Privacy Management home page

  • Release version: Yokohama
  • Updated July 31, 2025
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Privacy Management Home Page

    The Privacy Management home page provides a comprehensive view of an organization's privacy risk and compliance status. It includes essential metrics such as the processing activity criticality score, statuses of privacy risk and impact assessments, control attestations, and privacy case details. The home page is organized into four main tabs: Processing Activity, Risk and Compliance, Operations, and Privacy Cases.

    Show full answer Show less

    Key Features

    • Required Roles: Access requires the roles of snprivacy.manager and snprivacy.analyst.
    • User Dashboards:
      • Privacy Manager: Oversees compliance posture and team tasks.
      • Privacy Analyst: Focuses on compliance posture related to assigned processing activities and their tasks.
    • Processing Activity Reports: Includes metrics like state counts, criticality scores, department distribution, compliance scores, and data subject types.
    • Risk and Compliance Reports: Displays aggregated risk scores, risk heatmaps, compliance status, and control objectives needing attention.
    • Operations Reports: Tracks risk and privacy assessments by state, issue counts by priority, and control assurance status.
    • Privacy Cases Reports: Highlights overdue cases, case distribution, trends of opened/closed cases, and issue counts.

    Key Outcomes

    Using the Privacy Management home page, ServiceNow customers can efficiently monitor their privacy compliance status, manage risks, and respond to privacy cases. This enables organizations to maintain a proactive approach to privacy management and ensure that compliance obligations are met effectively.

    The Privacy Management home page provides an overview of the complete privacy risk and compliance posture with details, such as the processing activity criticality score, privacy risk assessment status, privacy impact assessment status, control attestations, issues-specific status, and privacy cases.

    The home page is organized into four tabs: Processing activity, Risk and compliance, Operations, and Privacy cases.

    Figure 1. Privacy management home page
    Processing activity tab of the Privacy management dashboard.

    Required roles

    To view the home page, you must have sn_privacy.manager and the sn_privacy.analyst roles.

    Use cases

    For examples of how different people in your organization would use this home page, see the following use cases.
    User Dashboard use
    Privacy manager The privacy manager can view and understand the privacy compliance posture considering all the processing activities and privacy assessments. They can also view the privacy team's tasks.
    Privacy analyst The privacy analyst can view and understand the privacy compliance posture considering only the processing activities assigned to the privacy analyst. They can also access the tasks that need their attention.

    Processing activity reports

    Table 1. Reports on the Processing activity dashboard
    Title Description
    All processing activities by state Count of processing activities in each state: New, Discover, Review, Monitor, and Retired.
    Processing activities by criticality score Distribution of active processing activities by criticality score.
    Processing activities by department Number of processing activities grouped by department.
    Least compliant processing activities List of processing activities with the lowest compliance scores, including the criticality score and aggregated residual risk.
    Processing activities by data subject type Number of processing activities grouped by data subject, such as employees, contractors, customers, and patients.
    Processing activities by information object category Number of processing activities grouped by information object, such as demographic data, family background, biometric data, racial or ethnic origin, medical health, and location tracking.
    Processing activities by type Distribution of processing activities by type, such as business process, application, business application, or business entity.
    Processing activities by data processing role Distribution of processing activities by data processing role, such as controller or processor.

    Risk and compliance reports

    Figure 2. Risk and compliance dashboard
    Reports on the Risk and compliance tab of the Privacy Management home page.
    Title Description
    Processing activities by aggregated risk score Distribution of processing activities by aggregated risk score. You can filter by risk classification.
    Risk heatmap Distribution of processing activities by residual/inherent risk and control effectiveness levels.
    Compliance overview Compliance status of controls for individual authority documents or policies, including the compliance score, related issues, and privacy cases. Toggle between Authority documents and Policies to switch views.
    Control objectives needing attention Control objectives that are marked as non-compliant and the number of impacted processing activities.

    Operations reports

    Figure 3. Operations dashboard
    Reports on the Operations tab of the Privacy Management home page.
    Title Description
    Risk assessments Number of risk assessments by state (new and in progress), including counts for open, overdue, and due in 7 days.
    Privacy assessments Number of privacy assessments by state (assigned, work in progress, and draft), including counts for open, overdue, and due in 7 days. You can filter by available assessment templates.
    Issues Number of issues by priority, including counts for open, overdue, and due in 7 days.
    Policy exceptions Number of policy exceptions by risk rating, with counts for open, overdue, and due in 7 days.
    Control assurance Control assurance status across three areas.
    • Attestations: Number of open and overdue attestations.
    • Indicators: Number of open indicators and indicators that failed in the last 6 months.
    • Control tests: Number of open and overdue control tests.

    Privacy cases reports

    Table 2. Reports on the Privacy cases dashboard
    Title Description
    Needs attention Number of overdue cases, cases due in 7 days, and unassigned cases.
    Case overview Distribution of cases by state, by breach status, and by priority.
    Cases Number of privacy cases. You can filter the view by subtypes.
    Cases by primary cause Distribution of privacy cases grouped by primary cause.
    Opened and closed cases in last 12 months Trend of opened and closed cases over the last 12 months.
    Issues Number of issues by priority, with counts for open, overdue, and due in 7 days.