Skip to main content Skip to search

Powered by Zoomin Software. For more details please contactZoomin

Major Security Incident Management roles

Watch

Save as PDF

Share this page

Feedback

Print

Table of contents

Security Operations

HomeWashington DC Security ManagementSecurity OperationsEnterprise security case management applicationsSecurity Incident ResponseMajor Security Incident ManagementExploring Major Security Incident ManagementMajor Security Incident Management roles

Table of Contents

Major Security Incident Management roles

Release version:
Washington DC
Yokohama
Xanadu
Vancouver
UpdatedFeb 1, 2024
2 minutes to read

Washington DC
Security Operations

Assign roles to ensure that users can perform all necessary actions within the MSIM application.

Table 1. Roles for Major Incident Management
Role Type	Role	Description
MSI Administrator	sn_msi.workspace_admin	Can I install and configure Major Incident Management and set up the dependent applications such as File Explorer (FE), Microsoft Teams and Chat Channel configuration, Workspace setup, and MSI Administration: Configurations and Notifications setup. How to set up: File Explorer (FE) component: Configure file repository. Configure file and folder actions, which are provided on the File Explorer component of the Collaboration tab in the Major Security Incident Management workspace. Create the root folders and subfolders, and provide access to the subfolders. Chat channel management Activate and configure Microsoft Teams by validating Microsoft Teams connection. Create chat teams and chat channels, and add users and assign users to the various user groups. MSI Administration: Configurations: Configure the security analysts actions, notifications sent when incidents are proposed and promoted, and display tags for the security incidents. Notifications: Automate email notification process and user notifications when a security incident is either proposed or promoted as a major security incident.
MSI Manager	sn_msi.workspace_manager	View access to the major security incident management configuration settings page. Restricted from modifying any of the configuration settings. View and edit incident record data in the Details, Collaboration, and Task Organizer tabs of the Major Incident Management workspace. Promote the security incident to a major security incident. Configure file and folders actions available on the File Explorer component on the Collaboration tab of the Major Incident Management workspace. Linking and unlinking additional records to Major Security Incidents from the workspace.
MSI Responder	sn_msi.workspace_responder	Optional role to view, edit, and respond to major security incidents in the Details and Tasks tabs of the Major Incident Management workspace. Linking and unlinking additional records to Major Security Incidents from the workspace.

Related Content

Major Security Incident Management
Track and manage various activities that are typically part of resolving a major security incident through Major Security Incident Management. Through an intuitive workspace, incident managers and those working on an incident can propose and promote incidents to major incidents, track major security incident activities, and easily collaborate with colleagues.
Get started with MSIM
Review the following information before you start working with Major Security Incident Management.
Checklist for MSIM setup
Before using the ServiceNow Major Security Incident Management (MSIM) application, download the application from the ServiceNow Store.

Was this topic helpful?

Previous

Checklist for MSIM setup

Next

Integrating Major Security Incident Management

Previous

Checklist for MSIM setup

Next

Integrating Major Security Incident Management

Log in to get a better experience