Application file protection policy A read-only protection policy prevents anyone from modifying an application file or its related record. Some application code shipped with the ServiceNow system requires special protection. Only a ServiceNow employee can alter the protection policy and then modify the application file or its related record. A ServiceNow employee cannot edit protected files without changing the policy designation first. To prevent customizations from being overwritten by system upgrades, the upgrade process automatically skips changes to customer-updated records. If you modify an application file or related record that is later designated as Read-only in an upgrade, the application file maintains the default protection policy of Write. You keep the existing modifications and can continue modifying the records. Note: Reverting a customized file to its baseline state causes the record to inherit the new protection policy as well. For example, a record going from a Write protection policy to a Read-only protection policy.