0
22.3.0
Australia Patch 3, Australia, Zurich Patch 4, Zurich, Yokohama Patch 9, Yokohama Patch 2, Yokohama, Xanadu Patch 9, Xanadu Patch 4, Xanadu
Standalone Application
The Third-party Risk Management (TPRM) application helps customers manage their third-party risk programs across a broad number of risk domains. Environmental, Social, and Governance (ESG) is one of the risk domains that may necessitate the need to import information from content providers such as EcoVadis.
- Import the EcoVadis overall score into ServiceNow's External Monitoring Framework along with the thematic scores for each supplier.
- Create risk scorecards against supplier and against the ESG risk domain.
- Remediate incoming issues or findings from EcoVadis data.
- Continuously monitor the scores and automate remediation based on thresholds or risk appetite.
Changed
- Added strict read-only enforcement to EcoVadis data fields to prevent unauthorized modifications.
- Implemented query ACL security controls for CVE-2025-3648 vulnerability mitigation.
- The GRC: Third-party Risk Management plugin is automatically installed when this application is activated.
Permissions and roles:
- Role required to install the app: System admin
Prerequisites:
- An EcoVadis subscription is required to use this application.