Operational Resilience release notes

  • Release version: Xanadu
  • Updated October 9, 2024
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Operational Resilience release notes

    The ServiceNow® GRC: Operational Resilience Workspace application helps organizations maintain business service continuity during adverse events such as pandemics, severe weather, or cyber attacks. The Xanadu release introduces enhancements focused on operational risk, compliance, and managing vulnerabilities, along with improved support for regulatory requirements like the Digital Operational Resilience Act (DORA).

    Show full answer Show less

    Key Features

    • End-to-end Monitoring: Track business service resiliency comprehensively, emphasizing operational risk and compliance management.
    • Operational Vulnerability Management: Identify and report vulnerabilities through either Employee Center or the Operational Resilience Workspace. Address issues by assessing impact, evaluating criticality, managing problems, and planning treatments.
    • Digital Resilience Third-Party Registers: Manage contractual arrangements between financial entities and ICT service providers to comply with DORA regulations. Supports bulk and individual record management for assessments, contracts, legal entities, supply chains, and more.
    • Data Import/Export: Export and import third-party register records in Microsoft Excel format to facilitate audits and seamless integration with external data sources.
    • User Interface Improvements: The Operational Vulnerability and Digital Resilience Third-Party Registers modules are now accessible via the List view in the Operational Resilience Workspace, enhancing usability.
    • Accessibility Enhancements: Improved screen reader and translation support with ARIA labels, tooltips, and alt text to provide clearer guidance within the workspace.

    Activation and Requirements

    • Operational Resilience is available through the ServiceNow Store and requires installation via a request from the store.
    • Supported browsers include Google Chrome, Firefox (and ESR), Microsoft Edge Chromium, and Safari 12.0 or later.

    Integration with Related Applications

    The Operational Resilience Workspace complements other ServiceNow GRC and risk management applications to provide a comprehensive risk and continuity management framework:

    • Advanced Risk Assessment: Identify, measure, and track organizational risks with workflow support.
    • Business Continuity Management: Ensure delivery of products and services during disruptive events.
    • Policy and Compliance Management: Manage policies and controls aligned with regulations and best practices.
    • Risk Management: Monitor and respond to high-impact risks efficiently.
    • Vulnerability Response: Analyze security data and generate security incidents for resolution.

    Practical Benefits for ServiceNow Customers

    With these enhancements, ServiceNow customers can expect to:

    • Effectively monitor and mitigate operational risks and vulnerabilities within business services.
    • Maintain compliance with evolving regulations such as DORA by managing third-party ICT service providers efficiently.
    • Streamline audit and reporting processes through Excel-based import/export capabilities.
    • Leverage integrated workflows across risk, compliance, and business continuity applications to improve organizational resilience.
    • Benefit from improved accessibility and a more user-friendly interface to support diverse user needs.

    The ServiceNow® GRC: Operational Resilience Workspace application supports organizations in keeping business services running during adverse events like pandemics, severe weather, or cyber attacks. Operational Resilience was enhanced and updated in the Xanadu release.

    Operational Resilience highlights for the Xanadu release

    • Monitor business service resiliency from start to finish, with a focus on operational risk and compliance.
    • Identify and report operational vulnerabilities from Employee Center or Operational Resilience Workspace. Address these vulnerabilities through procedures such as reporting, assessing impact, evaluating criticality, managing issues, and planning treatments.
    • Use the Digital resilience third-party registers application to establish, update, and manage contractual arrangements between the financial entities and Information and Communication Technology (ICT) service providers.
    • Export the records for regulators and auditors in Microsoft Excel format by using the Microsoft Excel upload capability in Digital resilience third-party registers. Similarly, you can import the records from external sources by using the Microsoft Excel download functionality.

    See Managing Operational vulnerability and Maintaining Digital resilience third-party registers for more information.

    Important:
    Operational Resilience is available in the ServiceNow Store. For details, see the "Activation information" section of these release notes.

    New in the Xanadu release

    Managing Operational vulnerability
    Address operational vulnerabilities through reporting, assessing impact, evaluating criticality, managing issues, and planning treatments in Operational Resilience Workspace. Report operational vulnerabilities by using either Employee Center or Operational Resilience Workspace.
    Maintaining Digital resilience third-party registers

    Comply with Digital Operational Resilience Act (DORA) regulation requirements by creating contractual arrangements between the financial entities and the ICT service providers in Digital resilience third-party registers. The ICT third-party service provider records are maintained in Digital resilience third-party registers for DORA compliance.

    Add or modify the records in bulk or individually for assessments, branches, contracts, functions, legal entities, supply chains, third parties, or third-party engagements. Export the records to Microsoft Excel format for the European Union to streamline the auditing process as per the regulation. You have the option to import the records from external sources into the Digital resilience third-party registers application.

    UI changes

    The Operational vulnerability module is now part of the List view in Operational Resilience Workspace.
    Using Digital resilience third-party registers
    The Digital resilience third-party registers module is now part of the List view in Operational Resilience Workspace.

    Changed in this release

    Reporting Operational vulnerability
    The Operational vulnerability related list has been added to the following modules in the List view:
    • Importance and impact tolerance assessment
    • Scenario analyses
    • Self attestations
    • Services

    Activation information

    Install Operational Resilience by requesting it from the ServiceNow Store. Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.

    Browser requirements

    Business Continuity Management requires the following browsers:
    • Google Chrome
    • Firefox and Firefox Extended Support Release (ESR)
    • Microsoft Edge Chromium
    • Safari 12.0 and later versions

    Accessibility information

    Improved screen reader and translation support by adding ARIA button labels, tooltips, and alt text to the Operational Resilience Workspace. This support provides an explanation for button actions and identifies tooltip text to be translated.

    Related ServiceNow applications and features

    Advanced Risk Assessment

    Use the Advanced Risk application to identify, measure, and track risks. The application includes workflows for risk assessments and events, ensuring efficient management of your organization's risk profile.

    Business Continuity Management
    Use the Business Continuity Management application to ensure that your organization can keep delivering products and services at an acceptable level even when faced with disruptive events.
    Policy and Compliance Management

    Use the Policy and Compliance Management application to create and manage policies, standards, and internal control procedures that are mapped to external regulations and best practices.

    Risk Management
    Use the Risk Management application to identify and monitor high-impact risks, improve your risk-based decision-making, and reduce the reaction time from days to minutes.

    Use the Vulnerability Response application to enable security users to analyze security data, implement changes, and generate security incidents.