The client, a global leader in the IT services domain has a multi-sourced functional environment. The client wanted an efficient platform for their IT Service Management application with direct integration of GRC into their business processes. The intent was to automate existing disconnected functional auditing silos to match the increasing demand for effective risk management.
- Developed a centralized dashboard to manage the organization’s all authoritative sources – external frameworks, standards, and regulations – associated them with their access controls.
- Imported the entire IT risk matrix as well as their controls and control tests into ServiceNow
- Additional compliance with UCF Standards such as CobIT, ISO 27001:2013, NIST, etc.
- Provided ability to evaluate an authoritative source and see the current status of all of its controls ensuring full visibility and eliminating redundant controls
- Facilitated integration with other ServiceNow features such as ITSM, asset management, CMDB and other applications