There is an issue with the Smart Assessments on the Compliance Case Management when you try to use smart assessments in the Action Tasks – it’s returning an error: “Incorrect setup”. The assessment gets generated so it’s working as expected. When I try to initiate them, it returns me an error.
Official docs: https://www.servicenow.com/docs/bundle/yokohama-governance-risk-compliance/page/product/grc-compliance-case-mgmt/task/perform-smart-assessment-on-action-task.html
1. Go to the Assessment Workspace and configure/create a new assessment template called “My Questionnaire”. Assessment categories = Compliance Case Assessment Assessment targets = Compliance Case Assessment reader = sn_comp_case.compliance_case_business_user 2. Go to All > Case type 3. Open “Compliance Case” or any active case type record. 4. In the assessment configuration, use the “My Questionnaire”. 5. Go to the Compliance Case Workspace and open any record where type is “Compliance Case” 6. Create an Action Task and use smart assessment. 7. When you move the task to Assigned state, it will trigger the assessment. 8. Click in View Assessment and the issue will get displayed when you try to take the assessment.
How to solve it?
Create the smart assessment under the right scope (CCM) 🙂
Governance, Risk, and Compliance, entities can be people, processes, departments, applications, or objects, whose exposure must be managed. These entities have controls that are defined to view the status.
To understand entities, consider the following example. Assume you are a new GRC user and you want to implement a change management process to all your critical financial systems. All the systems can be considered as individual entities. Map all the systems to an entity class called Financial. Have an entity type filter for critical financial systems to determine the systems that are identified as critical.
The primary benefit of creating entities is that you can maintain accountability because each entity has an owner. To understand this benefit, assume that you want to configure all the servers in a new way. After you finish the configuration, you perform an audit and then discover that only one server failed to comply with the new configuration. If you had not defined all the entities, then the entire audit result would have been deemed as failed. But because you have the entities defined, then only the non-compliant server entity and its identified owner are held accountable instead of all the servers.
Having defined entities ensures that the entity owners can be identified and that appropriate controls can be applied to those entities. It also helps in tracking the entities that are non-compliant. Any entity that has child entities can be said to have downstream entities. Any entity that has parent entities can be said to have upstream entities.
Take the following entity class model as example:
We have a Company that contains Departments that contains Business Services, Business Applications and Business Process. In GRC this are called “downstream entities”. This model is called “Dependency Model” and can be achieved by setting up the “Entity Class hierarchy”. You can visualise the model by accessing the “GRC Workbench”.
For this exercise, we will create 3 entities to match the above model and generate their respective risks.
Entity
Class
Wrangu
Company
Information Security
Department
Enterprise Risk Management
Business Process
List of entities
Risk
Entity
Statement
Disruption to the business due to critical infrastructure unavailability
Wrangu
Business Continuity and Disruption
Inability to retain key employees may result in the departments inability to achieve objectives.
Information Security
Loss of Key Personnel
Unauthorized actions have been detected
Enterprise Risk
Unauthorized actions
List of risks
Steps
Create a client callable script include called “GRCReporting” – make sure its you’ve checked the ‘Client callable’.
Copy the following code into it.
var GRCReporting = Class.create();
GRCReporting.prototype = Object.extendsObject(global.AbstractAjaxProcessor, {
getDownstreamProfileIDs: function(profileID) {
return new sn_grc.GRCProfileLists().getDownstreamProfileIDs(profileID);
},
type: 'GRCReporting'
});
Create your reports
Create a report against the Risk table (sn_risk_risk)
In the filter condition type the following “Entity > Sys Id” contains “javascript:new sn_grc.sn_grc.GRCReporting().getDownstreamProfileIDs(<Entity SysId>);”. In this example, I’ve used the entity Wrangu.
During Live Coding Happy Hour (LCHH) last week session about Decision APIs I got intrigued when Earl Duque used gr.getValue(‘sys_id’) instead of gr.getUniqueValue(), and in the comments was mentioned getUniqueValue() does not always return the sys id, so lets confirm that.
Lets take a look at the API Documentation says (here).
It says “get the primary key of the record which is usually sys_id unless otherwise specific”. Interesting, what they mean by primary key of a record? There’s a field called “Primary” that is only true for the Sys ID.
Made “PK” field as primary, did a quick GlideRecord query() and it always returned the sys id. I couldn’t prove their hypothesis – getUniqueValue is returning always the sysId. What did I miss?
It seems you can have multiple fields with primary = true (?).
var grTest = new GlideRecord('x_299742_nowjedi_example');
grTest.query();
while (grTest.next()) {
gs.info(grTest.getUniqueValue());
}
If you know the answer to this please drop in the comments.
How many times did you write the code to find the previous value on a specific field? Long time ago I found a library called “HistoryWalker” and since then its been on my must-have snippets on my utils. This library sn_hw is not “public” available but you can see lot of scripts using it. Quite useful 🙂
getHistoryWalker: function(grObject,field) {
var answer = [];
var previousValue;
var hw = new sn_hw.HistoryWalker(grObject.getRecordClassName(), grObject.getUniqueValue());
hw.walkTo(grObject.sys_mod_count);
do {
var wr = hw.getWalkedRecordCopy();
var currentValue = wr.getValue(field);
if (currentValue != previousValue) {
previousValue = currentValue;
answer.push(wr.getValue(field) + '');
}
} while (hw.walkBackward());
return answer;
},
If you’re just starting your Next Experience journey, then you’ve come to the right place. This guide (Next Experience Quick Start Guide – ServiceNow Community) will help you understand what Next Experience is, how it works in tandem with our Workspace UI, and is a great place to return to as our products evolve over time.
Before you get started
Before you get started with Next Experience, check and consider the following documentation:
ServiceNow did an amazing job introducing workspace into our world, the links above are kind of live savers, they are so well documented full of best practises, recommendations and tips.
Current scenario
I am going to improve the “Response Tasks” on the Risk Portal. This our view from the backend (https://instance.service-now.com/nav_to.do?uri=sysapproval_approver.do?sys_id=0f676330db361d1021e7dd18f496195d). We have 2 OOB UI actions for record manipulation (“Update” and “Delete”) and 2 UI actions to update the state (“Approve” and “Reject”).
This is our current view on Risk Portal (https://instance.service-now.com/now/risk/portal/record/sn_risk_response_task/809623fcdbf21d1021e7dd18f496198a/sub/record/sysapproval_approver/0f676330db361d1021e7dd18f496195d). We still have the OOB UI actions, but we are missing the 2 UI actions to update the state.
Steps
Inspect the UI action “Approve” button to get the gsft_id.
Clone the UI action for “Approve” and “Reject”.
Create UX Form Action “Approve” and “Reject” and pointed to our custom UI actions. All these actions should be pointing to the sysapproval_approver table.
Create a UX Form Action Group (or UX Actions Layout Group) called “approval actions” where type = Split Button and actions are Approve and Reject.
In the UX Form Action Group record related items, create a new UX Form Actions Layout (sys_ux_form_action_layout_item) record. I named “Approval Actions” and this is responsible to display the button in the form.
Through the related lists of the UX Form Layout Item record, create a new Action Layout record. Focus on the “Action Layout Items”, that’s the most important thing here. This connection must exist.
The result will be:
Summary
The link How to use UI Actions in Workspaces – ServiceNow Community and Introduction to Declarative Actions – ServiceNow Community gave me enough to follow the breadcrumb trail and yes workspaces can be ready. We have few fields missing in the forms (we just need to update the view) and sometimes the UI actions do not behave the same but after few smoke tests the workspace can be ready. This is the perfect time to avoid lift and shift. This is a great o opportunity to re-imagine and improve the experience.
Bottom line is UI Actions are supported in both agent and configurable workspaces, but only in limited areas, such as the Action Bar component which is provided by default on the out-of-the-box record page. This means that UI Actions are only supported on forms in workspaces and not lists.
ServiceNow introduced a new concept called “Declarative actions”. What are they? Declarative actions are similar to platform UI Actions to add buttons on a form, etc. UI Actions are only exposed in the Action Bar component in Workspace, etc. experiences so the use cases are limited. Declarative Actions can be used in the Action Bar component on a record, related lists, lists, etc. without having to modify the page in UI Builder itself. By using Declarative Actions and not adding buttons to a page in UI Builder, you are making your upgrade experience better as Declarative Actions do not customize an OOTB UI Builder page. Instead, by creating Declarative Actions you are creating the necessary records needed in your own app scope.
If you haven’t used the new feature Policy and Compliance Integrator, roll your sleeves up – this is a game changer. Forget about transform maps to import Authority Documents, Citations and Control Objectives, this scripted REST api will do everything for you.
Go to Postman and create a new collection called “CIM API Collection”.
In the tab “Variables”, create a new variable inside the collection called “instance” with value “https://YOUR_INSTANCE.service-now.com”
In the tab “Authorization”, set up your REST api user and password. Dont forget in order to create new batches you need to be a compliance admin.
Go to sn_grc_provider table and create a new provider called “communityProvider”. If you don’t do it, when you create a batch it will create a new Provider import task and you need to complete few more steps in order to get the new provider generated.
Create a new POST method called “Create batch” with the following URL{{instance}}/api/sn_grc_cim/content/compliance/batch/create The body should be something like this:
Save the batch number because you are going to use it to create staging records or any interaction with the API.
Step 2 – Create the staging records
Go to Postman and inside your collection “CIM API Collection” create a new method called “Insert stagging records” with the following URL: “{{instance}}/api/sn_grc_cim/content/compliance/insert”
The body should contain something like this: {"batch_number":"CIB0001008", "records": [{ "document_id": "123456789", "name": "GRC Authority Document api", "description": "GRC Authority Document API", "citations": [{ "document_id": "123456789", "name": "GRC Citation api", "control_objectives": [ { "document_id": "123456789", "name": "GRC Control Objective api" } ] }] }]}
This code will generate one AD, one citation and one control objective.
3. Update batch to ready
Go to Postman and inside your collection “CIM API Collection” create a new method called “Update batch status to ready” with the following URL: “{{instance}}/api/sn_grc_cim/content/compliance/batch/ready”
The body should contain something like this:
{
"batch_number": "CIB0001008"
}
The end result should be something like this:
3. Kick process, review task and complete process
After this moment you need to kick the process by going to the Flow Designer, search for “Compliance staging processor” and run. Check the flow designer how often this process runs. Out of the box this runs weekly basis, every Monday. A new import task will be created after the flow has been executed.
Go to “Library import task” and review the staging records if necessary. At this stage, you can add an approver, or approver group, etc etc.
The new authority document with citations and control objectives will be created when the import task is completed.
If you need anything, please let me know and I can share the Postman collection to save you some time.
The article below is intended for any person customize their Notifications. A working Javascript and HTML is useful but not required.
Introduction
We often focus on getting job done and ready to be delivered. Of course this is important but sometimes we need more than just doing it. In the following article, we will look how to automate and centralize data in one place in order to become scalable and easier to find and edit.
Here’s a few things we will cover:
Use Case
Example
Automate properties (sys_properties)System properties store configuration information that rarely or never changes. Each time you change or add a system property, the system flushes the cache to keep all nodes in the cluster in synch. This cache flush has a very high performance cost for one to 10 minutes, which can potentially cause an outage if done excessively. To prevent such outages, do not use a system property to store configuration information that changes more than once or twice a month.
I usually update the “From” field.
Use email templates (sysevent_email_template)Enable administrators to create reusable content for the subject line and message body of email notifications.
Usually I define a mail_script (to use a standard style for all notifications), define subject and message.
Use Case Walkthrough
Use Case #1: Automate properties
In the Navigation filter, enter sys_properties.list.The entire list of properties in the System Properties [sys_properties] table appears.
Verify that the property does not exist by searching for the property name.
Click New. Usually I use “company.default.notification.from”.
Complete the System Property form. Type: String Value: Community Article <email@service-now.com>
Navigate to System Definition > Business Rules.
Click New.
Fill in the fields, as appropriate. Tab When to run When: Before On Insert (check) On Update (check) Tab Advanced current.from = gs.getProperty(“company.default.notification.from”); gs.addInfoMessage(‘Loaded company.default.notification.from value’);
Use Case #2: Create a Template and assign to the Notification
Navigate to System Policy > Email > Templates.
Click New.
Fill in the form fields (see table).
In the “Message HTML”, usually I call a default stylesheet just in case of I need to change any HTML tag (font, size, etc).
Navigate to System Notification > Email > Notifications Email Scripts.
Click New: “Notification_email.styles”
On the your email script: var stylesheet = new GlideRecord (‘sp_css’); stylesheet.get(‘name’,’company_email_notifications.css’); //Stylesheet for email styling template.print(‘<div><style>’ + stylesheet.css + ‘</style></div>’);
3. Navigate to System Notification > Email > Notifications. 4. Open the email notification record that should use the template. 5. Navigate to the What it will contain section. 6. From the Email template field, select the appropriate template. 7. Click Update.
Conclusion
System properties are not limited to just Notifications, they’re part of the NOW Platform and can include anything we have in the Platform. Try to automate your instance and try to centralize all your “customer” data in one place.
Use all the tools at your disposal to make that happen.
The article below is intended for any person who is getting started with CSM or wants to do user management.
A working Javascript and HTML is useful but not required.
Leave a comment whenever you feel is missing any relevant information in this article.
Introduction
Since I started to use Customer Service module this always has been a struggle, quite hard to find a proper answer nowadays about best practises and how user management should be set up. Said that, my goal on this article is to provide you full picture how CSM was originally designed and how to get the most of it. I will update this article as often as I can with all information I collected so far.
According to ServiceNow documentation, Customer Service Management application enables you to route cases to available customer service agents with the necessary skill sets. Agents can make use of response templates and search tools to search the knowledge base and community and provide timely, informative responses to customers.
Customer information includes the account and contact information for a customer or partner.
An account is a supported external customer and the Account form stores the customer’s information, including the company name, contact names, addresses, phone numbers, and web and email addresses. An account can be a customer account, a partner account, or both.
A contact is a user who is an employee of an account. A contact record stores information about a contact, such as the name, phone number, email and web address. An account can have multiple contacts but a contact can be associated with only one account. A contact can have one or more associated assets and service contracts. A contact can also have a user ID and can log in to the customer portal.
An account can have one or more associated assets, service contracts, entitlements, and SLAs. An account can also be associated with the following entities:
case
contact
service contract
entitlement
asset
A partner is a supported external customer that, in turn, sells to and supports one or more customers. A partner account record stores information about a partner’s company, similar to a customer account. On a partner account record, the Partner field is enabled. A partner can report and manage cases on behalf of customers. A partner can also be a customer.
Ok, that’s what is described on the official documentation but what’s really happening in the background?
Understanding user classes
When you mark a table as extendable, you are also adding a second system field: Class [sys_class_name] — System Class Name. It contains the name of the table that the record represents. The sys_id field uniquely identifies a record. In the case of an extended table, the sys_id field is actually stored in two places: on both the parent and child tables. The platform joins both together whenever you query the child table and the field sys_class_name is added on the parent table.
In other words, sys_class_name is to extend sys_user table to “User”, “Contact” or “Consumer”. When a User record is saved with class User , we get the details from SYS_USER table. When a User record is saved with class ‘Contact’, we get details from extended SYS_USER and CUSTOMER_CONTACT table. The customer_contact table have some related lists such “Tickets”, Locations”, Social Profiles”.
Since my client is a B2B, for the moment I will not cover the consumer scenario on this article.
As far I am aware, all admin should have a “User” class assigned and all customers and agents should have “Contact” assigned.
The Customer Service Management application provides the ability to establish different types of relationships between partners, customers, and contacts. These relationships make account and asset management easy and flexible. The following types of customer service relationships are available. (link here). This will help to create a relationship such “regions” to your parent accounts providing a kind of hierachy parent-child to a specific account.
Permissions
Security is the mother of all mothers and nowadays that’s a buzz word. An administrator usually does this kind of questions:
If I want to someone to use my application, what roles they need?
If I want to someone support the cases, what roles they really need?
Customer Service Management includes both internal and external user roles. Internal user roles are for agents and agent managers using the Customer Service Management application. External user roles are for customers and partners using the customer portal.
Here’s roles you need to set up to your Agents or Customers:
Use Case
Roles
AgentAn agent is an employee of the company.Class: User
snc_internalsn_customer_service_agentsn_esm_agent
CustomerA customer is a user who is an employee of an account.Class: Contact
Note: Thank you @Kavita for helping me sorting this out. I was banging my head against the table over the reason of existence of this class. The official documentation provided lists all the roles available OOTB and how they should be used. Only customers should be contacts.
The following table provides all roles available OOTB and how they are set up.
Remember that all examples I provide is for a B2B scenario and for that reason the consumer roles is not included or mentioned. Therefore they’ve a very similar behaviour to the customers.
The Customer Service Management application provides the ability to establish different types of relationships between partners, customers, and contacts. These relationships make account and asset management easy and flexible. The following types of customer service relationships are available. (link here). This will help to create a relationship such “regions” to your parent accounts providing a kind of hierachy parent-child to a specific account.
Conclusions
There’s a gap in the documentation explaning how this module should properly work. I will try to cover the maxium I can in order to be easier in the future to set up a Customer Service Mgt scenario.
tests whether the table data.table has attribute with the name glide.security.ui.filter. No standart tables has the attribute. So you can just remove the part of code. If you do want to use the code, that you have to rewrite the fragment to get the same information about attributes of the table in alternative way.
I posted in my answer on the question the code of small function isTableAttributeEqualValue. The code shows how one can get attributes of table. You need just modify the last line of the code to use only return gr.next(). The resulting function will looks as following
function isTableHasAttribute (tableName, attributeName) {
var gr = new GlideRecord("sys_schema_attribute_m2m");
gr.addQuery("schema.name", tableName); // "Dictionary Entry"."Table"
gr.addQuery("attribute.name", attributeName); // "Attribute"."Name"
gr.query();
return gr.next();
}
Then you can use isTableHasAttribute(data.table, “glide.security.ui.filter”) instead of GlideTableDescriptor.get(data.table).getED().hasAttribute(“glide.security.ui.filter”).
Apparently a new color definition (sys_report_color) “Risk Progress” has been introduced with New York release, changing the heatmap colors from using native UI14 Green/Red/Yellow to “Risk Progress Critical/High/Medium/Low/None”. They are no longer vivid, they look faded and washed out. This is confirmed by taking a look at NY release application files and searching for “sn_risk_color_setting” records.
According to Changes to New York features and products (https://docs.servicenow.com/bundle/newyork-release-notes/page/release-notes/summary/rn-summary-changes.html), it has been improved color contrast and modernized visualizations in the Performance Analytics and Reporting applications create a more consistent user experience.
Did you know about this? What do you think?
New York Release
Madrid or London release
To roll back to the previous colors system, please follow the next steps:
1. Go to Color Settings table (sn_risk_color_setting)
2. Update the color field according to the following table
"Being a Jedi is not just about power, or lightsabers, or even skill with the Force. It is about connection. Being part of something bigger. I am stronger as part of the Jedi Order than I could ever be alone."
