contracts, supply chains, and assessments
    Use the enhanced Digital Operational Resilience Act (DORA) data model in Operational Resilience. You can configure contracts based on their supply chains and assessments, upload the contract records, and generate a detailed report in Microsoft Excel that provides information on the entities, third parties, and specific contract details.
    Track third-party risk assessments
    Track third-party risk assessments as red flags in Operational Resilience reports and overview pages for business services, service offerings, and business processes. Operational Resilience users, managers, and administrators can review these assessments in Operational Resilience Workspace. The sn_vdr_risk_asmt.vendor_assessment_reviewer role is now included in the sn_oper_res.user role, so that you can grant the necessary access to the assessments.

    UI changes

    Main node configurations: A component of the Data Relationships Framework
    The properties, related lists, and copy functionality in the Main node configurations form are updated.
    Configure the Nexus map configurations
    The Nexus map configuration settings are added.
    Node configurations and Node status configurations
    The Node configurations and Node status configurations related lists are added.
    Edge configurations and edge status configurations
    The Edge configurations and Edge status configurations related lists are added.
    Interacting with the Nexus map UI from the Workspace
    The Resilience map UI action is added to display the map view for a service record.
    Word reports
    The 'Template Configurations' module displays the document design template configuration details of DIR action tasks. The 'Word Templates' module provides the DIR Word templates used to generate Microsoft Word reports.
    Regulation mappings related list
    The 'Digital Resilience Incident Case Type' module displays the ‘Digital Resilience Incident Case.’ The Regulation Mappings related list in the record shows the relationships between entities and their corresponding regulations.
    Action tasks configuration related list
    Action tasks configuration related list is used to set up contextual information for different regulations. This includes the assessment template, assignment group, trigger conditions, due dates, and more.
    Download the Excel template
    The option to download the Third-party Information Register is renamed to Excel Master Template.
    New modules and layout for Services
    The Application services module is added to the list view, which enables you to configure application services.
    A vertical layout is added for the Services, Business services, Offerings, Business processes, and Application services modules.
    In the CSDM objects table, the Impacted objects column displays the parent objects, while the Impacted objects classes column shows the classes. The Red flags count column indicates the number of the red flags that are directly assigned to a node, and the Total red flags count column displays the total count of the red flags directly assigned to a node and its children.
    Contracts and related tabs for DORA
    The related tabs for the contracts, including associated entities and third parties, are now shown in the Contract record forms.
    Coral theme
    Coral is now the default theme for new portal, web, and mobile experiences with Next Experience or Core UI enabled. This theme provides a fresh look and feel, featuring brand-neutral illustrations to enhance your user experience. A dark theme option is available for web and mobile experiences.

    Activation information

    Install Operational Resilience by requesting it from the ServiceNow Store. Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.

    Deprecations

    The Operational Resilience application previously stored the entire dependency chain in the [sn_oper_res_profile] table, which resulted in redundant data and potential performance issues. The Update CSDM and other dependencies scheduled job script has been optimized to address this issue. Any node can now be at the top level. Data retrieval is more efficient because you can store the impacted objects in a single table.

    Browser requirements

    Operational Resilience requires the following browsers:
    • Google Chrome
    • Firefox and Firefox Extended Support Release (ESR)
    • Microsoft Edge Chromium
    • Safari 12.0 and later versions

    Accessibility information

    Dark theme
    The new Coral theme includes a dark theme option for web and mobile experiences. This option is commonly used to alleviate eye strain and improve readability.

    Related ServiceNow applications and features

    Risk Management
    Use the ServiceNow® Risk Management application to identify and monitor high-impact risks, improve your risk-based decision-making, and reduce the reaction time from days to minutes.
    Advanced Risk Assessment

    Use the ServiceNow®Advanced Risk application to identify, measure, and track risks. The application includes the workflows for risk assessments and events, ensuring efficient management of your organization's risk profile.

    Policy and Compliance Management

    Use the ServiceNow®Policy and Compliance Management application to create and manage policies, standards, and internal control procedures that are mapped to external regulations and general guidelines.

    Business Continuity Management
    Use the ServiceNow®Business Continuity Management application to ensure that your organization can keep delivering products and services at an acceptable level even when faced with disruptive events.
    Vulnerability Response
    Use the ServiceNow®Vulnerability Response application to enable security users to analyze security data, implement changes, and generate security incidents.
    Incident Management
    Use the ServiceNow®Incident Management application to restore normal service operation while minimizing the impact to business operations and maintaining quality.
    Security Incident Response
    Use the ServiceNow®Security Incident Response application to manage the life cycle of your security incidents from the initial analysis to containment, eradication, and recovery.
    Digital Operational Resilience Management
    Use the ServiceNow®Digital Operational Resilience Management application for uploading and downloading all individual DORA tables. It is automatically installed when the Digital Resilience Third-party Information Register is activated.
    Data registry
    Use the ServiceNow®Data registry application to explore the relationships between different types of critical data that affect your business, such as controls, risks, and issues, visually.