Governance, Risk, and Compliance common release notes

ServiceNow® Governance, Risk, and Compliance common application enhancements and updates in the Istanbul release.

Activation information

Whenever any of the GRC plugins are activated, both the GRC: Profiles [com.sn_grc] plugin and the GRC: Common [com.sn.grc.common] plugins are automatically activated, providing core components and a common architecture for all GRC applications.

New in the Istanbul release

Profile and risk dependency mapping
The GRC workbench allows users to map out and visualize operational dependencies and risks. It enables consistent risk mapping and modeling across the enterprise. The GRC: Workbench [com.sn_grc_workbench] plugin is a paid plugin, sold as a part of the GRC Suite.
Performance Analytics (PA) indicator integration
Users can associate PA indicators with policy statements and risk statements. PA indicators can automatically be associated with controls or risks based on available breakdowns. Trends are displayed at a higher granularity on the policy statement or risk statement form, or at the breakdown level on the control or risk forms. PA scorecards are provided for policy statements, controls, risk statements, and risks.

Changed in Istanbul release

Assessments and attestations can now be created using:

Removed in this release

  • Attestation questions are no longer appended to existing surveys. Instead, every control or risk gets its own attestation survey when it is attested. As a result, attestations are not longer displayed under Self-Service > My Assessments & Surveys. Attestations can be found under Policy and Compliance > Controls > My Attestations. Risk assessments can be found under Risk > Risk Register > My Assessments.