Get $500 when you book a course. Learn more.

Live Chat
Monday - Friday 8am - 6pm EST Chat Now
Contact Us
Monday - Friday 8am - 8pm EST 1-800-268-7737 Other Contact Options

Cart () Loading...

    • Quantity:
    • Delivery:
    • Dates:
    • Location:


Governance, Risk, and Compliance (GRC) Fundamentals

Learn how to manage corporate governance and enterprise risk within the ServiceNow platform.

The ServiceNow GRC suite contains four main applications: Policy and Compliance Management, Risk Management, Audit Management, and Vendor Risk Management.

This two-day training course introduces you to the GRC suite, with the exception of Vendor Risk Management, which is covered in a separate two-day implementation course. The session format will alternate between discussions and labs, giving you an opportunity to explore the applications and apply concepts learned.
GRC is a company's strategy for managing corporate governance and enterprise risk and for demonstrating corporate compliance. ServiceNow

GRC is a suite of applications within the ServiceNow platform that provides timely, comprehensive, and continuous information for auditing, reporting, and compliance purposes. By using the GRC suite, GRC professionals create a scalable compliance and risk program to meet their organization’s internal and regulatory requirements.

GK# 821272
Vendor Credits:
No matching courses available.
Start learning as soon as today! Click Add To Cart to continue shopping or Buy Now to check out immediately.
Access Period:
Scheduling a custom training event for your team is fast and easy! Click here to get started.

Who Should Attend?

The audience for this class includes implementers, compliance officers, risk managers, and other GRC professionals who want to understand how to integrate their compliance programs into ServiceNow’s GRC suite. ServiceNow System Administrators will also benefit by learning about the system properties used by the GRC applications.

What You'll Learn

During this two-day interactive training course, participants will achieve the following:

  • Describe GRC and the internal and external influences that create a need for it
  • Review the ServiceNow GRC architecture and key terminology
  • Navigate ServiceNow GRC applications and impersonate the various user roles
  • Explore how policies, authority documents, and citations fit into ServiceNow’s GRC landscape
  • Complete the policy management process to create, review, approve, and publish a policy
  • Describe how to build the entities used to assign ownership of controls and risks
  • Create a risk framework and risk statements related to an entity type
  • Evaluate risk scoring, including qualitative and quantitative
  • Gain an introduction to features available with GRC’s Advanced Risk application
  • Define controls and indicators and their role in risk and compliance monitoring
  •  Leverage indicators and continuous monitoring to automate control monitoring
  • Describe methods to manage and respond to issues
  • Review the policy exception workflow and request and approve a policy exception
  • Describe audit management and its relationships to other GRC functions
  • Define and create an audit engagement and tasks
  • Explore GRC homepages and dashboards and access corresponding data

Course Outline

  • 1.0 GRC in ServiceNow
  • 1.1 Introduction to GRC
  • 1.2 ServiceNow GRC Architecture
  • 1.3 Users, Groups, and Roles
    • Lab 1.1 Cloud Dimensions’ Story
    • Lab 1.2 User Roles
  • 2.0 Policy and Compliance Management
  • 2.1 Authority Documents and Citations
  • 2.2 Policies and Control Objectives
    • Lab 2.1 Create a Password Policy
  • 2.3 Policy Management Process
    • Lab 2.2 Publish a Password Policy
  • 2.4 Control Lifecycle
  • 3.0 Entity Scoping
  • 3.1 Entity Definition and Set-up
  • 3.2 Using Entities to Create Controls
    • Lab 3.1 Create Entity Types and Entities
  • 4.0 Risk Management
  • 4.1 Risk Architecture
    • Lab 4.1 Create Risk Framework and Risk Statements
  • 4.2 Create Risks and their Relationships
    • Lab 4.2 Risk Statement Scope
  • 4.3 Risk Scoring and Advanced Risk Functionality
  • 5.0 Process Automation and Monitoring
  • 5.1 Indicators
    • Lab 5.1 Define and Execute an Indicator
  • 5.2 Issues Management
    • Lab 5.2 Issues Management
  • 5.3 Policy Exception Management
    • Lab 5.3 Policy Exception Management
  • 6.0 Audit Management
  • 6.1 Managing Engagements
  • 6.2 Audit Testing
    • Lab 6.1 Create and Scope Engagement