Configure Digital resilience incident reporting

  • Release version: Yokohama
  • Updated July 31, 2025
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Configure Digital Resilience Incident Reporting

    Digital Resilience Incident administrators can configure automated incident reporting within the Digital Resilience Incident Reporting application using Workflow Studio. This enables organizations to automatically generate and manage Digital Resilience Incident (DRI) cases from incidents or security incidents based on predefined conditions. Operational Resilience administrators set up necessary templates, configurations, and case types to facilitate report generation and case management.

    Show full answer Show less

    Key Features

    • Template and Module Setup: Administrators configure Word templates and template configurations for generating Microsoft Word reports. The Digital Resilience Incident Case module tracks all DRI cases linked to incidents or security incidents.
    • Regulation Mappings: Each DRI case record includes a new related list showing relationships between case entities and applicable regulations, enhancing regulatory compliance visibility.
    • Workflow Studio Flows: Preconfigured flows enable creation and updating of DRI cases from incidents or security incidents. New flows support action task automation, regulation management, and multi-regulator triggers.
    • Deprecated and Active Flows: Some older flows have been deprecated in favor of newer ones, but administrators can revert if needed by deactivating new flows and reactivating the older ones.
    • Condition Configuration: Administrators can customize conditions such as incident priority, urgency, and open duration to trigger automatic reporting in DRI. Conditions also exist for incident updates and reopenings.
    • Integration with Security Incident Response: If the Security Incident Response application is installed, specific flows related to security incidents appear and integrate with DRI reporting.

    Required and Optional Plugins

    The Digital Resilience Incident Reporting application depends on several required plugins for full functionality, including Document Designer, Digital Operational Resilience Management, GRC components, Regulatory Agency Library, and Smart Assessment modules. Optional plugins include Security Incident Response and Digital Resilience Third-party Information Register, which enhance specific capabilities if installed.

    Practical Benefits for ServiceNow Customers

    This configuration empowers Operational Resilience administrators to streamline incident reporting processes, ensuring timely and automated creation of Digital Resilience Incident cases aligned with organizational policies and regulatory requirements. By leveraging prebuilt workflows and customizable conditions, customers can efficiently manage digital resilience incidents, maintain regulatory compliance, and improve response coordination across incident and security teams.

    Digital Resilience Incident administrators can configure conditions in Workflow Studio to auto-trigger incident reporting in Digital resilience incident reporting.

    Setting up templates and modules

    Operational Resilience administrators set up Word templates, Template configurations, and the Digital resilience incident (DRI) case type required for Digital resilience incident reporting as shown in the example.

    Set up the templates.

    Configure Word Templates and Template Configurations for generating reports in Microsoft Word format. For more information, see Generating Microsoft Word reports using Document designer.

    The Digital Resilience Incident Case module lists all Digital Resilience Incident Cases associated with an incident or security incident. A new 'Regulation Mappings' related list is now available in each Digital Resilience Incident Case record. It displays the relationships between entities related to the cases and their corresponding regulations.

    Conditions for setting up the Workflow

    Workflow Studio contains preconfigured flows and conditions for creating DRI case tasks from incidents in the Incident Management or Security Incident Response applications. Access the Digital resilience incident reporting flows by navigating to Workflow Studio > Flows > Flow Designer.

    The following flows, previously used in the Digital resilience incident reporting application, have been deprecated:
    1. Digital Resilience Incident Flow
    2. Digital Resilience SIR Flow
    3. DRI Business service Trigger
    Note:
    To use the previously deployed flows, deactivate the new flows (listed in this section) and then activate the Digital Resilience Incident Flow, Digital Resilience SIR Flow, and DRI Business Service Trigger Flow.
    The following flows in Digital resilience incident reporting are still active:
    1. Digital Resilience Incident Approval Flow
    2. DRI case create/update on incident update
    3. DRI case create/update on security incident update
    4. DRI case creation on incident entity insert
    5. DRI case creation on SIR entity insert
    New flows have been introduced in Digital resilience incident reporting to manage action tasks, regulations, and trigger conditions for multiple regulators, as illustrated in the example:
    1. Action task automation for regulation addition
    2. Action task automation on action task update
    3. Action task automation on DRI case updates
    4. Action task automation on regulation updates
    5. DRI Business Service Trigger For Multiple Regulators
    Digital resilience incident reporting flows. For the text description, refer to the text that precedes this image.
    Note:
    If the Security Incident Response application is installed in your instance, flows related to the security incidents (SIR) are listed in the Flows list view.

    The Digital Resilience Incident Flow and Digital Resilience SIR Flow are prebuilt into the Digital resilience incident reporting application. The flow configuration impacts all incident records in the instance. As administrators of the Operational Resilience application, you can update (customize) the flow configurations to meet your organizational requirements as shown in the example.

    Conditions. For the text description of the conditions, refer to the text that follows.
    Insert condition
    Conditions such as the priority of the incident is Critical, the urgency is High, and the incident has been open for more than 24 hours, are prebuilt in the flow. When all these conditions are met, it’s automatically reported in the Digital resilience incident reporting application.
    Update condition
    When an incident is reopened or updated, that classification condition is also defined in the flow. When the configured conditions are met, the incident is reported in the Digital resilience incident reporting application.

    Required and optional plugins

    The Digital resilience incident reporting application is available from the ServiceNow Store. This section details its required and optional plugins.

    Table 1. List of required plugins
    Application name Plugin
    Document designer (com.sn_grc_doc_design)
    Digital Operational Resilience Management (com.sn_app_grc_digital_resilience)
    GRC (app-grc)
    GRC Base Workspace (app-grc-base-workspace)
    GRC: Compliance Case Management (app-grc-case-mgmt)
    GRC Operational Resilience app-grc-operational-resilience (com.sn_grc_oper_res)
    GRC: Policy and Compliance Management (com.sn_compliance)
    Regulatory Agency Library (com.sn_reg_body_mgmt)
    Reusable impact framework (sn-reusable-impact-framework)
    Smart Assessment impact automation (app-smart-assessment-impact-automation)
    Smart Assessment response automation (app-smart-assessment-response-automation)
    Smart Assessment Core (sn_smart_asmt)
    Smart Assessment designer (sn_smart_asmt_desg)
    Table 2. List of optional plugins
    Application name Plugin
    Security Incident Response (app-sir)
    Digital Resilience Third-party Information Register (sn_info_reg)