Architecture Compliance

  • Release version: Yokohama
  • Updated January 30, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Architecture Compliance

    Architecture Compliance in ServiceNow enables organizations to conduct scheduled or on-demand audits of Configuration Management Database (CMDB) data. It verifies that configuration items (CIs), such as servers, meet expected physical attribute standards like CPU speed and memory. This process helps ensure that your IT infrastructure complies with organizational policies by identifying discrepancies and facilitating their remediation.

    Show full answer Show less

    Key Features

    • Compliance Audits: Automatically assess CIs against predefined attribute templates to check conformity with your organization’s standards.
    • Template Definitions: Administrators create templates specifying expected CI attributes, which serve as criteria during audits.
    • Filters: Define subsets of CIs to audit by creating filters on the Configuration Item [cmdbci] table or its extensions, allowing targeted compliance checks.
    • Automated Follow-on Tasks: ServiceNow generates and assigns remediation tasks to qualified users for any discrepancies found, streamlining issue resolution.
    • Role-Based Access: Users with the certificationadmin role can manage certification elements and must be granted appropriate access to related tables for full functionality.

    How It Works

    1. Create Filters: Define which CIs to include in audits by creating and activating filter versions.
    2. Create Templates: Specify expected physical attributes for CIs within templates that apply to filtered items.
    3. Run Audits: Schedule or execute audits on demand to compare actual CI attributes against template conditions.
    4. View Results: Review audit reports highlighting compliant and non-compliant CIs along with detailed discrepancies.
    5. Remediate: Address discrepancies through automatically assigned tasks to bring CIs back into compliance.

    Practical Considerations

    Activating Architecture Compliance requires users to have the admin role, and managing certifications requires the certificationadmin role with additional table access rights as needed. Proper role assignment ensures smooth configuration and execution of compliance audits.

    By leveraging Architecture Compliance, ServiceNow customers can maintain accurate and standards-compliant CMDB data, proactively manage infrastructure compliance, and automate remediation workflows, ultimately enhancing IT governance and operational efficiency.

    Architecture Compliance manages scheduled or on-demand audits of CMDB data to determine which configuration items (CI) match expected attributes. The compliance audits check servers to ensure that their physical resources, such as CPU speed or memory, comply with certain standards.

    The compliance process checks servers to ensure that their resources, such as CPU speed or memory, comply with standards set by your organization. Audit reports show any discrepancies in the attributes of the target CIs, and ServiceNow automatically assigns follow-on tasks to qualified users who can remediate those discrepancies.

    The administrator responsible for compliance checking creates template definitions of expected attributes and then schedules an audit to check CIs for compliance. The audit results identify CIs that pass certification and itemize the discrepancies in those CIs that fail. ServiceNow automatically generates and assigns follow-on tasks to track the process of getting the CIs back into compliance. Users with the admin role activate Architecture Compliance.

    Architecture Compliance roles

    To access or configure certification elements, a user must have the certification_admin role. These users can create, update, and delete filters if they have the proper access to necessary tables.

    In the base system, certification_admin users have limited system rights and do not have access to all the necessary tables. When assigning compliance resources, make sure to grant additional roles to the certification_admin user as needed. For example, the certification administrator needs roles that grant access to these tables:
    • Company [core_company]
    • Cost Center [cmn_cost_center]
    • Schedule [cmn_schedule]

    Architecture Compliance Process

    Perform these tasks in this order to certify configuration items with Architecture Compliance.
    1. Create a filter.

      Create a filter that defines a subset of configuration items to certify. You can create multiple versions of a filter, and then activate the version you want to use for compliance checking. Architecture compliance only supports filters on the Configuration Item [cmdb_ci] table and all tables that extend it.

    2. Create a template.

      Create template conditions using values from reference fields in a related list or conditions that define the expected physical attributes of each CI in an audit. The template uses a filter to determine which configuration items the system examines based on these conditions.

    3. Create and run an audit.

      Create and schedule an audit or run an audit on demand. The audit generates a set of results based on the conditions in the template you specify.

    4. View audit results.

      View the audit results which display any discrepancies between the expected state, as expressed by the template conditions, and the actual state of the target configuration items.

    5. Correct discrepancies.

      Correct the discrepancies the audit found by completing the follow-on tasks created by the system.