need copy here
ServiceNow Risk Management module offers a central method which helps organizations in identifying, assessing, responding to, and continuously monitoring the Enterprise and IT risks which may have negative impact on business operations. The product also introduces a structured workflow for handling the risk assessment, risk indicator and risk issues effectively.
- Risk management resources put the effort together for identifying the following items:
- Determining the level of risk which the organization is agreeing to accept? Collate the risk data and then determine what is tolerable.
- Developing a risk management policy via risk frameworks and statements.
- Developing a risk assessment and response procedures.
- Implementing controls for reduce the organization’s risk exposure and repeat the same on regular intervals.
- Measuring the risk exposure and improvements as well.
Audit Management product in ServiceNow includes a set of events associated with planning audit engagement, executing engagement. The module also defines procedures for delivering reporting findings to the audit committee and executive board. Timely reporting guarantees that the organizational strategy for the risk and compliance management is effective.
The Audit Management module is used by the auditors who conduct audit per ISO 20000/ISO270001/02 standards. Auditors are responsible for the following activities as well:
- Reviewing policies and procedures
- Timely risk review
- Reviewing control design
- Reviewing control test design
- Reviewing control test results
- Defining test controls
- Providing issue observations