Product documentation Docs
    • English
    • Deutsch
    • 日本語
    • 한국어
    • Français
  • More Sites
    • Now Community
    • Developer Site
    • Knowledge Base
    • Product Information
    • ServiceNow.com
    • Training
    • Customer Success Center
    • ServiceNow Support Videos
  • Log in

Product documentation

  • Home
How search works:
  • Punctuation and capital letters are ignored
  • Special characters like underscores (_) are removed
  • Known synonyms are applied
  • The most relevant topics (based on weighting and matching to search terms) are listed first in search results
Topics are ranked in search results by how closely they match your search terms
  • A match on the entire phrase you typed
  • A match on part of the phrase you typed
  • A match on ALL of the terms in the phrase you typed
  • A match on ANY of the terms in the phrase you typed

Note: Matches in titles are always highly ranked.

  • Release version
    Table of Contents
    • Orlando release notes
Table of Contents
Choose your release version
    Home Orlando Release Notes Orlando release notes Learn about Orlando Release notes for upgrading from New York Features and changes by product Governance, Risk, and Compliance release notes

    Governance, Risk, and Compliance release notes

    • Save as PDF Selected topic Topic & subtopics All topics in contents
    • Unsubscribe Log in to subscribe to topics and get notified when content changes.
    • Share this page

    Governance, Risk, and Compliance release notes

    ServiceNow® Governance, Risk, and Compliance product enhancements and updates in the Orlando release.

    Orlando upgrade information

    If you are upgrading Governance, Risk, and Compliance products, the initial Orlando versions are available immediately in your instance. Going forward, all updates to GRC products are only available in the ServiceNow Store.

    If you have previously installed GRC products and want an update from the ServiceNow Store, you do not need to activate the Dependencies plugins for GRC products before you install the product updates.

    When you download and install GRC products from the ServiceNow Store, dependency plugins are automatically activated. For example, when you activate the Policy and Compliance Management product, the Policy and Compliance Management Dependencies plugin is automatically activated.

    If you have previously installed the GRC: Vendor Risk Management and GRC: SIG Questionnaire applications, and want to upgrade them to the Orlando release, be sure to update GRC: SIG Questionnaire first, as it will update all applications that use SIG, including GRC: Vendor Risk Management. If you update GRC: Vendor Risk Management first, be sure to manually update GRC: SIG Questionnaire after the GRC: Vendor Risk Management update is complete.

    New in the Orlando release

    Cybersecurity Controls Accelerator
    Version 11.0.3: Easily enhance your overall security preparedness and cyber-defense posture using the Cybersecurity Controls Accelerator. The accelerator contains the CIS Controls authority document, associated citations, and control objectives. When used with the Technology Controls Monitoring Accelerator, you can take advantage of pre-defined indicator templates mapped to the CIS Controls for automated control validation and continuous monitoring.
    GRC Business User role
    GRC: Profiles Version 11.0.3: To improve the internal security of the product, a dedicated GRC Business User role was created for users who require access only to GRC applications in the context of performing tasks assigned to them. Users with the GRC Business User role are provided limited access to data and to information relevant to the tasks assigned to them.
    Technology Controls Monitoring Accelerator
    Version 11.0.1: Monitor your technology controls, such as CIS controls using pre-defined manual and automated indicators.
    Advanced Governance, Risk, and Compliance Application Risk dashboard
    Version 10.1.3: Use this integrated application dashboard to view the most recent risk and compliance aspects around the business applications that you use in your enterprise. The dashboard, available from ServiceNow® Audit Management, Policy and Compliance Management, and Risk Management, highlights the compliance impact and risk posture of your applications, the current state of remediation and exception activities, and audit activity.
    Predict issue owner using GRC Predictive Intelligence
    Version 10.1: Activate the GRC Predictive Intelligence plugin (com.sn_grc_pred_intel) to automatically route issues to the correct assignee. Use this plugin to save time when identifying an issue owner. The identification is based on historical data analysis and artificial learning.
    Operational Risk Management Dashboard
    Version 10.1: View the complete risk posture for an enterprise using the Operational Risk Management dashboard. This dashboard enables an entity owner to view the complete risk posture in a single, consolidated report. This dashboard enables you to analyze the risk posture efficiently and take the necessary corrective actions to preemptively manage risk. This dashboard generates real-time risk reports and also shows the past performance data and future forecast. Risk administrators can personalize this dashboard by adding and removing the necessary widgets, changing the colors, and so on.
    Report issues from the Service Portal
    Version 10.1: Directly report issues from the simplified ServiceNow®Service Portal to save time for users who want to report an issue.
    GDPR DPIA Use Case Accelerator

    Version 9.0: Perform preliminary and General Data Protection Regulation (GDPR) data protection impact assessments (DPIA) to protect the personal data of individuals within and outside of the EU.

    Virtual Agent support for risk events

    Version 9.0: Set up the GRC ServiceNow® Virtual Agent application to report risk events from the ServiceNow® Service Portal. A GRC Virtual Agent chatbot helps customers quickly report a risk event. The GRCVirtual Agent chatbot also assists customers by saving their time.

    Virtual Agent support for policy exceptions

    Version 9.0: Set up the GRC Virtual Agent application to request policy exceptions from the Service Portal. A GRC Virtual Agent chatbot helps customers quickly request an exception. The GRC Virtual Agent chatbot also assists customers by saving their time and enhancing the customer experience.

    SIG 2019 Support

    Version 9.0: Download the 2019 version of the SIG Questionnaire from the ServiceNow Store.

    SIG 2020 Support

    Version 10.0: Download the 2020 version of the SIG Questionnaire from the ServiceNow Store.

    Changed in this release

    GRC: SOX reports

    Version 10.0: Use SOX content in GRC components, such as entities, control objectives, audit tasks, and so on. The layout and view of existing SOX reports have been improved. New features and capabilities have been added to ServiceNow® Policy and Compliance Management and ServiceNow® Advanced Risk.

    Removed from this release

    • In GRC: SIG Questionnaire Integration, SIG 2017 is no longer supported. Upload SIG versions 2018 or later. If a vendor uploads a version prior to the 2018 SIG, all responses for matching questions are imported and any responses for questions that do not match are imported with blank responses for the vendor to answer later.

    Deprecations

    • Version 11.0.3: GRC: RiskLens Integration has been deprecated. Consider using the RiskLens Assessment Integration from RiskLens, Inc.

    Activation information

    Before you run any of the GRC applications in your instance, you must download them from the ServiceNow Store.

    • Advanced Risk release notes

      ServiceNow® Advanced Risk product enhancements and updates in the Orlando release.

    • Audit Management release notes

      ServiceNow® Audit Management product enhancements and updates in the Orlando release.

    • Continuous Authorization and Monitoring release notes

      The ServiceNow® Continuous Authorization and Monitoring application provides a standardized approach to defining an authorization package and walking through the seven stages of the Risk Management Framework (RMF). Continuous Authorization and Monitoring is a new application in the Orlando release.

    • Operational Resilience release notes

      The ServiceNow® Operational Resilience application allows an organization to continue to provide business services in the face of adverse operational events, such as fire, pandemic, weather, hacking, and so forth. Operational Resilience is a new application in the Orlando release.

    • Policy and Compliance Management release notes

      ServiceNow® Policy and Compliance Management product enhancements and updates in the Orlando release.

    • Regulatory Change Management release notes

      ServiceNow® Regulatory Change Management is a new application in the Orlando release.

    • Vendor Risk Management release notes

      ServiceNow® Vendor Risk Management product enhancements and updates in the Orlando release.

    Tags:

    Feedback
    On this page

    Previous topic

    Next topic

    • Contact Us
    • Careers
    • Terms of Use
    • Privacy Statement
    • Sitemap
    • © ServiceNow. All rights reserved.

    Release version
    Choose your release version

      Governance, Risk, and Compliance release notes

      • Save as PDF Selected topic Topic & subtopics All topics in contents
      • Unsubscribe Log in to subscribe to topics and get notified when content changes.
      • Share this page

      Governance, Risk, and Compliance release notes

      ServiceNow® Governance, Risk, and Compliance product enhancements and updates in the Orlando release.

      Orlando upgrade information

      If you are upgrading Governance, Risk, and Compliance products, the initial Orlando versions are available immediately in your instance. Going forward, all updates to GRC products are only available in the ServiceNow Store.

      If you have previously installed GRC products and want an update from the ServiceNow Store, you do not need to activate the Dependencies plugins for GRC products before you install the product updates.

      When you download and install GRC products from the ServiceNow Store, dependency plugins are automatically activated. For example, when you activate the Policy and Compliance Management product, the Policy and Compliance Management Dependencies plugin is automatically activated.

      If you have previously installed the GRC: Vendor Risk Management and GRC: SIG Questionnaire applications, and want to upgrade them to the Orlando release, be sure to update GRC: SIG Questionnaire first, as it will update all applications that use SIG, including GRC: Vendor Risk Management. If you update GRC: Vendor Risk Management first, be sure to manually update GRC: SIG Questionnaire after the GRC: Vendor Risk Management update is complete.

      New in the Orlando release

      Cybersecurity Controls Accelerator
      Version 11.0.3: Easily enhance your overall security preparedness and cyber-defense posture using the Cybersecurity Controls Accelerator. The accelerator contains the CIS Controls authority document, associated citations, and control objectives. When used with the Technology Controls Monitoring Accelerator, you can take advantage of pre-defined indicator templates mapped to the CIS Controls for automated control validation and continuous monitoring.
      GRC Business User role
      GRC: Profiles Version 11.0.3: To improve the internal security of the product, a dedicated GRC Business User role was created for users who require access only to GRC applications in the context of performing tasks assigned to them. Users with the GRC Business User role are provided limited access to data and to information relevant to the tasks assigned to them.
      Technology Controls Monitoring Accelerator
      Version 11.0.1: Monitor your technology controls, such as CIS controls using pre-defined manual and automated indicators.
      Advanced Governance, Risk, and Compliance Application Risk dashboard
      Version 10.1.3: Use this integrated application dashboard to view the most recent risk and compliance aspects around the business applications that you use in your enterprise. The dashboard, available from ServiceNow® Audit Management, Policy and Compliance Management, and Risk Management, highlights the compliance impact and risk posture of your applications, the current state of remediation and exception activities, and audit activity.
      Predict issue owner using GRC Predictive Intelligence
      Version 10.1: Activate the GRC Predictive Intelligence plugin (com.sn_grc_pred_intel) to automatically route issues to the correct assignee. Use this plugin to save time when identifying an issue owner. The identification is based on historical data analysis and artificial learning.
      Operational Risk Management Dashboard
      Version 10.1: View the complete risk posture for an enterprise using the Operational Risk Management dashboard. This dashboard enables an entity owner to view the complete risk posture in a single, consolidated report. This dashboard enables you to analyze the risk posture efficiently and take the necessary corrective actions to preemptively manage risk. This dashboard generates real-time risk reports and also shows the past performance data and future forecast. Risk administrators can personalize this dashboard by adding and removing the necessary widgets, changing the colors, and so on.
      Report issues from the Service Portal
      Version 10.1: Directly report issues from the simplified ServiceNow®Service Portal to save time for users who want to report an issue.
      GDPR DPIA Use Case Accelerator

      Version 9.0: Perform preliminary and General Data Protection Regulation (GDPR) data protection impact assessments (DPIA) to protect the personal data of individuals within and outside of the EU.

      Virtual Agent support for risk events

      Version 9.0: Set up the GRC ServiceNow® Virtual Agent application to report risk events from the ServiceNow® Service Portal. A GRC Virtual Agent chatbot helps customers quickly report a risk event. The GRCVirtual Agent chatbot also assists customers by saving their time.

      Virtual Agent support for policy exceptions

      Version 9.0: Set up the GRC Virtual Agent application to request policy exceptions from the Service Portal. A GRC Virtual Agent chatbot helps customers quickly request an exception. The GRC Virtual Agent chatbot also assists customers by saving their time and enhancing the customer experience.

      SIG 2019 Support

      Version 9.0: Download the 2019 version of the SIG Questionnaire from the ServiceNow Store.

      SIG 2020 Support

      Version 10.0: Download the 2020 version of the SIG Questionnaire from the ServiceNow Store.

      Changed in this release

      GRC: SOX reports

      Version 10.0: Use SOX content in GRC components, such as entities, control objectives, audit tasks, and so on. The layout and view of existing SOX reports have been improved. New features and capabilities have been added to ServiceNow® Policy and Compliance Management and ServiceNow® Advanced Risk.

      Removed from this release

      • In GRC: SIG Questionnaire Integration, SIG 2017 is no longer supported. Upload SIG versions 2018 or later. If a vendor uploads a version prior to the 2018 SIG, all responses for matching questions are imported and any responses for questions that do not match are imported with blank responses for the vendor to answer later.

      Deprecations

      • Version 11.0.3: GRC: RiskLens Integration has been deprecated. Consider using the RiskLens Assessment Integration from RiskLens, Inc.

      Activation information

      Before you run any of the GRC applications in your instance, you must download them from the ServiceNow Store.

      • Advanced Risk release notes

        ServiceNow® Advanced Risk product enhancements and updates in the Orlando release.

      • Audit Management release notes

        ServiceNow® Audit Management product enhancements and updates in the Orlando release.

      • Continuous Authorization and Monitoring release notes

        The ServiceNow® Continuous Authorization and Monitoring application provides a standardized approach to defining an authorization package and walking through the seven stages of the Risk Management Framework (RMF). Continuous Authorization and Monitoring is a new application in the Orlando release.

      • Operational Resilience release notes

        The ServiceNow® Operational Resilience application allows an organization to continue to provide business services in the face of adverse operational events, such as fire, pandemic, weather, hacking, and so forth. Operational Resilience is a new application in the Orlando release.

      • Policy and Compliance Management release notes

        ServiceNow® Policy and Compliance Management product enhancements and updates in the Orlando release.

      • Regulatory Change Management release notes

        ServiceNow® Regulatory Change Management is a new application in the Orlando release.

      • Vendor Risk Management release notes

        ServiceNow® Vendor Risk Management product enhancements and updates in the Orlando release.

      Tags:

      Feedback

          Share this page

          Got it! Feel free to add a comment
          To share your product suggestions, visit the Idea Portal.
          Please let us know how to improve this content

          Check any that apply

          To share your product suggestions, visit the Idea Portal.
          Confirm

          We were unable to find "Coaching" in Jakarta. Would you like to search instead?

          No Yes
          • Contact Us
          • Careers
          • Terms of Use
          • Privacy Statement
          • Sitemap
          • © ServiceNow. All rights reserved.

          Subscribe Subscribed Unsubscribe Last updated: Tags: January February March April May June July August September October November December No Results Found Versions Search preferences successfully updated My release version successfully updated My release version successfully deleted An error has occurred. Please try again later. You have been unsubscribed from all topics. You are now subscribed to and will receive notifications if any changes are made to this page. You have been unsubscribed from this content Thank you for your feedback. Form temporarily unavailable. Please try again or contact  docfeedback@servicenow.com  to submit your comments. The topic you requested does not exist in the release. You were redirected to a related topic instead. The available release versions for this topic are listed There is no specific version for this documentation. Explore products Click to go to the page. Release notes and upgrades Click to open the dropdown menu. Delete Remove No selected version Reset This field is required You are already subscribed to this topic Attach screenshot The file you uploaded exceeds the allowed file size of 20MB. Please try again with a smaller file. Please complete the reCAPTCHA step to attach a screenshot
          Log in to personalize your search results and subscribe to topics
          No, thanks Login