Linking issues to multiple objects using Many-to-many table relationship

  • Release version: Zurich
  • Updated July 31, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Linking issues to multiple objects using Many-to-many table relationship

    This functionality enables ServiceNow customers to link issues to various compliance-related objects such as risks, controls, control objectives, engagements, policies, and authority documents. By using many-to-many (m2m) relationship tables, you can associate multiple issues with multiple objects to analyze issue impact comprehensively and manage related data efficiently.

    Show full answer Show less

    Key Features

    • Many-to-many relationship tables: Specific m2m tables store associations between issues and objects, such as sngrcm2missueitem for issues linked to controls, and similar tables for control objectives, engagements, policies, and authority documents.
    • Visibility and management: The system allows visibility of all issues related to a control or other objects, consolidating related issues to facilitate impact analysis and reduce duplicate efforts.
    • Role-based access: Users with roles like sncompliancews.corporatecomplianceanalyst, sncompliancews.corporatecompliancemanager, sncompliancews.itcompliancemanager, or sncompliance.admin can create and delete m2m records. Updating existing m2m records requires the sngrc.admin (GRC admin) role.
    • Integration with Compliance and Audit Workspaces: Issues can be linked to controls, control objectives, authority documents, policies, and engagements directly from their respective workspace forms, supporting both manually created and automatically generated issues.

    Practical Application

    • Create and link issues to various compliance objects using Compliance Workspace and Audit Workspace forms.
    • Use the many-to-many tables to associate multiple issues with multiple objects for comprehensive impact analysis.
    • Leverage role-based permissions to control who can create, delete, or update these relationships, ensuring proper governance.
    • Utilize the consolidated views of related issues within control forms or other object records to manage issue impact efficiently.

    Key Outcomes

    • Enhanced visibility of all issues linked to compliance objects, providing a 360° view for thorough impact assessment.
    • Reduced duplication of effort by consolidating related issues and clarifying their relationship to controls and other objects.
    • Improved governance through role-based controls on creating, deleting, and updating issue-object relationships.
    • Streamlined compliance management by linking issues effectively across multiple objects, facilitating better decision-making and reporting.

    Issues can be linked to different types of objects such as risk, entity, control, control objective, engagement, policy, authority document, and others to determine issue impact. Use the many-to-many relationship tables for each of the objects to link similar issues to an object.

    Note:
    The Issue record has controls, control objectives, authority documents, policy, and engagements that can be associated with it as related items. However, you must associate the issue and each object as a corresponding m2m record which is stored in the corresponding m2m tables.

    For example, issues are configured as a related list in the Controls form and you can link the issue to the control parent object. When you add an issue to a control, a record is created associating the item that is the control with the issue, in the Issue to Control [sn_grc_m2m_issue_item] table.

    Viewing the issues related to a control was mainly only for reference. However, you can also link as many issues that are related to the control within the Control form. With this enhancement, you have the ability of:
    • visibility of viewing, and consolidating all related issues raised on the control
    • determining the impact analysis of all related issues
    • reducing the effort in working on duplicate issues and manage issue impact analysis

    A user with sn_compliance_ws.corporate_compliance_analyst, sn_compliance_ws.corporate_compliance_manager, sn_compliance_ws.it_compliance_manager, or sn_compliance.admin roles can create and delete the records in the many-to-many tables. However, users with these roles cannot update an existing record in the m2m tables. To update a record, you require GRC admin (sn_grc.admin) role.

    Many-to-many tables used in Compliance Workspace for creating and deleting the issue to object relationships are:
    • sn_grc_m2m_issue_item – Issue to control
    • sn_grc_m2m_issue_content – Issue to control objective
    • sn_grc_m2m_issue_engagement – Issue to Engagements
    • sn_grc_m2m_issue_document – Issue to Policy and Issue to Authority document
    For more information, see: