The ServiceNow Compliance Case Management application enables customers to manage their compliance cases, such as policy and regulatory violations and complaints. It enables collaboration with key stakeholders to perform assessments, investigation tasks, and other actions to effectively manage compliance cases. Additionally, it supports analyzing causes and consequences as part of the post-case review process.
Compliance Requests:
Compliance request configurations consist of two active compliance request types, each with dedicated workflows to manage compliance-specific inquiries and approvals related to policy improvements.
Each request type can be configured with the following elements:
-
- Workflow
- Form view (show or hide fields based on request type)
- Assignment rules (to assign an analyst to a compliance request)
- Approval workflow
- Any approvers
- All approvers
- Specific percentage of users to approve
Employees can raise a compliance request and contact the compliance team through the Employee Center. The compliance team analyzes the request, identifies related policies and controls, and obtains additional approvals, if necessary.
Compliance Case:
Employees can report events or policy violations and contact the compliance team through the Employee Center.
APIs are available to create and update compliance cases from various sources, such as ServiceNow Apps (Security Incident Response, IT Incidents, HR Cases) and third-party integrations.
Compliance team analyzes the case, conducts investigations, and collaborates with various teams by creating and assigning case tasks.
Compliance case configurations: The configurations consist of two active compliance case types, each with dedicated workflows to manage policy and regulatory violations use cases.
Each case type can be configured with the following elements:
- Workflow
- Form view (show or hide fields based on case types)
- Assignment rules (to assign an analyst to a compliance case)
- Assessment templates
- New
- Manage Smart Assessment templates with versioning support. Create, publish, and delete template versions to support consistent assessment governance.
- Changed
- Standardized query range security ACLs are now applied across all tables, ensuring consistent query access for authenticated users with appropriate read permissions throughout the platform. These ACL rules are installed automatically during upgrade with no administrator action required — automated upgrade scripts handle the full transition, including detection and processing of previously customized ACLs to ensure existing configurations continue to function without interruption. If your instance includes administrator-modified query range ACLs, a post-upgrade review is recommended to confirm alignment with your intended access policies.
The following GRC applications must be installed and activated:
- GRC: Policy and Compliance Management (com.sn_compliance)
-
GRC: Compliance Management Workspace (com.sn_compliance_ws)
- GRC: Common Workspace Elements (com.sn_grc_workspace)
Permissions and roles:
- Role required to install the app: System Administrator (admin)