Privacy Management home page
Summarize
Summary of Privacy Management home page
The Privacy Management home page provides ServiceNow customers with a comprehensive view of their organization's privacy risk and compliance status. It consolidates critical details such as processing activity criticality scores, privacy risk and impact assessment statuses, control attestations, issue statuses, and privacy cases. The home page is segmented into four tabs—Processing activity, Risk and compliance, Operations, and Privacy cases—each offering focused insights relevant to privacy management.
Show less
Access requires the snprivacy.manager and snprivacy.analyst roles, ensuring that only authorized personnel can monitor and manage privacy compliance effectively.
Key Features
- Processing Activity Reports: Visualize the status and distribution of processing activities by state, criticality score, department, data subject type, information object category, processing type, and data processing role. Identify least compliant processing activities with detailed compliance and risk scores.
- Risk and Compliance Reports: Analyze processing activities by aggregated risk score with filtering options, view risk heatmaps showing residual and inherent risks alongside control effectiveness, and monitor compliance statuses of controls tied to authority documents or policies. Highlight control objectives that require attention due to non-compliance.
- Operations Reports: Track the status of risk and privacy assessments, including counts of open, overdue, and upcoming tasks. Monitor issues, policy exceptions, and control assurance activities such as attestations, indicators, and control tests to maintain ongoing compliance.
- Privacy Cases Reports: Manage privacy cases by reviewing cases needing attention, case overviews by state, breach status, and priority, and trends in cases opened and closed over the past year. Filter cases by subtype and analyze causes and issue priorities.
Use Cases
- Privacy Manager: Gain a holistic understanding of the organization’s privacy compliance posture across all processing activities and assessments. Monitor the privacy team’s tasks and overall compliance performance.
- Privacy Analyst: Focus on processing activities assigned specifically to the analyst, track relevant privacy assessments, and prioritize tasks needing immediate attention.
Practical Benefits for ServiceNow Customers
This home page equips privacy managers and analysts with actionable insights to monitor, assess, and improve privacy compliance continuously. By leveraging detailed reports and visualizations, customers can identify high-risk processing activities, ensure timely completion of assessments, respond to privacy cases efficiently, and maintain control effectiveness. This centralized view supports proactive privacy risk management and regulatory compliance within the ServiceNow platform.
The Privacy Management home page provides an overview of the complete privacy risk and compliance posture with details, such as the processing activity criticality score, privacy risk assessment status, privacy impact assessment status, control attestations, issues-specific status, and privacy cases.
The home page is organized into four tabs: Processing activity, Risk and compliance, Operations, and Privacy cases.
Required roles
To view the home page, you must have sn_privacy.manager and the sn_privacy.analyst roles.
Use cases
| User | Dashboard use |
|---|---|
| Privacy manager | The privacy manager can view and understand the privacy compliance posture considering all the processing activities and privacy assessments. They can also view the privacy team's tasks. |
| Privacy analyst | The privacy analyst can view and understand the privacy compliance posture considering only the processing activities assigned to the privacy analyst. They can also access the tasks that need their attention. |
Processing activity reports
| Title | Data visualization type | Description |
|---|---|---|
| All processing activities by state |  |
Count of processing activities in each state: New, Discover, Review, Monitor, and Retired. |
| Processing activities by criticality score |  |
Distribution of active processing activities by criticality score. |
| Processing activities by department |  |
Number of processing activities grouped by department. |
| Least compliant processing activities |  |
List of processing activities with the lowest compliance scores, including the criticality score and aggregated residual risk. |
| Processing activities by data subject type | |
Number of processing activities grouped by data subject, such as employees, contractors, customers, and patients. |
| Processing activities by information object category | |
Number of processing activities grouped by information object, such as demographic data, family background, biometric data, racial or ethnic origin, medical health, and location tracking. |
| Processing activities by type |  |
Distribution of processing activities by type, such as business process, application, business application, or business entity. |
| Processing activities by data processing role | |
Distribution of processing activities by data processing role, such as controller or processor. |
Risk and compliance reports
| Title | Data visualization type | Description |
|---|---|---|
| Processing activities by aggregated risk score |  |
Distribution of processing activities by aggregated risk score. You can filter by risk classification. |
| Risk heatmap |  |
Distribution of processing activities by residual/inherent risk and control effectiveness levels. |
| Compliance overview | |
Compliance status of controls for individual authority documents or policies, including the compliance score, related issues, and privacy cases. Toggle between Authority documents and Policies to switch views. |
| Control objectives needing attention | |
Control objectives that are marked as non-compliant and the number of impacted processing activities. |
Operations reports
| Title | Data visualization type | Description |
|---|---|---|
| Risk assessments | |
Number of risk assessments by state (new and in progress), including counts for open, overdue, and due in 7 days. |
| Privacy assessments | |
Number of privacy assessments by state (assigned, work in progress, and draft), including counts for open, overdue, and due in 7 days. You can filter by available assessment templates. |
| Issues | |
Number of issues by priority, including counts for open, overdue, and due in 7 days. |
| Policy exceptions | |
Number of policy exceptions by risk rating, with counts for open, overdue, and due in 7 days. |
| Control assurance | |
Control assurance status across three areas.
|
Privacy cases reports
| Title | Data visualization type | Description |
|---|---|---|
| Needs attention | |
Number of overdue cases, cases due in 7 days, and unassigned cases. |
| Case overview | |
Distribution of cases by state, by breach status, and by priority. |
| Cases | |
Number of privacy cases. You can filter the view by subtypes. |
| Cases by primary cause | |
Distribution of privacy cases grouped by primary cause. |
| Opened and closed cases in last 12 months |  |
Trend of opened and closed cases over the last 12 months. |
| Issues | |
Number of issues by priority, with counts for open, overdue, and due in 7 days. |