GRC & Compliance (ServiceNow)

What it does

Provides concrete guidance and example ES5 scripts for Governance, Risk, and Compliance (GRC) on ServiceNow. Includes patterns for creating and managing policies, controls, control tests, risk records, and audit engagements; helper functions for risk scoring and test result handling; and example workflows to query and summarise compliance data.

When to use it

Use this skill when you need to implement or automate ServiceNow GRC tasks: create or transition policies, author controls and tests, record test results, build risk assessments, or generate compliance dashboards. It’s intended for ServiceNow developers/operators working with the sn_compliance_* and sn_risk_* tables or automating audits.

What's included

• Scripts: ES5 GlideRecord examples for creating policies, controls, control tests, risks, and audits (inline examples).
• References: Describes key tables (sn_compliance_policy, sn_compliance_control, sn_risk_risk, sn_audit_engagement) and MCP tool integrations listed in the SKILL.md.
• Instructions: Step-by-step examples for lifecycle transitions, recording test results, calculating risk scores, and assembling a compliance summary.

Compatible agents

Designed for agents and tooling that integrate with ServiceNow/Snow-Code runtimes and MCP tools (examples reference Snow-Code, snow_query_table and snow_execute_script_with_output).