The ServiceNow® Audit Management application involves a set of activities related to planning audit engagements, executing engagements, and reporting findings to the audit committee and executive board. Engagement reporting assures key stakeholders that the organization's risk and compliance management strategy is effective.
With GRC: Audit Management, users can schedule internal audits, scope engagements, conduct audit activities, review continuous monitoring results, collect control evidence, track audit observations, and report findings.
The Audit Management application includes the following features:
- Audit engagements
- Audit scoping
- Audit testing – test templates and test plans
- Audit tasks – control test, interview, walkthrough, and activity
- Audit reports and dashboards
- New
- Entity-based access capabilities now supported for Audit. EBA can be used to manage access to Engagement, Control Test, and Test Plans. (Yokohama Patch 2)
The following applications are automatically installed when the Audit Management application is activated:
- GRC: Profiles
Permissions and roles:
- Role required to install the app: System admin (admin)
When you upgrade the Audit Management application, ensure that the Audit Management workspace and any other installed GRC applications are upgraded to the equivalent release version. For example, Audit Management version 20.x is certified to work with Audit Management Workspace version 20.x and other versions of 20.x GRC applications.