Creating a ServiceNow-Managed Audit

Owned by Tristan Mohn (Deactivated)
Last updated: Feb 09, 2023 by Victoria Buhler (Deactivated)
3 min read


Page Contents

Overview

After ServiceNow and ZenGRC are connected, you can create and manage audits inside ZenGRC while requests for audit information show up in visual task boards inside ServiceNow. This documentation outlines that process.

TIP

Existing audits cannot be converted to ServiceNow. The option can only be selected during the creation of a new audit after the ZenGRC and ServiceNow integration is complete.

Step 1: Adding Basic Audit Information

To create a ServiceNow audit, complete the following steps:

  1. In the left-hand navigation, click New | Audit.



  2. Complete the fields. If you prefer to have all controls available for selection in Step 2, then leave the Related Program field empty.

  3. Select ServiceNow, in the Managed in drop-down. The audit will be represented as a guided visual task board in ServiceNow, with each request shown as a task.

  4. To access comments and attachments added by ServiceNow users from within ZenGRC, click the Synchronize comments and Synchronize attachments toggles. In most cases, customers will want to enable both toggles. However, they default to disabled in case there are privacy or security concerns around bringing this information into certain audits. Note that if the toggles are enabled at any point during the audit, comments and attachments submitted prior to enabling the toggles will become accessible within ZenGRC.



  5. Click Save.

    NOTE

    For complete instructions on this step, please see Step 1: Adding Basic Audit Information.

Step 2: Defining the Scope

Step 2 in audit creation is the same for ServiceNow and regular audits.

NOTE

For complete instructions on these steps, please see Step 2: Defining the Scope.

Step 3: Setting up Audit Requests - ServiceNow

The majority of Step 3 follows the general instructions for importing requests into any ZenGRC audit. The differences are described below.

  1. The requests CSV import template for ServiceNow-managed audits differs from the CSV import template for ZenGRC-managed audits, so be certain to use the ServiceNow-specific CSV import template when importing ServiceNow requests. When an audit is designated as a ServeiNow audit, the CSV template provided in Step 3: Setting up Audit Requests will be tailored to ServiceNow.
  2. The template supports the following user assignments for requests:
    • ServiceNow individual users can populate the Assigned To column.
    • ServiceNow groups can populate the Assignment Group column.
    • Use these users and groups together or separately on requests. If used together, be certain the user exists in the group assignment, as ZenGRC does not validate these combinations.
    • ServiceNow users and assignment groups need to exist in ServiceNow, but they do not need to exist in ZenGRC.



  3. Import the CSV as normal.
  4. Click Import Data.
  5. In our CSV example, requests are mapped to controls in the Mapped Controls column, which allows you to skip the mapping done after import. If this column is blank, you will need to map controls at this point.
  6. Click Next.

NOTE

For complete instructions on this step, please see Step 3: Setting up Audit Requests.

Step 4 and 5

Step 4 and 5 in audit creation are the same for ServiceNow and regular audits.

NOTE

For complete instructions on these steps, please see Step 4: Generating Assessments and Step 5: Reviewing and Starting the Audit.



Other Helpful Content

•  Access and User Assistance 
•  System of Record List Views  
•  Actions on the Details Page 
•  Creating New Objects 
•  Favorites 
•  Quick Tips for End Users (Printable) 
•  Searching the Left-Hand Navigation

© 2021 Copyright Reciprocity, Inc.
https://reciprocity.com