Configure the UCF integration

UCF integration requires that GRC is configured and users are a Common Controls Hub administrator. The UCF integration is an OAuth based integration requiring a user's CCH Client ID and Client Secret.

Before you begin

Role required: sn_comp_ucf.admin and oauth_admin.
Note: Only the UCF Oauth administrator has access to the system Oauth tables. The user must give the UCF Oauth administrator role to the GRC UCF administrator, so the UCF administrator can set up UCF configuration page.

Before activating your UCF CCH account, delete all free demo accounts you may have received directly from UCF.

The configuration page for the global domain is loaded by default. If you are using Domain Separation, delete the default configuration page, and create one specific to your domain.

Procedure

  1. Navigate to Policy and Compliance > Administration > Unified Compliance Integration.
  2. Click the UCF configuration.
  3. Fill in the fields on the form, as appropriate.
    Table 1. UCF Configuration
    Field Description
    Shared List The shared list to be imported.
    Client ID The UCF OAuth Client ID, provided by ServiceNow® HI customer support. See Policy and Compliance UCF upgrade instructions for information.
    Note: Configuration information is specific to the ServiceNow® instance. Be sure to enter accurate information for any test, development, or production instances you are using. Do not include spaces in the entry.
    Client Secret The UCF OAuth Client Secret, provided by ServiceNow® HI customer support. See Policy and Compliance UCF upgrade instructions for information.
    Note: Configuration information is specific to the ServiceNow® instance. Be sure to enter accurate information for any test, development, or production instances you are using. Do not include spaces in the entry.
    Oauth2 Profile The OAuth2 profile to use for downloading. The default is the United Compliance Framework Default Profile that is installed with the UCF plugin. This field does not typically need to be changed .
    Redirect URL Enter the Redirect URL, provided by ServiceNow® HI customer support. See Policy and Compliance UCF upgrade instructions for information. For example, https://mycompany.service-now.com/oauth_redirect.do
    Note: Configuration information is specific to the ServiceNow® instance. Be sure to enter accurate information for any test, development, or production instances you are using. Do not include spaces in the entry.
  4. Right-click the form header and click Save.
  5. In the UCF Integration dialog that appears, click Request New Token.
    When configuring the UCF instance for the first time, a user with an UCF administrator account should request the new token.
  6. Enter your Common Controls Hub credentials and log in.
    The first time the UCF administrator logs into UCF, a message is displayed indicating that the application must be authorized, click Authorize.
  7. Select a shared list and click Save Configuration.