ServiceNow GRC implementation to promote transparency, accuracy and accountability - making GRC a core discipline
The client was looking to streamline its audit process by implementing GRC on the ServiceNow platform. It wanted to empower its internal audit teams with a single platform that can help them plan and execute engagements, collaborate with teams, view report findings and monitor the compliance requirements for various policies like HIPAA and PCI DSS 3.0.
The client wanted to streamline its manual auditing process and create a common platform to centralize audit engagements, executions and findings as there was no transparency and accountability in the current system. Also, there was no proper time tracking, reporting and historical data available for future engagements. There were issues with longer duration of audit executions and heavy manual dependencies.
ServiceNow Platform and Governance, Risk, Compliance subscriptions
Identify and conduct interviews with process owners to understand the process, controls, sources and exemptions
Identify External / Internal AD’s, policies, controls and exemptions
Create profiles, and identify indicators and link to controls .
Identify the automation requirements to close audit findings on the controls .
Automated governance and risk .
Audit engagements and executions from a centralized location
Internal audit team now spends 50% less time managing audits
Transparency, accuracy and accountability of process compliance
Real-time dashboards of various processes and compliances .
Automation of process compliance findings though workflow
Process improvements and tighter controls by eliminating redundancies and exemptions