Governance, Risk, and Compliance (GRC) release notes

ServiceNow® Governance, Risk, and Compliance (GRC) application enhancements and updates in the Helsinki release.

Helsinki upgrade information

After activating the Compliance UCF plugin, submit a request on the ServiceNow HI Service Portal to validate GRC subscription and set up a UCF CCH account. For details, refer to Policy and Compliance UCF upgrade instructions.

Activation information

Each of the GRC-related plugins is available as a separate subscription:
  • GRC: Policy and Compliance Management (com.sn_compliance)
  • GRC: Risk Management (com.sn_risk)
  • GRC:Audit Management (com.sn_audit)

New in the Helsinki release

Policy and Compliance Management
GRC: Policy and Compliance Management replaces legacy IT compliance functionality. It includes a centralized process for creating and managing policies, standards, and internal control procedures that are cross-mapped to external regulations and best practices. The application also provides structured workflows for the identification, assessment, and continuous monitoring of control activities.
Risk Management
GRC: Risk Management has been rearchitected to provide a centralized process to identify, assess, respond to, and continuously monitor enterprise and IT risks that can negatively impact business operations. It also provides structured workflows for the management of risk assessments, risk indicators, and risk issues.
Audit Management
The GRC: Audit Management provides a centralized process for internal audit teams to automate the complete audit life cycle. Project-driven audits let auditors quickly scope engagements, conduct fieldwork, collect control evidence, and track audit observations.

Changed in this release