GRC

Governance, Risk, and Compliance highlights for the San Diego release

New in the San Diego Release:

  • Explore workspaces that have data navigation enhancements and form design changes in the GRC applications.
  • View the security and access enhancements for the GRC applications.
  • Security updates
  • Manage who can access your GRC records with the GRC user roles. Earlier, your users with the snc_internal role could also access the GRC records. As part of the security updates, each GRC application has modified access control lists (ACLs) where access to the GRC records is restricted only to the users with the GRC roles.
  • Confidential records
  • Enable the sn_grc.enable_record_confidentiality property under GRC properties module in the application navigator to display the Confidentiality tab on a form. You can mark sensitive GRC records as confidential by setting the confidential flag for a record.
  • User groups
  • Create secure user groups on your GRC tables by enabling the sn_grc.enable_groups_access property under the GRC properties module in the application navigator. You can restrict a user or a set of users from accessing specific records by creating user groups in the record.
  • User hierarchy
  • Enable the user hierarchy properties under GRC properties in your instances. The managers can view the records that are associated to the users who report to them, based on the user hierarchy that is configured in the sys_user table.

Changed in the San Diego Release:

Enhancements in the 360º view
View the following enhancements in the 360º view:

  • Enable the donut chart on a related list when a pill is clicked.
  • Apply an order to the pills in a section.
  • Fix multiple defects for a better user experience.

Functionality enhancements for the entities
View the following enhancements in the entity and entity filter form:

  • Receive an email notification when a user is assigned as an entity owner.
  • Select Auto-update owner to keep the entity owner in synchronization with the value from its reference (source) field.
    • In addition, form design changes are introduced in the entity and entity filter form such as:

    • The Class and Owner fields are now mandatory.
    • The Department field and the Activity journal are added to the entity form.

Integration of Employee center and GRC
Easily report risk events, raise issues, and policy exceptions from the employee center. This portal also enables employees to attest to a control, respond to a risk identification questionnaire, respond to a risk assessment, and complete the issue remediation tasks.
Specifying risk relevance
Specify the details of how a risk applies to your users. Adding risk details and relevance helps your users to document how the risk applies to them and ensures that they can add the relevant context.
Tasks page enhancements
Add or remove the tabs in the Task Configuration record. You can also prioritize or order the tabs in a sequence. If the same order is configured for two tabs, the tabs are displayed in an alphabetical order.

Deprecated in this release:
RiskLens Integration is no longer deployed, enhanced, or supported. For details, see the Deprecation Process [KB0867184] article in the Now Support knowledge base.

  • Audit Management release notes
    The ServiceNow® Audit Management application supports activities related to planning audit engagements, executing engagements, and reporting findings to an audit committee. Engagement reporting helps assure key stakeholders that the organization’s risk and compliance management strategy is effective. Audit Management was enhanced and updated in the San Diego release.
  • Business Continuity Management release notes
    The ServiceNow® Business Continuity Management application provides business continuity solutions when business is impacted during a crisis. Business Continuity Management was enhanced and updated in the San Diego release.
  • GRC: integrations with third-party content release notes
    The ServiceNow® GRC: integrations with third-party content application provides the APIs and staging tables that can help you to manage the content that you receive from third parties. GRC: integrations with third-party content is a new application in the San Diego release.
  • Policy and Compliance integrator release notes
    The ServiceNow® GRC: Policy and Compliance integrator application provides a common framework so that your content providers can push their content into the GRC applications. The GRC: Policy and Compliance integrator is a new application in the San Diego release.
  • Policy and Compliance Management release notes
    The ServiceNow® Policy and Compliance Management application provides a centralized process for creating and managing policies, standards, and internal control procedures that are cross-mapped to external regulations and best practices. Policy and Compliance Management was enhanced and updated in the San Diego release.
  • Regulatory Change Management release notes
    The ServiceNow® Regulatory Change Management application helps you to manage the regulatory changes in your organization. Regulatory Change Management was enhanced and updated in the San Diego release.
  • Privacy Management release notes
    The ServiceNow® Privacy Management application enables you to manage your organization’s privacy risks and compliance to protect your customers, employees, and suppliers. Privacy Management was enhanced and updated in the San Diego release.
  • Advanced Risk release notes
    The ServiceNow® Advanced Risk application helps you avoid any negative impact to your business operations by identifying, assessing, responding to, and continuously monitoring risks. Advanced Risk was enhanced and updated in the San Diego release.
  • Vendor Risk Management release notes
    The ServiceNow® Vendor Risk Management application provides expanded capabilities for using scores and ratings from external providers beyond security, and an automated approach to increasing visibility that improves your ability to provide guidance to vendors and remediate issues. Vendor Risk Management was enhanced and updated in the San Diego release.
A strategically driven, cybersecurity and information assurance Leader. Adept at implementing security policies, regulations, and guidelines to ensure secure environments with cost-effective security solutions for critical business assets and information requirements. Consistently identifies opportunities for improvement and implements innovative solutions to improve performance, while creating value across business units.

Get the latest updates and news around the digital world from the ADVANCE.

wpChatIcon