GRC & Compliance (ServiceNow)

What it does

This skill provides practical guidance and code examples for Governance, Risk and Compliance (GRC) workflows in ServiceNow. It describes GRC architecture, key tables (policies, controls, tests, risks, audits), lifecycle operations, and ES5 GlideRecord scripts to create and manage policies, controls, tests and audit findings. It also includes example workflows for dashboards and automation.

When to use it

Use when building or automating ServiceNow GRC features: authoring compliance policies, implementing control tests, recording test results, creating audit engagements, computing risk scores, or building compliance dashboards and reports. Suitable for ServiceNow developers and SRE teams integrating GRC into automation pipelines.

What's included

• Scripts: many ES5 GlideRecord examples for creating policies, controls, tests, risks, audit findings, and reporting (Skill body contains code snippets).
• References: integration notes and MCP tool mappings (snow_query_table, snow_execute_script_with_output, snow_audit_compliance, snow_assess_risk).
• Instructions: architecture diagrams, table references, example workflows and best-practice checklist.

Compatible agents

Designed for Snow-Code / ServiceNow automation agents and developer assistants that can execute GlideRecord-style scripts.