Configure Digital resilience incident reporting

  • Release version: Zurich
  • Updated July 31, 2025
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Configure Digital Resilience Incident Reporting

    The Digital Resilience Incident Reporting feature in ServiceNow enables Operational Resilience administrators to automatically trigger and manage incident reporting workflows for digital resilience events. This capability is configured in Workflow Studio and integrates with Incident Management and Security Incident Response applications to streamline case creation and reporting based on defined conditions.

    Show full answer Show less

    Key Features

    • Workflow Studio Configuration: Administrators can set conditions and flows to auto-trigger Digital Resilience Incident (DRI) case creation and updates from incidents and security incidents. Prebuilt flows are provided, with some deprecated and replaced by new flows to better handle multiple regulators and action task automation.
    • Template Setup: Word templates and template configurations enable report generation in Microsoft Word format for Digital Resilience Incident cases using ServiceNow's Document Designer.
    • Digital Resilience Incident Case Module: Lists all related DRI cases and includes a new 'Regulation Mappings' related list to track entity-regulation relationships for compliance.
    • Preconfigured Conditions: Example conditions include incident priority set to Critical, urgency as High, and incident open for more than 24 hours. These conditions automatically trigger incident reporting within the Digital Resilience Incident Reporting application.
    • Flow Customization: Administrators can customize flows to match organizational requirements, including conditions for incident updates and reopenings.
    • Integration with Security Incident Response: If installed, flows related to security incidents are included and managed within the Digital Resilience Incident Reporting application.

    Required and Optional Plugins

    The Digital Resilience Incident Reporting application requires several foundational plugins to function properly, all available via the ServiceNow Store:

    • Document Designer
    • Digital Operational Resilience Management
    • GRC and associated Compliance, Case Management, Operational Resilience, and Policy plugins
    • Regulatory Agency Library
    • Reusable Impact Framework and Smart Assessment plugins

    Optional plugins include Security Incident Response and Digital Resilience Third-party Information Register, which enhance incident reporting capabilities and third-party data management.

    Practical Benefits for ServiceNow Customers

    • Automates the reporting of critical digital resilience incidents based on customizable conditions, reducing manual effort and improving compliance.
    • Provides structured case management and regulatory mapping to support operational resilience requirements.
    • Enables generation of standardized reports in Word format to facilitate communication and documentation.
    • Supports integration with existing incident and security incident workflows for a seamless experience.
    • Offers flexibility through flow customization to align with specific organizational policies and regulatory obligations.

    Digital Resilience Incident administrators can configure conditions in Workflow Studio to auto-trigger incident reporting in Digital resilience incident reporting.

    Setting up templates and modules

    Operational Resilience administrators set up Word templates, Template configurations, and the Digital resilience incident (DRI) case type required for Digital resilience incident reporting as shown in the example.

    Set up the templates.

    Configure Word Templates and Template Configurations for generating reports in Microsoft Word format. For more information, see Generating Microsoft Word reports using Document designer.

    The Digital Resilience Incident Case module lists all Digital Resilience Incident Cases associated with an incident or security incident. A new 'Regulation Mappings' related list is now available in each Digital Resilience Incident Case record. It displays the relationships between entities related to the cases and their corresponding regulations.

    Conditions for setting up the Workflow

    Workflow Studio contains preconfigured flows and conditions for creating DRI case tasks from incidents in the Incident Management or Security Incident Response applications. Access the Digital resilience incident reporting flows by navigating to Workflow Studio > Flows > Flow Designer.

    The following flows, previously used in the Digital resilience incident reporting application, have been deprecated:
    1. Digital Resilience Incident Flow
    2. Digital Resilience SIR Flow
    3. DRI Business service Trigger
    Note:
    To use the previously deployed flows, deactivate the new flows (listed in this section) and then activate the Digital Resilience Incident Flow, Digital Resilience SIR Flow, and DRI Business Service Trigger Flow.
    The following flows in Digital resilience incident reporting are still active:
    1. Digital Resilience Incident Approval Flow
    2. DRI case create/update on incident update
    3. DRI case create/update on security incident update
    4. DRI case creation on incident entity insert
    5. DRI case creation on SIR entity insert
    New flows have been introduced in Digital resilience incident reporting to manage action tasks, regulations, and trigger conditions for multiple regulators, as illustrated in the example:
    1. Action task automation for regulation addition
    2. Action task automation on action task update
    3. Action task automation on DRI case updates
    4. Action task automation on regulation updates
    5. DRI Business Service Trigger For Multiple Regulators
    Digital resilience incident reporting flows. For the text description, refer to the text that precedes this image.
    Note:
    If the Security Incident Response application is installed in your instance, flows related to the security incidents (SIR) are listed in the Flows list view.

    The Digital Resilience Incident Flow and Digital Resilience SIR Flow are prebuilt into the Digital resilience incident reporting application. The flow configuration impacts all incident records in the instance. As administrators of the Operational Resilience application, you can update (customize) the flow configurations to meet your organizational requirements as shown in the example.

    Conditions. For the text description of the conditions, refer to the text that follows.
    Insert condition
    Conditions such as the priority of the incident is Critical, the urgency is High, and the incident has been open for more than 24 hours, are prebuilt in the flow. When all these conditions are met, it’s automatically reported in the Digital resilience incident reporting application.
    Update condition
    When an incident is reopened or updated, that classification condition is also defined in the flow. When the configured conditions are met, the incident is reported in the Digital resilience incident reporting application.

    Required and optional plugins

    The Digital resilience incident reporting application is available from the ServiceNow Store. This section details its required and optional plugins.

    Table 1. List of required plugins
    Application name Plugin
    Document designer (com.sn_grc_doc_design)
    Digital Operational Resilience Management (com.sn_app_grc_digital_resilience)
    GRC (app-grc)
    GRC Base Workspace (app-grc-base-workspace)
    GRC: Compliance Case Management (app-grc-case-mgmt)
    GRC Operational Resilience app-grc-operational-resilience (com.sn_grc_oper_res)
    GRC: Policy and Compliance Management (com.sn_compliance)
    Regulatory Agency Library (com.sn_reg_body_mgmt)
    Reusable impact framework (sn-reusable-impact-framework)
    Smart Assessment impact automation (app-smart-assessment-impact-automation)
    Smart Assessment response automation (app-smart-assessment-response-automation)
    Smart Assessment Core (sn_smart_asmt)
    Smart Assessment designer (sn_smart_asmt_desg)
    Table 2. List of optional plugins
    Application name Plugin
    Security Incident Response (app-sir)
    Digital Resilience Third-party Information Register (sn_info_reg)