The ServiceNow® Audit Management application involves a set of activities related to planning audit engagements, executing engagements, and reporting findings to the audit committee and executive board. Engagement reporting assures key stakeholders that the organization's risk and compliance management strategy is effective.
With Audit Management, users can schedule internal audits, scope engagements, conduct audit activities, review continuous monitoring results, collect control evidence, track audit observations, and report findings.
The Audit Management application includes the following features:
- Audit engagements
- Audit scoping
- Audit testing – test templates and test plans
- Audit tasks – control test, interview, walkthrough, and activity
- Audit reports and dashboards
- New
- Implemented range queries for enhanced protection of queries on engagement, control test, audit task.
- Continuous monitoring of the EBA configurations is now enabled. The EBA restriction field is updated to reflect the new entity configuration whenever there is a change to the entity or its parent
- Fixed
- Engagements are now copied to issues when generated from observations.
- Implemented security fixes.
- Owner of the cloud file now has access to the file irrespective of whether or not access was provided via cloud file configuration
The following applications are automatically installed when the Audit Management application is activated:
- GRC: Profiles
Permissions and roles:
- Role required to install the app: System admin (admin)
When you upgrade the Audit Management application, ensure that the Audit Management workspace and any other installed GRC applications are upgraded to the equivalent release version. For example, Audit Management version 20.x is certified to work with Audit Management Workspace version 20.x and other versions of 20.x GRC applications.