Governance, Risk, and Compliance (GRC) release notes ServiceNow® Governance, Risk, and Compliance (GRC) application enhancements and updates in the Helsinki release. Helsinki upgrade information After activating the Compliance UCF plugin, submit a request on the ServiceNow HI Service Portal to validate GRC subscription and set up a UCF CCH account. For details, refer to Policy and Compliance UCF upgrade instructions. Activation information Each of the GRC-related plugins is available as a separate subscription: GRC: Policy and Compliance Management (com.sn_compliance) GRC: Risk Management (com.sn_risk) GRC:Audit Management (com.sn_audit) New in the Helsinki release Policy and Compliance Management GRC: Policy and Compliance Management replaces legacy IT compliance functionality. It includes a centralized process for creating and managing policies, standards, and internal control procedures that are cross-mapped to external regulations and best practices. The application also provides structured workflows for the identification, assessment, and continuous monitoring of control activities. Risk Management GRC: Risk Management has been rearchitected to provide a centralized process to identify, assess, respond to, and continuously monitor enterprise and IT risks that can negatively impact business operations. It also provides structured workflows for the management of risk assessments, risk indicators, and risk issues. Audit Management The GRC: Audit Management provides a centralized process for internal audit teams to automate the complete audit life cycle. Project-driven audits let auditors quickly scope engagements, conduct fieldwork, collect control evidence, and track audit observations. Changed in this release Legacy functionality (com.snc.governance) has been deprecated. The common applications, GRC: Profiles [com.sn_grc] and GRC: Common [cpm.sn.grc.common] were rewritten to provide profiling, continuous monitoring, and issue management functionality to all GRC applications.