The ServiceNow Compliance Case Management application enables customers to manage their compliance cases, such as policy and regulatory violations and complaints. It enables collaboration with key stakeholders to perform assessments, investigation tasks, and other actions to effectively manage compliance cases. Additionally, it supports analyzing causes and consequences as part of the post-case review process.
Compliance Requests:
Compliance request configurations consist of two active compliance request types, each with dedicated workflows to manage compliance-specific inquiries and approvals related to policy improvements.
Each request type can be configured with the following elements:
-
- Workflow
- Form view (show or hide fields based on request type)
- Assignment rules (to assign an analyst to a compliance request)
- Approval workflow
- Any approvers
- All approvers
- Specific percentage of users to approve
Employees can raise a compliance request and contact the compliance team through the Employee Center. The compliance team analyzes the request, identifies related policies and controls, and obtains additional approvals, if necessary.
Compliance Case:
Employees can report events or policy violations and contact the compliance team through the Employee Center.
APIs are available to create and update compliance cases from various sources, such as ServiceNow Apps (Security Incident Response, IT Incidents, HR Cases) and third-party integrations.
Compliance team analyzes the case, conducts investigations, and collaborates with various teams by creating and assigning case tasks.
Compliance case configurations: The configurations consist of two active compliance case types, each with dedicated workflows to manage policy and regulatory violations use cases.
Each case type can be configured with the following elements:
- Workflow
- Form view (show or hide fields based on case types)
- Assignment rules (to assign an analyst to a compliance case)
- Assessment templates
New
- Ability to create anonymous compliance cases from the Anonymous Reporting Center portal.
- AI-based compliance case summarization capability that covers all the key insights and details of a compliance case.
Fixed
- Fixed security bugs.
The following GRC applications must be installed and activated:
- GRC: Policy and Compliance Management (com.sn_compliance)
-
GRC: Compliance Management Workspace (com.sn_compliance_ws)
- GRC: Common Workspace Elements (com.sn_grc_workspace)
Permissions and roles:
- Role required to install the app: System Administrator (admin)