ServiceNow® GRC has a Risk Management application which provides ways to:
- Organize categories of risks to normalize risk scores across the organization
- Consistently assess risks using a best practice workflow
- Understand and report on financial and statistical impact of risk to the organization
Our clients who are considering ServiceNow GRC ask us about the best way to get started with the Risk Management application.
We realize that managing and measuring risk to the enterprise can be an overwhelming exercise. INRY has developed a methodology called “Process Area Specific Sprints” or “PASS” by combining best practices from Agile and Prince2. PASS is designed to rapidly deploy and introduce ServiceNow functionality into the organization’s departments with a targeted focus, accomplished over a number of iterations, each spanning between 4-6 weeks.
This Perspectives paper describes a six-step process that Organizations can adopt to deploy Risk Management in ServiceNow using INRY's PASS methodology. The approach enables clients to grow their risk management capability in tandem with their Compliance and Audit Management applications. A key benefit to the approach is that the Compliance and Audit Management applications are not dependent on Risk Management being completely deployed.
Download the whitepaper to read more.