0
21.0.1
Zurich, Yokohama Patch 6, Yokohama Patch 5, Yokohama Patch 4, Yokohama Patch 2, Yokohama, Xanadu Patch 9, Xanadu Patch 8, Xanadu Patch 4, Xanadu, Washington DC Patch 5, Washington DC Patch 3, Vancouver Patch 9
The ServiceNow® Privacy Management solution helps customers manage their enterprise-wide privacy programs by staying updated about privacy risks and regulations. The solution also enables customers to unify and scale enterprise-wide data privacy governance on a single platform to embed privacy risks into the front-line to adopt the Privacy-by-design culture.
The Privacy Management application provides privacy screening assessments and privacy impact assessments to discover where personal information (PI) is stored, who owns it, and how it is being used. It also offers capabilities to apply controls automatically based on assessment responses, monitor with an automated continuous control monitoring framework, maintain a record of all the processing activities, and automatically identify and report issues.
- Discover business processes, applications, services, and vendors processing personal data. This application supports manual and automated data discovery.
- Maintain a record of processing activities.
- Conduct privacy impact assessments (PIAs) for existing and new processes, applications, and services. This includes the Portal capabilities for PIA responses.
- Proactively request PIA for new implementations, applications, processes from the Employee center. This capability enables and supports privacy-by-design concepts.
- Send multiple types of PIAs to various key stakeholders of a single processing activity.
- Automatically map controls, risks, and information objects such as email, phone, SSN, and so on, based on the PIA responses.
- Enable the business user role to update the processing activity details.
- Assess the privacy risk posture based on privacy risk assessments and reports by using advanced risk assessments with manual and automated factors.
- Obtain control and risk suggestions based on the personal information mapped with processing activities.
- View the privacy compliance posture reports based on the control attestation processes.
- Use the Privacy Management Workspace with enhanced reports on processing activities and control objectives.
- View reports and get a 360 degree view of information objects to highlight the related processing activities, applied regulations, policies, and risks on each personal data record.
- Monitor and track privacy regulatory changes by integrating with Regulatory Change Management. This integration requires the IRM Professional or the IRM Enterprise license.
- New
- Oversee all aspects of privacy management comprehensively through a unified view using an enhanced dashboard.
- See the processing activity in a vertical layout for improved readability and easier grouping and analysis of related records.
- Classify data subjects to select and define multiple data subject types, providing a granular representation of processing activity.
- New Screening and Privacy Impact assessment templates with improved questionnaire.
- Fixed
- Fixed issues related to access permissions.
The following GRC applications must be installed and activated:
- GRC: Policy and Compliance Management (com.sn_compliance)
- GRC: Compliance Assessment (com.sn_comp_asmt)
- GRC: Common Workspace Elements (com.sn_grc_workspace)
- GRC: Advanced Risk (com.sn_risk_advanced)
Permissions and roles:
- Role required to install the app: System Admin (admin)