• Version: 11.0.1: Operational Risk Management dashboard View the complete risk posture for the enterprise in a single consolidated report. The enhanced dashboard brings information from various modules including issues, indicators, and control testing. The dashboard has key metrics which help in analyzing and tracking the performance of these measures over a period.
• Version: 11.0.1: Enable or disable the risk response workflow: Decide if you want to enable the risk response workflow in your risk assessment. By default, the risk response workflow is enabled.
• Version: 11.0.1: Copy factors and risk assessment methodologies: Modify your risk assessment methodology and factors by creating a copy of the record. The option to copy allows the system to create a true copy of the underlying record including all the related lists. This action saves the time of risk administrators as they do not have to create the records from the beginning each time.
• Version: 11.0.1: Retire a risk assessment methodology: Retire the legacy risk assessment methodologies that are no longer active. This enables easier management of risk assessment methodologies.
• Version: 11.0.1: Schedule risk assessments: Automatically initiate risk assessments by using the risk assessment scheduler. Select the entities, define the assessors, and define the frequency. This is useful and time efficient for the risk managers who do not have to manually initiate assessments.
• Version: 11.0.1: Cancel or recall a risk assessment: Recall a risk assessment if there's any change or the risks no longer must be assessed. After a risk assessment is recalled, the risk assessors are notified and the tasks no longer appear in the assessors queue.
• Version: 11.0.1: Create ad hoc risks and controls during assessment: Create risks and controls during risk assessment. This flexibility is useful for the risk administrators when they configure the risk assessment methodology. This is also useful for the customers as they have greater control on their assessments.
• Version: 11.0.1: Assess risk assessments with the business user role: Allow any user with the sn_grc.business_user role to assess and approve risk assessments. This simplifies the task of a risk administrator who does not have to assign roles to each user who wants to perform a risk assessment.
• Version: 11.0.1: Assess risks at any level of the risk statement hierarchy: ​Associate entities and entity types, along with indicator templates, at any level of the risk statement hierarchy. This is useful for risk managers while assessing risks as they can perform risk assessments for the top-level risks.
• Version: 11.0.1: Manage risks linked to the same risk statement and entity​: Create and associate multiple risks to the same risk statement and entity combination. This feature benefits the risk managers and the entity owners. The risk managers can define the risk taxonomy according to their requirements. The entity owners can also identify risks for their entity and link them to the enterprise risk taxonomy thus ensuring orphan risks are not created.
• Version: 11.0.1: Use control guidance for individual assessment of controls: Use the control guidance when assessing controls to get assistance on how to respond to a factor.
• Version: 11.0.1: Integrate advanced risk assessments with risks, controls, and entities: Minimize complexity for the customers so that they do not have to keep track of the legacy risk assessment method and the advanced risk assessments. Enable the Migrate to Advanced Risk Assessments property to eliminate the legacy views on the risk form. This new property enables a new section called Assessment Summary where users can view the risk scores and the risk response for the primary risk assessment methodology.
• Version: 11.0.1: Track assessment due dates with notifications and reminders: As a risk administrator, specify how many days before a risk assessment is due an email must be sent to the assessors. The risk administrators can also specify how many days after the assessment is overdue must the assessors be notified. The date is also displayed on the risk assessment form with a red color code that draws immediate attention to the delay and is useful for tracking.

Version 10.0: After upgrades and deployments of new applications or integrations, run quick start tests to verify that Risk Management still works. If you customized Risk Management, copy the quick start tests and configure them for your customizations.

• Viewing My Risk Events (Version 9.0): Report risk events and quickly view the events that you've reported in the ServiceNow® Service Portal under My Risk Events.
• Adding risk event cause and consequence (Version 9.0): Add causes and consequences of risk events in the cause and consequence library. This centralized library contains the possible causes and consequences that can lead to a risk event. This information helps your users make decisions about risk analysis, risk prediction, and prevention of risks.
• Selecting currency while reporting risk events (Version 9.0): Select the currency when you report risk events.
• Relating risk events to risk and relating risk statements to risks (Version 9.0): Relate risk events to risks and relate a risk statement to a risk. Establishing this relationship is important for all organizations that use the ServiceNow® Risk Management application. Establishing this relationship provides data for future risk assessments and is also useful for accurate reporting and preventing the creation of orphan risks.
• Classifying rapid recovery (Version 9.0): Define rapid recovery in your risk events. Recovery is defined as a recovery of loss incurred from a risk event. Rapid recovery refers to the recovery that is generally made in five days. You can modify the default number of days for rapid recovery classification.
• Classifying near miss events automatically (Version 9.0): Automatically classify a near miss event. Based on preconfigured business rules, the system automatically flags a risk event as a "Near Miss." You can also specify the reason for the near miss.
• Classifying gain events (Version 9.0): Track risk events that don't lead to losses but to actual gains. A risk event result can also result in a financial gain for your organization. By tracking these events, you can understand which controls are effective or which risk becomes an opportunity.

Work Progress Status for Agile Teams provides a green, yellow, red (GYR) progress status on Agile 2.0 epics to indicate whether the work is likely to be completed by the epic's planned end date. It also provides an estimated completion date based on the rates at which the scope of work is changing and the work is being completed.

After upgrades and deployments of new applications or integrations, run quick start tests to verify that Agile Development 2.0 still works. If you customized Agile Development 2.0, copy the quick start tests and configure them for your customizations.

Opt-in to the required product available on ServiceNow Store by navigating to the ServiceNow Products module. After opting in, you can access details of the applications that are part of the product, in the Licensed and Not Licensed tabs.

Manage application entitlement from your ServiceNow instance. After purchasing the application on ServiceNow Store, the application is displayed in your ServiceNow instance with the indicator as Instance not entitled.

After providing entitlement to your instance, you can install the application if it is compatible with the version of ServiceNow instance.

Only after providing entitlement to your instance, you can install the product if it is compatible with the version of ServiceNow instance.

• When user navigates to the All or My Company Applications module under System Applications. The message is displayed only if there are applications that aren't mapped to subscriptions.
• When a user installs an application.
• When an application is successfully installed, in the confirmation pop-up window. Click Go to Subscription Management to map the installed application to a subscription.
• In the application tile of an installed ServiceNow Store application. Click Go to Subscription Management in the more actions icon () of the application tile to map the installed application to a subscription.
  Note: The Go to Subscription Management button isn't displayed in the application tile of custom applications, that is applications in the My Company Applications module.

Use Business Application Lifecycle Management Services in a similar way to requesting a service catalog item. Use the service catalog category of Business Application Lifecycle Management services as follows:

• Request to on-board a new business application into Application Portfolio Management (APM).

  This service is also enhanced with Predictive Intelligence, providing a machine-learning solution that empowers the service by suggesting a suitable category for the application when it is on-boarded.

• Request a review with the IT architecture review board.
• Retire a business application in APM.

Using the service catalog Business Application Lifecycle Management services helps an IT organization to standardize its delivery services for the business application users. Each service generates a flow that tracks the follow-up actions once the requests are approved. The flow designer automates approvals, tasks, email notifications, and updates the business application record in the record table. The service also helps in proper decommissioning of the application.

Generate application scores using a hierarchy of indicators to evaluate a business application by adding a set of indicators as the data source for another indicator.

Multi-tier indicators provide information about the various dimensions of cost that helps in evaluating the value of the business application.

• Expand each level of business capability in the capability map to view its sub-capabilities and their CI scores.
• For a capability that is at the leaf node, you can click the Score, People, Process, and Technology links to navigate directly to the CI Scores form and the Indicator Scores form to view the scores for People, Process, and Technology indicators. These links save you from having to navigate to the forms from the application navigator.

After upgrades and deployments of new applications or integrations, run quick start tests to verify that Application Portfolio Management still works. If you customized Application Portfolio Management, copy the quick start tests and configure them for your customizations.

Version 10.1: After upgrades and deployments of new applications or integrations, run quick start tests to verify that Audit Management still works. If you customized Audit Management, copy the quick start tests and configure them for your customizations.

View a group's change success history by clicking the Change Success score icon, which is available in all change forms for Assignment groups.

Use the Enable/Disable Scheduling conflict message menu option to show or hide the scheduling conflict messages. This UI option is made available when the change.conflict.show_conflict_message property is set to User preference.

• User Preference
• Always
• Never

• Enable and use the com.snc.change_request.event.state_updated.enabled property to generate an sn_change.state.updated event when the state of a Change request is updated. By default, this property is disabled.
• Enter the state values that you want to consider in the com.snc.change_request.event.state_updated.states property to generate the sn_change.state.updated event. If no value is entered, the event is generated for all state changes.

• Field level encryption support. Use the new encrypted_fields parameter for field level encryption support.
• Reference fields and Choice fields will accept display values and values interchangeably. The code logic will determine whether the value passed is a value or a display value and behaves accordingly.

If you have not set up billing in Cloud Provisioning and Governance and have downloaded and activated the Cloud Insights store app on your ServiceNow instance, you are automatically directed to the Cloud Insights home page for cloud billing.

Modifications to the events that are generated after an integration run is completed so they are compatible with any third-party scanner.

• View the number of active (open) test results and the percentage of test results currently in remediation or deferral to help you efficiently manage your remediation tasks (test result groups).
• View policies that show the percentage of your assets that are out of compliance with that policy.
• Data displayed on Remediation tabs for the test result, test, and policy records are updated daily by a scheduled job.
• Click the Update Status Related link to refresh remediation status metrics on-demand from the test result, test, and policy records.

• Create pre-populated change requests of varying types (emergency, standard, or normal) to expedite your remediation of non-compliant software in your environment.
• Use change requests to help you prioritize, track, and remediate test results that require additional resources or time to remediate.
• Associate test result groups to existing change requests.
• Split large test result groups into smaller groups to help you identify test results for deferral or regroup test results and configuration items that require additional resources.
• When enabled, state synchronization resolves test result groups automatically after change requests are implemented.

• On-demand CMDB reconciliation on discovered items
• The corresponding test result-CI association is updated for active test results.
• Assignment rules, group rules, risk scores, risk ratings, and remediation targets are re-evaluated.
• Discovered item status is updated accordingly, for example, discovered item status changes from Unmatched to Matched.

On assignment rules, remediation target rules, CI lookup rules, and calculators records and forms, the search text you enter in the condition builder is not case-sensitive. Case sensitivity is no longer supported for searches on these records.

The CMDB CI Class Models application dependency for this feature is automatically installed with v12.1 of Vulnerability Response. The installation may take some time.

Enable Multisource CMDB to retain the history of all updates to attribute values from all discovery sources. When multiple discovery sources attempt to update the same CI (Configuration Item) attribute, CMDB uses reconciliation rules to select the discovery source whose value updates the CI attribute. Multisource CMDB retains details about the discovery source that was used for an update, and also about all the other discovery sources that were rejected for that update. Without Multisource CMDB, data on rejected updates is discarded. This includes details about the discovery sources of lower priority along with their suggested attribute values.

Use a wizard-like tool that guides you through all the necessary configuration steps for creating and populating an application service, following CSDM workflow. Using this tool, you can configure an application service with the following CMDB-based service population methods:

To use application services effectively, ensure that they are fully configured and are populated. You can monitor the health state of application services in the Application Services Dashboard, which shows details about incomplete application services. Edit the application services that are missing service population methods or other important details, as indicated on the Application Service Dashboard.

• Query on application services in the context of non-CMDB tables. For example, query on the incidents or changes for CIs of a particular application service.
• Query on patterns between an application service and other nodes in the query.
• Include all CIs within an application service in a CMDB query, not just the application service CI.

After upgrades and deployments of new applications or integrations, run quick start tests to verify that CMDB still works. If you customized CMDB, copy the quick start tests and configure them for your customizations.

• Collapse the search results widget when creating a new record in a form(com.snc.contextual_search.widget.form.open_collapsed_new_records): Controls whether the search results are expanded or collapsed when you create a new record.
• Auto expand the search results widget when search field updates in a form(com.snc.contextual_search.widget.form.expand_on_search_field_update): Controls whether to auto-expand and run the search when you update the search field.

After upgrades and deployments of new applications or integrations, run quick start tests to verify that Continuous Authorization and Monitoring still works. If you customized Continuous Authorization and Monitoring, copy the quick start tests and configure them for your customizations.

• Organizations with internal and external business locations and users
• Households and household members

After upgrades and deployments of new applications or integrations, run quick start tests to verify that Customer Service Management still works. If you customized Customer Service Management, copy the quick start tests and configure them for your customizations.

Configure SonarQube scans on Jenkins and Azure DevOps pipelines. Scan results are fetched from the pipeline in ServiceNow DevOps.

View summary results for code quality tools that can be viewed in a related list of a Change Request or a Task Execution flow. Use code quality results for change automation, this includes a way to make an automation policy against the results.

Integrate Microsoft Azure DevOps pipelines without modifying the pipeline except for artifacts and change control. Automatically create pipeline steps when modeling the pipeline in DevOps.

Integrate Azure DevOps release pipelines using the ServiceNow DevOps Release Gate task in the ServiceNow DevOps extension for Azure DevOps. You can also use the Azure Invoke REST API as a pre-deployment gate.

Version 1.14: Import historical work items (tasks, issues, and epics) for Azure DevOps basic projects.

Version 1.17: Integrate Azure DevOps without the need to add start and end job notifications to the Azure pipeline. Azure pipeline modifications are needed only for pipeline artifact and change.

Version 1.16: Integrate GitLab Source Code Management as a coding tool and GitLab Continuous Integration as an orchestration tool to see commits along with pipeline data, for automated change requests, and additional insights.

Version 1.17: Automatically discover GitLab pipelines during orchestration tool setup.

Version 1.23: Automatically import and categorize GitLab JUnit tests during pipeline execution.

Version 1.24: Capture tags from GitLab coding tool commits. Bulk commits are supported.

Version 1.17: Connect to GitHub Apps using OAuth 2.0 credentials.

Version 1.13: Automatically discover Jenkins pipelines during orchestration tool setup.

Version 1.19: Automatically create pipeline steps for enabled Jenkins pipelines.

Version 1.20: In the Pipeline UI, view Jenkins pipelines without showing stages that have been skipped due to branch conditions.

Version 1.24: Set change request fields and closure behavior when creating the change from a Jenkins pipeline.

Version 1.12: In addition to planning and coding tool integrations, create integrations for orchestration tools. The concept of tool capabilities is added for multi-tool support.

Version 1.15: Create subflows in Flow Designer to integrate functional and performance test tools that are not included in the integrations provided with the DevOps application. Incoming webhook notifications processing is supported.

Version 1.20: Use the Jenkins plugin for ServiceNow DevOps to report Selenium tests that are run and published by TestNG. Test type categorization is also supported.

Version 1.21: Use the DevOps API to access a change request number created in a pipeline for further interaction with the change request from the pipeline.

Version 1.22: Use the DevOps API to onboard tools and apps.

Version 1.14: View stability metrics, including mean time to repair (MTTR) and service availability, based on incident and service availability records. Use the ServiceNow Performance Analytics Solution Library to easily install and update the DevOps Insights dashboard.

Version 1.15: View a summary of four DevOps accelerated stability metrics, change failure rate, incidents, outages, and average time for change requests. In addition, view two new change acceleration widgets, including total changes submitted and average time to approve.

Version 1.12: Create more than one pipeline per app.

Version 1.12: Use the DevOps Integrations application to integrate Azure DevOps and Jenkins orchestration tools with DevOps.

Version 1.16: Use the DevOps Integrations application to integrate GitLab orchestration tool with DevOps.

• Private: Created by and visible only to the user that is logged in.
• Global: Created by an Event Management administrator; visible to all users.

• Manage contractor companies: Outsource work order tasks to third-party contractor companies by onboarding the contractor companies and their workforces. Route the work order tasks to an appropriate external assignment group from these contractor companies based on location, skills, and product models to perform the assigned tasks on your behalf.
• Field Service Contractor Portal: Use the Field Service Contractor Portal to manage agents and access all work order task-related information and activities in one central space. When work order tasks are outsourced to a contractor company, the external manager can do the following activities on the work order task:
  • Onboard and offboard agents
  • View work order task details
  • Reassign work order task to agents
  • Create the parts requirement
  • Source required parts for the task
  • Access the stockroom
  • Track work order task progress

• Notify customers of the status of their work order tasks, appointment booking, and the agent's current location through email and SMS.
• View work order task details to track the work orders that are raised.
• View the field service agent location to track the estimated arrival time and current location.
• Provide feedback on the agent service by rating the service and posting comments in the review comments field.

• Manage appointments in Agent Workspace: Manage appointments for work orders that are created from a case in ServiceNow®Agent Workspace.
• Automatically close the case when related work orders are closed: Close the case automatically when all related work orders in that case are closed.
• Automatically update the case when each work order state is updated: Automatically update the case when the state of the related work order task is changed.

• Rank agents based on the availability of mandatory parts: Rank agents based on the availability of mandatory parts required to perform the job when assigning an agent to the work order task.
• Prevent dynamic scheduling of rejected work order tasks: Prevent the dynamic scheduling of a rejected work order task to the same agent for the next 24 hours. Administrators or dispatchers can manually assign the work order task back to the same agent. As a field service agent, you can manually assign the work order task back to yourself.
• Prevent assignment of work order tasks to excluded field service agents: Prevent the dynamic scheduling of a work order task to an excluded field service agent. Administrators or dispatchers can manually assign work order tasks to an excluded agent, if required.

• Preferred assignment group: Select your preferred assignment group to route the work order tasks, such as the internal group or external group.
• Assign tasks to groups based on required skills: Assign work order tasks to an appropriate group based on the mandatory skills required to perform the task.
• Assign tasks to groups based on product models: Assign work order tasks to an appropriate group based on the covered product models required to perform the task.

• Track the current location of field service agents: Track the current location of field service agents based on the actions that they perform during the field service.
• Search for a work order and work order task: Use a keyword to search for a work order or work order task.
• Search for inventory and parts: Use a keyword to search for an asset or a part.
• Pause a work order task: Pause the timer on your work order task when you want to take a break from the task activity and then resume work when you're available.
• Log incidentals: Log incidental costs such as car rental cost, mileage, and vendor cost in your work order task to track the expenditure of the work order task.

• Specify required parts: Use the Mandatory option to specify the parts required to perform the work order task.
• Automatically reserve parts in the agent stockroom: Reserve required parts in the agent stockroom when scheduling and rescheduling work order tasks. This requirement applies to all assignment types, such as manual, dynamic scheduling, and auto assignment.
• Automatically close transfer order tasks: Automatically close a transfer order line task when the part is received and delivered within the agent stockroom.

After upgrades and deployments of new applications or integrations, run quick start tests to verify that Field Service Management still works. If you customized Field Service Management, copy the quick start tests and configure them for your customizations.

Version 9.0: Perform preliminary and General Data Protection Regulation (GDPR) data protection impact assessments (DPIA) to protect the personal data of individuals within and outside of the EU.

Version 9.0: Set up the GRC ServiceNow® Virtual Agent application to report risk events from the Service Portal. A GRC Virtual Agent chatbot helps customers quickly report a risk event. The GRC Virtual Agent chatbot also assists customers by saving their time.

Version 9.0: Set up the GRC Virtual Agent application to request policy exceptions from the Service Portal. A GRC Virtual Agent chatbot helps customers quickly request an exception. The GRC Virtual Agent chatbot also assists customers by saving their time and enhancing the customer experience.

Translations for HR cases and tasks

Enable translations on HR case and task templates so that employees can view the short descriptions and descriptions of their HR cases and tasks in their preferred language.

Employee Profile table

The Employee Profile (sn_employee) plugin provides an Employee Profile (sn_employee_profile) table that makes the employment start date and employment end date fields available outside of HR Service Delivery.

Employee relations cases

Support sensitive Employee Relations cases with tighter security and protection of privacy.

• You can create an Employee Relations (ER) case without adding an Opened for or Subject person.
• You can also create related records for allegations, interviews, and corrective actions.

Campaigns for HR Service Delivery

Provide an easy-to-use, single-page view for managing content and assembling your campaign. You can drag your stages (bundles) and content into a campaign's layout.

Rescind process for a lifecycle event case

Cancel and revert work done in a lifecycle event case with the rescind process. You can define rescind activities to notify employees and departments when a case is rescinded. These activities can trigger automated flows and revert work that has already been completed, such as the provisioning of equipment or the setting up of a workplace.

Microsoft Azure AD integration for new hire onboarding

Automatically provision relevant applications for new hires as part of the onboarding process with the Microsoft Azure AD integration. This integration requires the Microsoft Azure AD spoke in IntegrationHub. It is configured to work with the lifecycle event for new hire onboarding that is included as demo data with the Human Resources Scoped App: Lifecycle Events for Enterprise plugin (com.sn_hr_lifecycle_ent).

Sailpoint integration for new hire onboarding

Automatically provision relevant applications for new hires as part of the onboarding process with the Sailpoint integration. This integration requires the SailPoint IdentityIQ for Service Catalog v2 app from the . It is configured to work with the lifecycle event for new hire onboarding that is included as demo data with the Human Resources Scoped App: Lifecycle Events for Enterprise plugin (com.sn_hr_lifecycle_ent).

Document Templates

Create HTML and PDF document templates for generating standard letters or documents by using the Document Templates application. Multiple participants can fill, sign, and review a standard letter or a document online.

HR Service Delivery Agent Workspace

• Provide HR agents with a multi-tab interface for managing multiple cases and a heads-up contextual display that quickly orients them to their tasks.
• As an HR administrator, use guided setup to guide you through the initial configuration. You can access guided setup under HR Case Management.

HR Service Delivery Agent Workspace landing page

Provide a personalized and engaging experience for the HR agent. An HR agent can see high-priority cases, cases at risk for violating service level agreements (SLA), and cases with recent changes all from the landing page.

HR Service Delivery Agent Workspace Playbook

Provide HR agents with a singular view of Lifecycle Event cases. An HR agent can use the playbook to see the cases, tasks, time lines, and all team members who are working on the onboarding case.

Employee Document Management for HR Service Delivery Agent Workspace

• Move employee documents from a case in HR Service Delivery Agent Workspace to Employee Document Management. Employee Document Management provides a central repository that enables quick and easy identification of documents using different sorting features.
• Create and upload employee documents from HR Service Delivery Agent Workspace if you have the [sn_hr_ef.document_writer] role.
• View all the actions that have been performed on an employee document in the Audit Trail tab.

Machine learning solutions for HR Service Delivery Agent Workspace

Automatically determine the correct HR service and assignment group for an HR case in HR Service Delivery Agent Workspace.

Advanced Work Assignment (AWA) for HR Service Delivery Agent Workspace overview

Consider the effort, agent availability, capacity, and skills required for HR cases and chat based on the Skill Management and Skill Determination applications.

Configure Chat Setup for HR Service Delivery Agent Workspace

Provide a real-time messaging system that HR agents use in HR Service Delivery Agent Workspace to interact with employees.

Computer telephony integration (CTI) demo installation and configuration for HR Service Delivery Agent Workspace

Provide demo data to test the phone communication channel for inbound telephone calls in a non-production instance.

Assignment group for an HR case

Automatically determine the assignment group for a case. An HR agent can transfer the case to the correct assignment group instead of spending significant time manually identifying groups for HR cases.

Knowledge articles and catalog items

• Discover all the users who have a similar profile as the employee who has logged in to Employee Service Center or an HR Ticket page.
• Identify the top viewed knowledge articles and top submitted catalog items by those users.
• Display the top three knowledge articles and the top three catalog items to the employee.

Related knowledge articles

Display knowledge articles that help in completing HR and Content tasks in the Employee Service Center To-dos page and the HR Ticket page.

Similar knowledge articles

Discover similar information across knowledge articles that are based on the short description of the HR case and the text in the Related Search Results. HR agents can see these similar knowledge articles to help resolve a case.

• Explore pre-built common use case templates, including automatically trained models, that guide you through your predictive model implementation journey.
• Triage your HR cases correctly and reduce resolution time by using the pre-built template that automatically determines HR services for cases.
• Create and train predictive models by duplicating an existing model and selecting multiple models to test familiar data. You can also evaluate and tune the predictive models that you create.
• Test your predictive models to decide which ones are best to implement into your business process.

Keep your asset data accurate by automating the update of your asset records throughout the asset's life cycle. Automated workflows and asset tasks help you to keep accurate records of your assets and reduce manual updates to assets and their associated CIs.

After upgrades and deployments of new applications or integrations, run quick start tests to verify that Hardware Asset Management still works. If you customized Hardware Asset Management, copy the quick start tests and configure them for your customizations.

If you have not set up billing in Cloud Provisioning and Governance and have downloaded and activated the Cloud Insights store app on your ServiceNow instance, you are automatically directed to the Cloud Insights home page for cloud billing.

Make sure the ITOM Visibility [com.snc.itom.vis.license] plugin, Discovery [com.snc.discovery] plugin, and Configuration Management for Scoped Apps (CMDB) [com.snc.cmdb.scoped] plugin are installed and activated and that you have upgraded to the Paris release.

• Discover certificates used by the ULRs/endpoints with Service Mapping.
• Discover TLS certificates from the Certificate authority.
• Take advantage of external storage credential support for discovery of TLS certificates from GoDaddy and DigiCert.
• Discover certificates using net new patterns for TLS certificate discovery from Sectigo and Entrust.
• Bulk import certificates by using a URL discovery schedule.

Enhanced notification features provide the following capabilities:

• Create events and alerts for expiring and expired certificates if the Event Management plugin is installed.  
• Be notified in Slack of expiring and expired certificates using the Discovery property glide.discovery.certs.slack_channel_id.

Trigger multiple Discovery patterns for a related collection of data with Pattern Orchestrator. This process reduces issues with large datasets that can cause slow discoveries and out-of-memory issues on a MID Server. Track and manage the flow of pattern executions with new components such as Trigger Rules, Pattern Outputs, and Pattern Inputs.

MID Server Resource Reservation

Reserve resources before a task is assigned to a thread. If the resources the task needs aren’t available, that task waits in the MID Server’s work queue while other tasks are assigned to the thread. Enable this capability through the MID Server parameter mid.probe.wait.resources.

ServiceNow provides an out-of-the-box solution that tests each Windows host on a host-by-host basis. It will run the legacy WMI if your remote Windows systems are not running PowerShell or your MID Server cannot access the admin$ share folder. If you have PowerShell and access to the admin$ share folder, the enhanced WMI will be used.

If you previously downloaded the update set, remove it prior to upgrade. The out-of-the-box solution will determine WMI use dynamically. See the Windows Discovery on Madrid Patch 3 and later - known issues and workarounds [KB0753561] article in the HI Knowledge Base for more information.

• AWS (large payload enhancement)
• Kubernetes Istio (extension)
• OpenStack
• VMware NSX
• Cisco network switch (WAP extension)
• Palo Alto firewall
• Fortinet firewall
• Juniper firewall

Get familiar with virtual agent technology to improve your ITSM self-service experience with a streamlined conversational interface.

• Search Fallback Topic: Dynamic topic that runs a search of knowledge base articles and catalog items when no existing conversation topics match the users' query. Integrates with catalog and knowledge base search.
• Create incidents With Similarity (Template): Prevents duplicate incidents.
• Dynamic Greeting Topic: Dynamic topic with a time-based greeting that references users by their first names, and includes any outage, incident, and request information.
• Report IT Issue (Template): Provides an additional create incident option for utilizing a record producer to dynamically drive the report IT issue conversation.
• Manage Office 365 Group (Template): Provides automation with Microsoft Office 365 group.
  Note: This topic is only available with the activation of the Microsoft Azure AD for IntegrationHub (com.sn.azure_ad.spoke) plugin.

• Escalate IT Ticket
• Service Disruptions
• Email Setup
• VPN Connectivity
• Guest WiFi Access

Check the ServiceNow Store for IntegrationHub spokes released on an ongoing basis.

• Allocate funds to investments in addition to the received funds. You can keep a certain percentage of funds over the received funds as a buffer, and use these funds when there is any additional requirement.
• View the past funding history of investments in a graphical form in the Allocate Funds grid. This enables you to view the funding details of your child investments for past fiscal periods.

• Create new entity records while adding entity records to allocate funds without having to navigate to the source entity form. You should have sufficient privileges for the source entity to create it from the allocating funds slider.
• While creating investment entities, you can select entities that are enabled for funding only for that entity based on a hierarchical order. For example, a portfolio entity can fund a program, a program can fund a project, a project can request from a program, and a program can request from a portfolio.

After upgrades and deployments of new applications or integrations, run quick start tests to verify that Investment Funding still works. If you customized Investment Funding, copy the quick start tests and configure them for your customizations.

Self-service experience for employees to submit and track legal requests

Enable your employees to submit and track legal requests through omni-channels support through a web portal, mobile app, or virtual agent chat. Guide them to relevant articles in the legal knowledge base for common legal services queries.

Practice area and Intake forms to enable a structured legal intake

Use a structured legal intake process to capture the right information upfront. Set up legal intake forms for different practice areas. Configure assignment rules and fulfillment checklists, define service level agreements (SLAs), and associate legal matter templates for intake forms.

Automated workflows to enable the legal department to resolve requests more efficiently

Resolve legal requests faster via automated workflows that route requests to relevant legal groups within the legal department. The paralegal staff and lawyers can track, prioritize, and work on multiple requests concurrently. Workflows can also populate preconfigured fulfillment checklists and provide a guided mechanism for the legal department to resolve assigned requests more efficiently. The automated workflows and prioritized legal work along with the structured legal intake provide the legal department with more time to focus on high-value work.

Legal Service Delivery Dashboard to provide actionable insights

Gain real-time, actionable information about legal requests and legal matters with the Legal Service Delivery dashboard and analytics.

Legal matters for cross-departmental collaboration and phased approach

Enable the promotion of legal requests that need substantial time or cross-departmental collaboration to resolve. Legal department users with privileged access can also create a legal matter directly. A legal matter provides record-level security to protect sensitive information. Complete the necessary legal work through these legal matters by creating phases, tasks, milestones, and to-do checklists for fulfillment, and add relevant artifacts supporting the resolution.

Relate multiple similar legal requests to a single legal matter or associate a single legal request to multiple legal matters.

Legal matter templates to standardize the process of resolving a legal matter

Enable standardized processes that adhere to organizational policies and procedures using legal matter templates for handling and completing legal matters. Configure these templates to set the default values for specific fields, add phases and tasks, provide standard workflows, and associate the templates to intake forms across various practice areas.

Phases and tasks in a legal matter to organize legal work

Enable lawyers to logically break down legal work into various phases and tasks in a legal matter. Lawyers can collaborate with other departments in the organization through these tasks to resolve legal requests and matters.

Legal matter artifacts to store documents and relevant data

Create artifacts (folders) to store various documents and data supporting the resolution. Associate these artifacts with legal matter tasks so task owners have access to and can provide relevant documents and reference materials.

Milestones to track the progress of a legal matter

Add calendar events to define key milestones in a legal matter and track progress by associating the events to matter tasks.

Conflict of interest disclosure request and approvals

Manage the disclosure, approval, and registry of potential conflicts of interest arising from employees with competing interests or loyalties.

Configurable approval flows based on the organization's Conflict of Interest (COI) policy

Configure multi-level approval flows in compliance with your organization's COI policy and based on different types of conflicts of interest.

Automated reminders to requesters before the expiry of their conflict approvals

Enable and set automated reminders to requesters before the expiry of their COI disclosures. Employees can review them and update the request to obtain the legal clearance again. They can obtain fresh approvals for the period extension or revised conditions that might pose a risk of potential conflict with the primary employer's duties.

Digital forensic investigation on custodial and non-custodial data

Submit a legal request to investigate custodial and non-custodial data to collect, preserve, analyze, and present digital data evidence for internal investigations or litigation. Lawyers can work on these legal requests to resolve the digital forensics queries.

Data source management

Define data sources that requesters can select as a source of potentially evidential data while submitting a digital forensics request. For a data source, you can also define fulfillment instructions and to-do checklists to help lawyers in resolving the request.

Integrated privacy approval flow

Get approval for the processing of custodial and non-custodial data in a digital forensic request from the legal privacy group using the integrated approval flow. This approval flow automatically sends the custodial and non-custodial data in the request to the legal privacy group before the lawyers start working on it.

Predefined standard digital forensic tasks using legal matter templates

Promote legal requests to legal matters using matter templates that create predefined tasks in the legal matter to complete the requested actions on digital evidence.

Legal requests for contracts

Submit legal requests for creating contracts, such as Non-disclosure Agreement, with third parties such as vendors, customers, and partners. The legal department can manage and process them from a centralized location.

Document templates for standard contracts

Define document templates that employees can use when submitting a contract request. These templates help to generate a standard legal contract with predefined content.

Integration with Adobe Sign and DocuSign for electronic signature

Integrate Adobe Sign and DocuSign to enable electronic signatures on contract documents from both external and internal signatories.

Integration with Box to store signed contracts

Integrate Box to store the signed contract documents.

Stock preclearance approvals before trading securities

Submit a legal request to obtain preclearance from the legal department to trade in the securities of your organization.

Access Persons list

Manage the Access Persons list of users who have access to your organization's non-public information.

Trading windows and trading holidays

Manage the trading windows during which employees are permitted to trade in your organization's securities. Add trading holidays during which the trading is closed.

Key metrics and easier tracking of all legal requests and matters

View all legal requests, legal matters, matter tasks, milestones, and pending approvals on the Legal Counsel Center home page. Gain insight into the legal services demands using key metrics and trends. Triage and manage legal intakes with specific highlights on the most urgent items.

Counsel Assist to quickly access relevant information

Access relevant information quickly to efficiently resolve assigned legal requests and legal matters. Predictive intelligence for contextual search enables you to find and view legal requests and legal matters similar to assigned requests and legal matters.

Self-service through Virtual Agent

Enable conversational interaction for employees to access legal knowledge base articles, submit legal requests, and check the status of requests. Employees can also connect to a live agent for legal queries and support at any time during a chat.

Mobile experience for employees to get legal support

Employees can get legal information and support through their mobile device. They can submit legal requests and track the status of requests, and read knowledge articles using the Now Mobile app.

Mobile experience for legal department to fulfill legal requests and legal matters

Legal department users can resolve legal requests, legal matters, and matter tasks assigned to them using the ServiceNow Agent app.

Use MID Server parameters to configure the behavior of individual MID Servers.

• mid.probe.wait.resources: Indicates whether probe execution is delayed until resources are available. Used to enable MID Server Resource Reservation.

As part of the MID Server selection algorithm, a new wildcard (*) value has been added to the MID Server capabilities field. The MID Server uses priority-based selection, and capability with the name "ALL" has the least priority.

Use campaigns to deliver messages and important information to your users. Campaign content displays in a carousel format, which scrolls automatically until you interact with a campaign card. Campaign cards can be text, image, and video. Users can interact with the promotional displays by either viewing videos, being redirected to web pages, or navigated to defined areas on their mobile device.

ServiceNow mobile apps are authorized for use within the GovCommunityCloud (FedRAMP High / DoD impact level 4) environment. As part of the accreditation, ServiceNow mobile apps include the following:

• FIPS 140-2 validated encryption when connecting to GovCommunityCloud instances
• Enforced device pin or biometric enablement when connecting to GovCommunityCloud instances
• Locally stored app data such as user preferences and offline data are encrypted
• Automatic enablement of the blur feature when the app is in the background

Mobile platform supports Edge Encryption, where users can view and edit encrypted data. All configuration settings are performed in the web-based UI. ServiceNow® Edge Encryption encrypts sensitive data on your company premises before sending it over the internet to your ServiceNow instance (encrypted in flight), where it remains encrypted at rest.

Mobile dashboards support the display of bar and donut charts in addition to the other time series reports available. Users can view dashboard previews in an applet launcher and drill down to display an interactive chart visualization for the report or widget. Also, users can tap on the chart to view records and perform actions.

Administrators can include actions with push notifications. Users can perform push notification actions without opening the app.

An additional UI section called navigation enables you to jump to multiple areas in the mobile app, including: applets and applet launchers.

Administrators can configure a screen to inherit a name from a previous screen selection. These dynamic names can be used with grouped lists, where the selected group name becomes the header on a subsequent screen. Alternatively, a field in a form can be used as a header in a different screen.

Configure the force local login option to provide local login experience on mobile apps, even when the instance is configured with Single Sign On (SSO) configuration. You can configure this feature independently on any available ServiceNow® app.

Now Mobile supports domain separation at the Basic level. Users in organizations that support multiple domains can easily identify for which domain the records are created or edited. This ensures that they do not mix or access data by mistake across domains. The mobile UI design clearly indicates the domain which a record is associated with. The configuration for domain separation is performed in the web-based UI.

• com.snc.notify.default.conference_call_follow_on_call_escalation: Helps to ensure the On-Call escalation hierarchy when a user group is added to a conference call.
• com.snc.notify.default.on_call_escalation_level: Enables you to fetch the number of users from the group escalation plan.
• com.snc.notify.default.conference_call_escalation_workflow: Requires the sys_id of the default workflow to be attached when escalating the conference call.

View Performance reports on the On-Call Premium dashboard to see performance metrics across groups.

You must have the Premium Dashboard User role [rota_prem_dashboard_user] to view the dashboards.

• On-Call: Assign by Acknowledgement
  • Added Slack as contact method.
  • Ability to log escalation activity.
  • Resume the workflow immediately after rejection.
  • Catch-all users are treated like all other escalation users: A response is expected and the incident might be assigned to them based on their response.
• On-Call: Escalations by Email
  • Ability to log escalation activity.
  • Catch-all users are treated like all other escalation users: A response is expected and the incident might be assigned to them based on their response.
• On-Call: Assign
  • Ability to log escalation activity.
• On-Call: Assign And Notify
  • Ability to log escalation activity.
• On-Call: Conference Call Escalation
  • Ability to log escalation activity.
  • Resume the workflow immediately after a user has joined the conference.

• A list of the indicators you can access. Click on an indicator to see the KPI Details.
• Analytics Q&A, where you can ask questions about analytics in natural language

• Configure new data visualization components in Workspace: Create time series, single score, bar, pie, and donut visualizations from table and indicator data with the Data Visualization configuration. This component configuration enhances the Workspace Experience when building a landing page with UI Builder.
• Access KPI Details from the Reporting and PA Widget configuration: Select a PA widget on a workspace landing page to explore and analyze indicators. From there, you can see trends and breakdowns for your key performance indicators.
• Auto-refresh single score widgets and reports: Configure single score reporting widgets from the Reporting and PA Widget configuration to refresh automatically. The Live refresh rate parameter complements Single score live updates, which you can set to refresh in intervals of seconds.

For new Paris installs, the default value for this property is private. When you upgrade instances, for example, from Madrid to Paris, the value continues as public, but you can override it in this property.

Version 10.0: Eliminate the task of providing repetitive responses for similar assessments by grouping control attestations or risk assessments. Provide the same evidence to all grouped assessments or respond to individual assessments in the same user interface.

Version 10.0: Send out policies for review and acknowledgment by employees to meet compliance requirements.

Version 10.0: Enable other application users to request policy exceptions and manage both policies and policy exceptions in a centralized place. This feature provides a generic framework for all ServiceNow applications to integrate to GRC policy exception management capability for centralized management of exception requests.

Version 10.0: After upgrades and deployments of new applications or integrations, run quick start tests to verify that Policy and Compliance Management still works. If you customized Policy and Compliance Management, copy the quick start tests and configure them for your customizations.

Link to knowledge base articles to solve your most common incident cases or link to the Predictive Intelligence application to view and learn more about machine learning solutions.

Use auto-trained Predictive Intelligence models or create and train new models. Then evaluate and tune these models. Test your predictive models with a familiar data set and integrate the best models into your business processes.

Create new predictive models by duplicating an existing model and refining them to recommendations based on your data.

View the progression of your use cases by state, such as, in progress or completed.

Access embedded help in Predictive Intelligence Workbench.

Access the Predictive Intelligence for Incidents dashboard to monitor your predictive models and associated statistics. Correlate business metrics to machine learning metrics to communicate the value of Predictive Intelligence to stakeholders.

Gain a clear understanding of how machine-learned predictive intelligence supports your business goals and adds value to your experience.

Demonstrate the strategic, operational, and automation value of predictive intelligence by monitoring the most granular data and creating sharable reports for continued value.

• Use Predictive Intelligence and machine-learning algorithms to search and view similar demands while creating a demand. For more information, see Predictive Intelligence for Demand Management.
• Create work items in Scrum and SAFe entities such as a story, epic, or feature from your demand so that you can execute your demands using Agile methodologies. For more information, see Create an artifact from a demand.
• Retain demands that are a large multi-year investment, as approved demands so that you can use them to fund one or more programs, projects, or epics. For more information, see Create a demand.

• Search and view similar projects using Predictive Intelligence and machine-learning algorithms while defining a project. For more information, see Predictive Intelligence for Project Management.
• Retain the start and due date of a demand when it is converted to a project as the Approved start date and Approved end date for the project. These dates help you to track the dates when the demand was converted to a project. A visual indicator helps you identify when the planned start or end date falls before or after the approved start or end date. For more information, see Define a project.
• Pre-date a project task by moving the task's Planned start date earlier than the project's start date. You can then start your project earlier than expected and accommodate tasks that need to be completed before the start of the project.
• Define task dependencies between project tasks using two new task constraint types: Start no earlier than and Start no later than.
• Identify scheduling conflicts between tasks by checking for a constraint type icon in the Planning Console. This indicator enables you to identify such tasks without scrolling through all tasks.
• Compare schedule baselines of a project to see the differences in the schedule for the project. The following columns have been added to the Planning Console for viewing and comparing schedule baseline details:
  • Baseline start date
  • Baseline end date
  • Baseline variance
• Apply multiple templates to insert common tasks into an existing project.
• The Decision record information for a project has been added to the Project Status Report for a more consistent experience and to include information for all RIDAC records.
• The following fields have been added to the Risk, Issue, Actions, and Request Changes areas of the Project Status Report to provide additional information and a consistent user experience:
  • Assigned to
  • Due date
  • Approval
• Project import and export
  • Import a Microsoft Project file to your ServiceNow instance from the Planning Console. For more information, see Update a project using a Microsoft Project file.
  • Select the calculation method for calculating project dates when importing a project.
  • Import project tasks for multiple projects from different file types such as an import set or transform maps. For more information, see Import project tasks for multiple projects.
  • Export the project data including sub-projects and project tasks in MPP, XML, and CSV format from the Planning Console. For more information, see Export project data.

• Plan your portfolio based on resource capacity for a single year or multiple years. For more information, see Annual and multi-year resource capacity-based planning.
• Create scenarios to plan for a single portfolio or all portfolios in your organization.
• Manage your multiple year portfolio planning using smaller planning windows for continuous tracking and planning adjustment. For more information, see Configure the scenario planning type and scope.
• Allocate budget to demands and projects in your portfolio based on the target derived from Investment Funding. For more information, see Set target budget for a fiscal year.
• View demands and projects with over-allocated resources. For more information, see Select demands and projects for portfolio planning.
• Use pagination and filters to refine your list and better manage large number of demands and projects.

• Confirm or allocate users for a specific time period from the Allocation Workbench so you can make booking decisions for a specific period rather than the complete duration of the project.
• Replace one user's allocation with another user from the Allocation Workbench to accommodate situations like a user taking leave during a project.
• Shift allocations of a user to a future date to accommodate situations where planned work for a specific user of a group or role resource plan needs to be shifted to a future time period. If the dates of the shifted resource allocations are beyond the resource plan end date, the resource plan is extended.
• Retain the resource plan state, booked resources, and planned daily contour when you move a project. On moving the project, the resource plan is reallocated or reconfirmed based on the resources’ availability in the future time period to which the project is moved.
• Move a resource plan and its allocations to a future date from the Allocation Workbench.
• Track the actual effort and actual cost of resources through operational resource plans.

After upgrades and deployments of new applications or integrations, run quick start tests to verify that Project Portfolio Management still works.

GRC integration with Thomson Reuters Regulatory Intelligence, Version 1.0.7: Integrate with Thomson Reuters platform using the framework and guidelines provided in the GRC: Regulatory Change Management application.

Use the GRC integration with Thomson Reuters Regulatory Intelligence application and receive the regulatory alerts and changes in your ServiceNow instance.

• Configure new data visualization components in Workspace: Create time series, single score, bar, pie, and donut visualizations from table and indicator data with the Data Visualization configuration. This component configuration enhances the Workspace Experience when building a landing page with UI Builder.
• Access KPI Details from the Reporting and PA Widget configuration: Select a PA widget on a workspace landing page to explore and analyze indicators. From there, you can see trends and breakdowns for your key performance indicators.
• Auto-refresh single score widgets and reports: Configure single score reporting widgets from the Reporting and PA Widget configuration to refresh automatically. The Live refresh rate parameter complements Single score live updates, which you can set to refresh in intervals of seconds.

• User health and willingness to return to work.
• Building readiness.
• Personal protective equipment inventory.
• Active contact tracing cases.
• Potentially exposed contacts under investigation.

Work Progress Status for SAFe provides a green, yellow, and red (GYR) progress status on SAFe epics and features to indicate whether the work is likely to be completed by the item's planned end date. It also provides an estimated completion date based on the rates at which the scope of work is changing and the work is being completed.

Use the new program-level roadmap view for your agile release train. You can track your program increments (PI) on a visual task board and assess what features you could be working on in the future PIs.

By splitting complete and incomplete stories into different features, you can maintain accurate metrics of the previous sprints and program increments.

After upgrades and deployments of new applications or integrations, run quick start tests to verify that Essential SAFe still works. If you customized Essential SAFe, copy the quick start tests and configure them for your customizations.

Users with the admin role can now hide matching record counts in global search by setting the sn_global_searchui.hide_results_count property to true in the System Properties table.

• Support for STIX 2.0 and 2.1 standards
• Modules for STIX 2.0 and STIX 2.1 objects and relationships
• STIX visualizer for visual representation of various STIX objects and relationships
• Minor enhancements to the TAXII client

• Discover Microsoft Graph Security API alerts that are candidates for security incidents and automate the creation of security incidents.
• Map alert fields to security incident fields.
• Aggregate similar alerts to existing open security incidents.
• Validate your mapping with a preview of the alert field values in a security incident.
• Receive automatic alert status updates when security incidents are created or closed.
• Set up scheduled ingestion of alerts to create security incidents periodically.

Version 10.1: Starting with version 10.1, the IBM QRadar API-authorized service token is used for authentication for both IBM QRadar on-premises and QRoC.

Version 10.4: The IBM QRadar rule selection logic has been updated to fetch all offenses generated by System, Override, and User active rules.

• When a notable event correlation rule is disabled or inactive in Splunk Enterprise Security, profile settings (for example sample events, mappings) are retained. Rules must be de-selected and replaced. When new settings are created existing settings (for example sample events, mappings) are erased.
• Suppressed notable events in Splunk ES are excluded during an ingestion of events without additional filtering required.
• Updated the polling mechanism for profiles to create an overlap window between successive polls to ensure that no notable events are missed within a specific interval.
• When two or more Splunk ES fields are mapped to a single SIR field, for example Description, and if one Splunk ES field value is NULL or empty, the SIR field populates the remaining non-NULL field values.
• Notable events are ingested even if the correlation rule has special characters, such as the backslash (\), extra spaces at the end of the rule name, and other special characters (~!@#$%^&*()_+{}[]“:;‘?><,./|\).
• New in 11.0.0: You can copy Splunk Enterprise Security profiles settings from one Now Platform instance to a different Now Platform instance using the export/import capability. The settings you can export and import include profile name, correlation rules, mappings, filters, aggregation criteria, field translations, fetched sample data, scheduling, and configuration tile source information.

• Equip security analysts with MITRE-ATT&CK tactics, techniques, and procedures (TTPs) to better analyze and respond to security incidents.
• Automate the incident work flows using the playbook for detecting and containing threats in the context of MITRE-ATT&CK framework.
• Prioritize indicators of compromise and threat hunting with MITRE-ATT&CK information.
• Understand the high-level security posture of your organization in the context of MITRE-ATT&CK framework.

• Map multiple fields for configuration items and observable fields when there are multiple raw base events that are related to a single alarm.
• Search for LogRhythm alarms and events in the mapping section.
• View raw events in a separate related list for raw base alarms.
• View all the raw base alarms by using a new navigation link that has been added to the LogRhythm Drilldown Event module.

• Searches the junk folder for matching phishing emails and deletes them when you initiate an Microsoft Exchange Online search and delete action.
• A security tag is applied to a security incident, and a work note is created when the search and delete action fails.
• An error email notification is sent to a group, and a work note is created when the Microsoft Exchange Online credentials expire.

The following features have been updated for the Microsoft Graph Security API alert ingestion integration:

• Discover Microsoft Azure Sentinel incidents that are candidates for security incidents.
• Map appropriate Microsoft Azure Sentinel incident fields to Security Incident Response security incident fields.
• Setup of scheduled ingestion of incidents.
• Automatically create security incidents on an ongoing basis.
• Capture the details of the Microsoft Azure Sentinel incidents in the SIR incident fields to help in reporting and automation.

• Specify who you want to submit the request for using the Requested For variable type
• If required, configure the Requested For field on the RITM form. This field automatically stores the Requested For variable.
• Allow delegated requests for a catalog item using its Access Type field, where you can specify if a request can be submitted for a user who does not have access to the catalog item.
• Submit a single request for an item on behalf of multiple users in Service Portal

• Browse catalog items using the catalog hierarchy in addition to the category hierarchy
• Sort categories by the Order field
• Define the non-availability behavior of a catalog item by making it discoverable but not viewable, or not available at all
• Define the availability of a catalog item in one of the following ways:
  • Include the catalog item with Availability set to Desktop only in Now Mobile.
  • Specify catalog item types to exclude in Now Mobile.
• Specify colors for buttons to match your mobile theme
• On-load catalog UI policies (non-scripted) are supported for variables in record views, for example, requested item and incident
• Use the mobile camera to scan bar codes for identifying a variable value of a catalog item

• Include multi-row variable sets in the GetCatalogVariables and CreateCatalogTask actions using Flow Designer
• Iterate through individual rows and access variables using the For Each flow logic
• Include multi-row variable sets while creating a catalog task using a workflow

Use the SLA timer component to visually display the status of the task SLA. The SLA component enables you to track the time required to complete the task as defined by the matching SLA definition. You can also view the additional details of the task in the tooltip.

• sla_timer_config
• sla_timer_config_mapping

• sla_timer_config
• sla_timer_config_mapping

After upgrades and deployments of new applications or integrations, run quick start tests to verify that Service Level Management still works. If you customized Service Level Management, copy the quick start tests and configure them for your customizations.

Differentiate between service types by the icon and tag line displayed in Service Owner Workspace.

View application and technical services and offerings related to business services in the Service Owner Workspace Related Services and Related Offerings tabs.

• Problem
• Change
• Continual Improvement Management
• Incident

View catalog items related to a service offering in Service Owner Workspace from the offering page Info tab. Click to open a catalog item to drill down into more details.

Monitor fulfilled requests for all associated catalog items in the Offering Activity metric.

View the Services I depend on tab to see any service offering dependencies at the parent service level via a card with a highlighted label reading Inherited relationship.

After upgrades and deployments of new applications or integrations, run quick start tests to verify that Service Owner Workspace still works. If you customized Service Owner Workspace, copy the quick start tests and configure them for your customizations.

Create offerings as children of technical services. Technical offerings are created in the Service Offering [service_offering] table using technical services created in the Technical Service [cmdb_ci_service_technical] table.

Designate technical service offerings as I depend on or Depends on me via form related lists.

When an outage is opened against a service, the system adds all child offerings to the Affected CI related list on the outage form, affecting all child offering availability. An outage record is then created for each offering. A pop-up notifies you that the outage affects all child offerings. The offerings can be removed from the Affected CIs related list if needed.

Directly reference a service offering as the target of a problem, change, or incident for consistency with the Common Service Data Model (CSDM). The system filters available offerings based on the service selected.

View and define the Service Model reference field added to the Service and Offering forms to integrate with the CSDM.

After upgrades and deployments of new applications or integrations, run quick start tests to verify that Software Asset Management still works. If you customized Software Asset Management, copy the quick start tests and configure them for your customizations.

• Create, view, edit, enter notes, and submit time cards from a mobile device as a time sheet user.
• View, approve, reject, or recall a time sheet or time card from a mobile device as a project or user manager.

• The analytics_admin and web_analytics_admin roles allow users to manage all web and mobile applications or only web applications respectively.
• The analytics_viewer and web_analytics_viewer roles allow users to view web and mobile applications in the Dashboard or only web applications respectively.

Create an improvement initiative for a vendor to track and manage tasks for improving a service, process, or tasks that are related to vendors.

Version 10.0: After upgrades and deployments of new applications or integrations, run quick start tests to verify that Vendor Risk Management still works. If you customized Vendor Risk Management, copy the quick start tests and configure them for your customizations.

• Security through provider authentication and user authorization
• Keyword and NLU support for conversations
• Live Agent and Virtual Agent chat
• Rich control transformation to render the conversational experience in the customer's chat interface
• Support for long-running conversations as well real-time messaging

• Limit the number of jobs that can run at the same time with Job concurrency.
• Specify the amount of data (number of items) that you process with specific jobs.
• Cancel jobs.
• Specify the total number of background jobs that are processed in parallel, regardless of the job type.

• Port
• Protocol
• Asset ID
• Proof

See Vulnerability Response upgrade information for more information.

• Key Performance Metrics (KPIs) for vulnerability remediation
• Highlights for areas in the business that have the highest risk
• Recommended actions to lower risk

The NVD integrations prior to v 13.0 of Vulnerability Response have been deprecated.

• Reapply the CI matching rules on discovered items with unmatched CI states on-demand.
• Reapply CI lookup rules on selected discovered items.
• The following updates occur if the link between a discovered item and a CI is changed after reapplying the lookup rules:
  • Open vulnerability detections are updated.
  • Corresponding VI-CI associations are updated for active VIs.
  • Assignment rules, group rules, risk scores, risk ratings, and remediation targets are reevaluated.
  • Discovered item status is updated accordingly. For example, discovered item status changes from Unmatched to Matched

On assignment rules, remediation target rules, and vulnerability calculators records and forms, the search text you enter in the condition builder is not case-sensitive. You do not have the option to enable case-sensitive searches on these records and forms.

• Agile Development Status
• Vulnerability Summary
• Vulnerability Explanation
• Recommendation

With Vulnerability Assignment Recommendations, view a short list of the most appropriate assignees for vulnerable items and vulnerability groups along with confidence scores for each recommendation. Reduce the time you spend chasing down ownership issues across your organization as you discover vulnerabilities and are unsure where they need to go for remediation. Vulnerability Assignment Recommendations is available with a separate subscription from the ServiceNow® Store.

The CMDB CI Class Models app dependency for this feature is installed automatically with Vulnerability Response and may take some time to install.

Import the flaws (vulnerabilities) resulting from Veracode Dynamic Application Security Testing (DAST) and prioritize and efficiently drive remediation of detected flaws from within the Vulnerability Response application. Imported flaws are automatically assigned to the right team with a risk score and a remediation target date based on the rules you define.

Imported vulnerabilities are further enriched with the CWE imported from MITRE.

Quickly gain insight into your security posture and remediation trends, and view applications with the most critical, overdue vulnerabilities with Scoreboard.

Application Vulnerability Response supports the ServiceNow Vulnerability Response Integration with Veracode.

• This feature is available starting with v 10.3 of Vulnerability Response and v 10.1 of Governance, Risk, and Compliance.
• Obtain better visibility about exceptions raised for vulnerabilities.
• Request policy exceptions for vulnerable items or vulnerability groups for a specific duration.
• Route requests through multiple approvals based on risk rating, policy, and control objective associated with an exception.

See Allow policy exception requests from other applications for more information.

• Critical and High Risk
• Exploitable
• Approaching Target
• Missed Target
• Within Past 90 Days
• Older than 90 Days
• Ungrouped
• All

New indexes have been added on the vulnerable items table to improve performance.

With auto-close stale vulnerable items, you have the option to automatically close older vulnerable items not recently detected by your third party integrations. Set a time period and choose if you want to close VIs by their last-found dates, or by dates when assets were last scanned.

After upgrades and deployments of new applications or integrations, run quick start tests to verify that Vulnerability Response still works. If you customized Vulnerability Response, copy the quick start tests and configure them for your customizations.

• You have two options in the Setup Assistant for your authentication with the Tenable.sc product:
  • API Key Authentication.
  • User authentication.

  With these authentication options, you can continue using your FIPS-compliant solutions with v5.12 and earlier of the Tenable product.

  See the product documentation and Vulnerability Response integrations upgrade information for more information.

• The Tenable query filter you select in the Setup Assistant also applies to the Tenable.sc Assets Integration. Only the assets with the vulnerabilities that match the conditions of the query filter are imported. This filter can help you reduce the number of assets and vulnerable items you import so that you can focus on the assets and vulnerabilities you want to see.
• For the Tenable.io assets integration, Last Scan Time is imported and updated only for assets that have vulnerabilities.
• The Backfill Vulnerabilities Integration for the Tenable.sc product is available.
  • Import both open and fixed vulnerabilities that might have been missed over the last seven days to update your detections and vulnerable items.
  • This integration is disabled by default. See Vulnerability Response integrations upgrade information for more information.

• Run a healthy security program and reduce organizational risk.
• Use this integration infrastructure to help you reduce organizational exposure, harden endpoint surface area, and increase organizational resilience.
• Match imported assets to configuration items (CIs) present in the Configuration Management Database (CMDB), using the existing Vulnerability Response CI Matching framework.
• Create CIs for assets not found in the CMDB with the Identification and Reconciliation engine (IRE) framework.

• Identify the assets across your environment that have the same IP addresses.
• Create CIs or update existing CIs for assets with unique network partition identifiers.
• CMDB CI Class Models include the Network Partition Identifier in the IRE identification rules.
• Update your existing CIs with by running a scheduled job on-demand or wait for the next scheduled job to create CIs.

• Updates from solution imports are processed in the following cases:
  • When new solution data is released.
  • When existing solution data is updated.
  • When any manual change impacts solution metrics.
• The Calculate Related Counts for All Solutions job processes solutions data once nightly instead of continuously. This job is disabled by default.
• Solutions data is queued and processed separately from all the import changes by the Process Vulnerability Solution Metrics Queue scheduled job.

• Scan results on vulnerability scan records.
• Vulnerable items updated by scans.
• Details about any assets that were not reached during scans.
• See Vulnerability Response integrations upgrade information for more information about this feature.

• Identify the assets across your environment that have the same IP addresses.
• Create new CIs or update existing CIs for assets with unique network partition identifiers.
• CMDB CI Class Models include the Network Partition Identifier in the IRE identification rules.
• Update your existing CIs with by running a scheduled job on-demand or wait for the next scheduled job to create new CIs.
• See Vulnerability Response integrations upgrade information for more information about the requirements for this feature.

The NVD integrations in Vulnerability Response prior to v13.0 have been deprecated.

After upgrades and deployments of new applications or integrations, run quick start tests to verify that Vulnerability Response still works. If you customized Vulnerability Response, copy the quick start tests and configure them for your customizations.

As a manager, provide dedicated coverage by planning and managing shifts, schedules, and time-off requests for your team from a single location.

As an agent, manage your own schedule by swapping shifts with your peers or making time-off requests.

• Organize your teams into assignment groups, add Key Performance Indicators (KPIs) to measure the groups within that team, and monitor team performance from a single location.
• Associate a user with a KPI group as their primary assignment group.
• Assign additional managers to that group to provide visibility into your teams.
• Drill down into the data and analyze performance across teams, incidents, or an agent.

• Identify coaching opportunities from critical points in the process that need improvement.
• Automatically generate assessments to measure the quality of completed tasks.
• Use surveys to apply consistent, measurable scores that highlight exceptional moments of service or areas that need attention.

• Author and publish catalogs of services that your enterprise customers can request from their own ServiceNow instance).
• Rapidly establish integration between your ServiceNow instance and the ServiceNow instance of your enterprise customer.
• Fulfill service requests on your own ServiceNow instance that are generated from your enterprise customer's ServiceNow instance.

• Use your IT Service Catalog to submit service requests to your CSP from your own ServiceNow instance.
• Monitor the status of your service requests from your own ServiceNow instance.