Hello,

If you haven’t used the new feature Policy and Compliance Integrator, roll your sleeves up – this is a game changer. Forget about transform maps to import Authority Documents, Citations and Control Objectives, this scripted REST api will do everything for you.

In addition to the article Using the GRC: Policy and Compliance integrator to display batch records and import tasks (servicenow.com), I will share the Postman collection with APIs (which SN didn’t share but they mentioned) so you can use and abuse.

Step 1 – Create a batch

Go to Postman and create a new collection called “CIM API Collection”.
In the tab “Variables”, create a new variable inside the collection called “instance” with value “https://YOUR_INSTANCE.service-now.com”
In the tab “Authorization”, set up your REST api user and password. Dont forget in order to create new batches you need to be a compliance admin.
Go to sn_grc_provider table and create a new provider called “communityProvider”. If you don’t do it, when you create a batch it will create a new Provider import task and you need to complete few more steps in order to get the new provider generated.
Create a new POST method called “Create batch” with the following URL{{instance}}/api/sn_grc_cim/content/compliance/batch/create The body should be something like this:

{
"provider": "communityProvider",
"type": "compliance"
}

Save the batch number because you are going to use it to create staging records or any interaction with the API.

Step 2 – Create the staging records

Go to Postman and inside your collection “CIM API Collection” create a new method called “Insert stagging records” with the following URL: “{{instance}}/api/sn_grc_cim/content/compliance/insert”
The body should contain something like this:
{"batch_number":"CIB0001008", "records": [{ "document_id": "123456789", "name": "GRC Authority Document api", "description": "GRC Authority Document API", "citations": [{ "document_id": "123456789", "name": "GRC Citation api", "control_objectives": [ { "document_id": "123456789", "name": "GRC Control Objective api" } ] }] }]}

This code will generate one AD, one citation and one control objective.

3. Update batch to ready

Go to Postman and inside your collection “CIM API Collection” create a new method called “Update batch status to ready” with the following URL: “{{instance}}/api/sn_grc_cim/content/compliance/batch/ready”

The body should contain something like this:

{
    "batch_number": "CIB0001008"
}

The end result should be something like this:

3. Kick process, review task and complete process

After this moment you need to kick the process by going to the Flow Designer, search for “Compliance staging processor” and run. Check the flow designer how often this process runs. Out of the box this runs weekly basis, every Monday. A new import task will be created after the flow has been executed.
Go to “Library import task” and review the staging records if necessary. At this stage, you can add an approver, or approver group, etc etc.
The new authority document with citations and control objectives will be created when the import task is completed.

If you need anything, please let me know and I can share the Postman collection to save you some time.

The article below is intended for any person who is getting started with CSM or wants to do user management.

A working Javascript and HTML is useful but not required.

Leave a comment whenever you feel is missing any relevant information in this article.

Introduction

Since I started to use Customer Service module this always has been a struggle, quite hard to find a proper answer nowadays about best practises and how user management should be set up. Said that, my goal on this article is to provide you full picture how CSM was originally designed and how to get the most of it. I will update this article as often as I can with all information I collected so far.

According to ServiceNow documentation, Customer Service Management application enables you to route cases to available customer service agents with the necessary skill sets. Agents can make use of response templates and search tools to search the knowledge base and community and provide timely, informative responses to customers.

Customer information includes the account and contact information for a customer or partner.

An account is a supported external customer and the Account form stores the customer’s information, including the company name, contact names, addresses, phone numbers, and web and email addresses. An account can be a customer account, a partner account, or both.
A contact is a user who is an employee of an account. A contact record stores information about a contact, such as the name, phone number, email and web address. An account can have multiple contacts but a contact can be associated with only one account. A contact can have one or more associated assets and service contracts. A contact can also have a user ID and can log in to the customer portal.

An account can have one or more associated assets, service contracts, entitlements, and SLAs. An account can also be associated with the following entities:

case
contact
service contract
entitlement
asset

A partner is a supported external customer that, in turn, sells to and supports one or more customers. A partner account record stores information about a partner’s company, similar to a customer account. On a partner account record, the Partner field is enabled. A partner can report and manage cases on behalf of customers. A partner can also be a customer.

Ok, that’s what is described on the official documentation but what’s really happening in the background?

Understanding user classes

When you mark a table as extendable, you are also adding a second system field: Class [sys_class_name] — System Class Name. It contains the name of the table that the record represents. The sys_id field uniquely identifies a record. In the case of an extended table, the sys_id field is actually stored in two places: on both the parent and child tables. The platform joins both together whenever you query the child table and the field sys_class_name is added on the parent table.

In other words, sys_class_name is to extend sys_user table to “User”, “Contact” or “Consumer”.
When a User record is saved with class User , we get the details from SYS_USER table.
When a User record is saved with class ‘Contact’, we get details from extended SYS_USER and CUSTOMER_CONTACT table. The customer_contact table have some related lists such “Tickets”, Locations”, Social Profiles”.

Since my client is a B2B, for the moment I will not cover the consumer scenario on this article.

As far I am aware, all admin should have a “User” class assigned and all customers and agents should have “Contact” assigned.

The Customer Service Management application provides the ability to establish different types of relationships between partners, customers, and contacts. These relationships make account and asset management easy and flexible. The following types of customer service relationships are available. (link here). This will help to create a relationship such “regions” to your parent accounts providing a kind of hierachy parent-child to a specific account.

Permissions

Security is the mother of all mothers and nowadays that’s a buzz word. An administrator usually does this kind of questions:

If I want to someone to use my application, what roles they need?
If I want to someone support the cases, what roles they really need?

Customer Service Management includes both internal and external user roles. Internal user roles are for agents and agent managers using the Customer Service Management application. External user roles are for customers and partners using the customer portal.

Here’s roles you need to set up to your Agents or Customers:

Use Case	Roles
AgentAn agent is an employee of the company.Class: User	snc_internalsn_customer_service_agentsn_esm_agent
CustomerA customer is a user who is an employee of an account.Class: Contact	snc_externalsn_customerservice.customersn_esm_user
AdminClass: User	admin

Note: Thank you @Kavita for helping me sorting this out. I was banging my head against the table over the reason of existence of this class. The official documentation provided lists all the roles available OOTB and how they should be used. Only customers should be contacts.

The following table provides all roles available OOTB and how they are set up.

Use Case	Roles
Create Cases	sn_customerservice.customersn_customerservice_agent
Delete Cases	admin
Add assets/rooms/addresses/contracts/accounts manuallyOfficial documentation https://docs.servicenow.com/bundle/london-customer-service-management/page/product/customer-service-management/task/set-up-customer-information.html	sn_customerservice_manageror admin
Run/create reports Official documentation (https://docs.servicenow.com/bundle/london-performance-analytics-and-reporting/page/use/reporting/concept/c_AdminsteringReports.html).	itil
Modify users/groups lists etc Official documentation https://docs.servicenow.com/bundle/london-platform-administration/page/administer/roles/reference/r_BaseSystemRoles.html	user_admin
Schedule Customer service agents and field service techniciansOfficial documentation https://docs.servicenow.com/bundle/london-customer-service-management/page/product/customer-service-management/concept/agent-calendar_1.html	agent_schedule_admin

Remember that all examples I provide is for a B2B scenario and for that reason the consumer roles is not included or mentioned. Therefore they’ve a very similar behaviour to the customers.

If you would like to go further on custom csm user roles, take a look on the documentation https://docs.servicenow.com/bundle/london-customer-service-management/page/product/customer-service-management/concept/creating-custom-csm-user-roles.html

Relationships

Conclusions

There’s a gap in the documentation explaning how this module should properly work.
I will try to cover the maxium I can in order to be easier in the future to set up a Customer Service Mgt scenario.

ServiceNow technical content and knowledge for everyone

Guides

Using the GRC: Policy and Compliance integrator to import your entire framework 0 (0)