Application file protection policy A Read-only protection policy prevents anyone from modifying an application file or its related record. Some application code shipped with the ServiceNow system requires special protection. Only a ServiceNow employee can alter the protection policy and then modify the application file or its related record. A ServiceNow employee cannot make any changes without first changing the policy designation first. To prevent customizations from being overwritten by system upgrades, the upgrade process automatically skips changes to customer-updated records. If you modify an application file or related record that is later designated as Read-only in an upgrade, the application file maintains the default protection policy of Write. You keep the existing modifications and can continue modifying the records. Note: Should you revert a customized file to its baseline state, then the record inherits the new protection policy as well. This could result in a record going from a Write protection policy to a Read-only protection policy.