ServiceNow GRC: Integrated Risk Management Implementation

Learn to effectively manage a Risk Management and Policy and Compliance Management implementation.

This two-day course covers the domain knowledge, common implementation technical aspects, and various processes needed to effectively manage a Risk Management and Policy and Compliance Management implementation, as part of the Governance, Risk, and Compliance (GRC) suite.

Audit Management Implementation and Vendor Risk Management Implementation are covered in separate courses.

Through lectures, group discussion, hands-on labs, and demonstrations, participants will build on existing knowledge and skills.

Course topics include: GRC Overview, Implementation Planning, Entity Scoping, Policy and Compliance Implementation Approach, Risk Implementation Approach, and Extended Capabilities.

 Recommended prerequisites:

• SNSAF - ServiceNow Administration Fundamentals
• SNPI - ServiceNow Platform Implementation

During this two-day interactive training course, participants will learn how to run a successful customer Risk and Policy and Compliance implementation. Participants will:

• Practice navigating the Risk and Policy and Compliance applications
• Define key terminology and personas in the Risk and Compliance industry
• Evaluate Risk and Compliance use cases
• Recall the ServiceNow scoping framework and architecture
• Review scoping considerations and techniques that guide the approach for Entity scoping
• Examine Entity scoping examples and practice scoping an organization
• Recall baseline Risk and Policy and Compliance application functionality, security, and architecture
• Examine solution features and implementation considerations
• Discuss supported integrations and share common practices
• Describe available content packs and Performance Analytics capabilities

This course is suitable for anyone who will be working on a ServiceNow implementation of GRC: Risk Management and GRC: Policy and Compliance Management applications. Examples include:

• Technical Consultants, Implementers, Developers, and Architects – who will be configuring, developing, or supporting the Risk and Policy and Compliance applications
• Project/Program/Engagement Managers – who will be leading implementation of the Risk and Policy and Compliance applications in ServiceNow
• Operations Managers – who will oversee work completed using the Risk and Policy and Compliance applications in ServiceNow

1.0 Governance, Risk, and Compliance (GRC) Overview 1.1 GRC Positioning and Framework

1.2 Key Terminology

1.3 Technical Details

• Lab 1.1 Preparing to Implement ServiceNow Risk and Policy and Compliance Applications

2.0 Implementation Planning

2.1 Use Cases

2.2 Implementation Team

2.3 Implementation Checklist

2.4 Groups and Roles

• Lab 2.1 Automate Entity Owner Group Membership

3.0 Entity Scoping

3.1 Entity Scoping Overview

3.2 Entity Type Approach

• Lab 3.1 Practice Scoping an Organization

3.3 Entity Class Approach

• Lab 3.2 Entity Class and Dependency Management

3.4 GRC Entities Architecture

4.0 Policy and Compliance Implementation Approach

4.1 Policy and Compliance Record Lifecycles

4.2 Policy and Compliance Architecture

4.3 Common Configurations and Customizations

• Lab 4.1 Create a Policy Acknowledgement Campaign
• Lab 4.2 Control – Performance Analytics Indicator

5.0 Risk Implementation Approach

5.1 Risk Record Lifecycles

5.2 Risk Architecture

5.3 Original Risk Assessment and Risk Scoring

• Lab 5.1 Import Risk Statements with an Import Template

5.4 Advanced Risk Assessment and Risk Scoring

• Lab 5.2 Create and Process an Advanced Risk Assessment

5.5 Common Configurations and Customizations

• Lab 5.3 Monitor Key Risk Indicators

6.0 Extended Capabilities

6.1 Content Packs

6.2 Integrations

6.3 Performance Analytics

6.4 Other Platform Capabilities