Compliance request workflow

  • Release version: Yokohama
  • Updated January 30, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Compliance request workflow

    The Compliance request workflow in the GRC: Compliance Case Management application enables organizations to raise and manage compliance requests efficiently. This workflow streamlines how compliance teams address requests, ensuring effective handling and resolution within the organization.

    Show full answer Show less

    Key Features

    • Raising Requests: Business users or compliance teams can initiate compliance requests via the Employee Center or Compliance Workspace applications.
    • Triage Stage: Assigned request analysts evaluate the validity of requests to ensure only relevant cases proceed.
    • In Progress Stage: Analysts determine request requirements, verify eligibility, and identify supporting documentation such as policies, controls, and control objectives. They can approve, reject, or escalate requests for stakeholder approvals.
    • Awaiting Approval: Requests undergo approval evaluation, which can involve multiple approvers. The “Any Approvers” option allows closure upon the first approval or rejection.
    • Cancellation: Requests can be canceled at any stage with justification provided to the requester if deemed not a compliance request.
    • Closure: After final approval or rejection and completion of necessary actions, requests move to the Closed stage, indicating resolution.

    Key Outcomes

    By following this workflow, ServiceNow customers can ensure that compliance requests are systematically validated, processed, approved, or canceled with clear accountability. This structured approach improves compliance management efficiency, reduces unnecessary work on invalid requests, and provides transparency to requesters regarding the status and outcomes of their requests.

    Use the request workflow in the Compliance Case Management application to raise and manage compliance requests within an organization. By using this workflow, your compliance requests are addressed effectively and efficiently by your compliance team.

    The following diagram shows the workflow of a compliance request in the GRC: Compliance Case Management application.

    Figure 1. GRC: Compliance Case Management workflow
    Workflow of a compliance request.
    The different stages of a compliance request are described as follows:
    • Raise a compliance request
    • Triage the compliance request
    • Working on a compliance request
    • Awaiting request approval
    • Cancel a compliance request
    • Close a compliance request

    Raise a compliance request

    A business user or a compliance team can raise a compliance request in the Employee Center application. Compliance case team can raise requests in the Compliance Workspace application. For more information, see Raising a compliance request in GRC: Compliance Case Management.

    Triage the compliance request

    After a compliance request is raised, the compliance team assigns a request analyst to work on the case. The request analyst then triages the case from a validity standpoint. By conducting this evaluation, the request analyst ensures that only the valid and relevant requests proceed further in the compliance process. After the request analyst verifies the request as valid, the request moves to the In progress state.

    Working on a compliance request

    In the In progress stage, the request analyst determines all the requirements for the raised request. The request analyst verifies the eligibility of the request and identifies any supporting documents, such as the policies, controls, citations, and control objectives that are related to the request. The case analyst can approve or reject the compliance request. If necessary, the analyst can seek approvals from the various stakeholders.

    Awaiting request approval

    After the request has been reviewed, it reaches this stage where a decision is made regarding its approval or rejection. This stage involves evaluating the raised request. If the request meets the necessary criteria, it’s approved. Otherwise, it may be rejected with the justifications provided to the requester. Requests can be sent for approval to multiple users and can be approved or rejected by any one of them. The Any Approvers option enables the request to be closed as soon as it receives an approval or rejection from any of the assigned approvers. For more information, see Create an approval workflow.

    Cancel a compliance request

    In this stage, a request may need to be canceled if it isn't a compliance request. A request can be canceled with the justifications provided to the requester. A request can be canceled at any stage, including Triage, In Progress, and Awaiting Approval states.

    Close a compliance request

    After a compliance request is fully processed and approved or rejected, it enters the Closed stage. This stage indicates that all the necessary actions that are related to the request have been taken. The request is considered resolved, and no further actions are required.