Risk Management release notes ServiceNow® GRC: Risk Management application enhancements and updates in the Istanbul release. Risk Management is one of the applications contained within the GRC application. Activation information Activate Risk Management. New in the Istanbul release Profile and risk dependency mapping The GRC workbench allows users to map out and visualize operational dependencies and risks. It enables consistent risk mapping and modeling across the enterprise. The GRC: Workbench [com.sn_grc_workbench] plugin is a paid plugin, sold as a part of the GRC Suite. Performance Analytics (PA) indicator integration Users can associate PA indicators with policy statements and risk statements. PA indicators can automatically be associated with controls or risks based on available breakdowns. Trends are displayed at a higher granularity on the policy statement or risk statement form, or at the breakdown level on the control or risk forms. PA scorecards are provided for policy statements, controls, risk statements, and risks. Risk assessments Users can set the Assessment Metric Type for risk statements or risks. By default, risks inherit the same type as their parent statements. The base Survey Designer has been extended to work with risk assessments. Attestation surveys are now optional. If the Attestation field is populated, the respondents are sent a survey when the control moves to the Attest state. Otherwise, no attestation is sent and the user can move the control to the next state. Risk assessments can have multiple recipients.