0
22.3.1
Australia Patch 3, Australia, Zurich Patch 7, Zurich Patch 4, Zurich, Yokohama Patch 12, Yokohama Patch 9, Yokohama Patch 2, Yokohama, Xanadu Patch 9, Xanadu Patch 4, Xanadu
Standalone Application
The ServiceNow® NIST Cybersecurity Framework (CSF) Accelerator gives customers an operational head start when adopting the NIST CSF. When downloaded and activated within the GRC applications, the accelerator provides pre-configured policies, scopes (including entities and entity type recommendations), risks, indicators, and other GRC elements.
The NIST CSF Accelerator provides the following for organizations adopting the CSF:
- A structured approach to define and execute risk and cybersecurity management actions aligned with the CSF.
- Content for the three ServiceNow® IRM core applications: Policy and Compliance Management, Risk Management, and Audit Management.
- Pre-defined relationships across the various content elements in the IRM applications to support planning and actions that improve cybersecurity preparedness.
New
Query range ACLs include the following enhancements:
- Consistent access control — All tables include standardized query range security ACLs. These ACLs ensure that authenticated users with appropriate read permissions can query records consistently across the platform.
- Seamless upgrade experience — New query ACL rules are installed automatically during upgrade, with no administrator action required. Automated upgrade scripts handle the transition, including detecting and processing previously customized ACLs to ensure existing processes continue without interruption.
Post-upgrade review for customized ACLs:
- If the instance includes administrator-modified query range ACLs, review those records after upgrade to confirm they align with the intended access policy.
- The following apps are required:
- GRC: Profiles
- GRC: Policy and Compliance Management
- GRC: Risk Management
- GRC: Audit Management
- Integrated Risk Management Standard
- Permissions and roles:
- Role required to install the app: System administrator (admin)