Updated: Feb 1, 2021
In this Share the Wealth video, John Gilaspy of GlideFast Consulting gives an overview and demonstration of Risk Management in ServiceNow.
What is Risk Management?
Risk Management is the process of:
Identifying the risks to the enterprise presented by the existence of internal and external threats and internal vulnerabilities
Evaluating the impact of the realization of such risks upon the enterprise
Prioritizing the addressing of risks according to the impact and likelihood of a risk being realized
Addressing the possibility of realization of a risk
How do we evaluate Risk?
ServiceNow provides two options for evaluating risks: Quantitative and Quantitative.
Qualitative analysis asks for the perspective of the involved business users regarding the potential impact and possible likelihood of a risk being realized.
Quantitative analysis asks for the specific financial range of impact and statistical likelihood of a risk being realized.
Most companies start with Qualitative and move to Quantitative much later, as their risk processes mature and their business process owners are able to gather data necessary for operational analysis.
How do we respond to Risk?
ServiceNow provides four options for responding to risks:
Avoid — removing either the vulnerability or the threat involved
Mitigate — reducing the negative impact or probability of likelihood
Transfer — transferring all or part of the liability to another party
Accept — retaining some, or all, of the potential or actual consequences of a risk
Enhancements to Risk
ServiceNow provides multiple enhancements to Risk Management:
Advanced Risk Management
Advanced GRC Dashboard
Continuous Monitoring between Risk and Vulnerability
GRC Predictive Intelligence for Automatic Assignment
Virtual Agent for Risk Event Creation
Interested in working with experts like John? Reach out to our team. We would love to learn more about your ServiceNow challenges and how we can help your organization build better solutions.