SOX Content Pack dashboard and reports
Summarize
Summarized using AI
This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.
Summary of SOX Content Pack dashboard and reports
The SOX Content Pack provides comprehensive dashboards and reports designed to streamline Sarbanes-Oxley (SOX) compliance, risk management, and audit activities within ServiceNow. These dashboards consolidate multiple SOX-related reports into single views tailored for various Governance, Risk, and Compliance (GRC) roles, enabling efficient monitoring and management of controls, risks, attestations, and audit issues.
Show less
Role-Based Access and Permissions
Access to SOX dashboards and reports is controlled through specific GRC roles, ensuring users see and manage information appropriate to their responsibilities:
- Policy and Compliance Management: Compliance Reader, Compliance Manager, and Compliance Admin roles provide read or edit access to SOX Compliance, Risk, and Process dashboards.
- Risk Management: Risk Reader, Risk Manager, and Risk Admin roles grant varying read and edit permissions over SOX Risk and Compliance Dashboards and processes.
- Audit Management: Audit User and Audit Admin roles allow reading or editing of SOX Compliance, Risk, and Audit Dashboards and processes.
SOX Compliance Dashboard
Accessible via SOX > SOX Compliance Dashboard, this dashboard offers an overview of SOX controls, attestations, and control issues, including:
- Compliance Overview: Displays key controls, controls by profile and type, control compliance status, failed controls, control exceptions.
- Attestation Overview: Tracks attestation status such as pending, past due, by profile, and individual attestations.
- Issue Overview: Shows issues categorized by due periods (past due, pending, upcoming), by profile, owner, closure rate, and policy.
SOX Risk Dashboard
Located at SOX > SOX Risk Dashboard, this dashboard summarizes risks, assessments, and risk-related issues across SOX processes:
- Risk Overview: Visualizes risk levels (very high to very low), risks by profile, response, compliance, and risk heatmaps (inherent and residual).
- Assessment Overview: Provides status of risk assessments including pending, past due, by profile, and personal assessments.
- Issue Overview: Monitors open risk issues with categorization by due dates, profile, owner, closure rate, and related policies.
SOX Audit Dashboard
Found at SOX > SOX Audit Dashboard, this dashboard focuses on audit progress and issue tracking:
- Audit Overview: Tracks audit tasks by due dates, aiding audit managers in monitoring ongoing audits.
- Issue Overview: Displays audit issues by due date, profile, owner, and entity to help audit teams manage pending issues effectively.
Benefits for ServiceNow Customers
ServiceNow customers leveraging the SOX Content Pack can expect streamlined visibility into SOX compliance status, risk posture, and audit progress through role-specific dashboards. This setup enhances collaboration across compliance, risk, and audit teams, facilitates timely issue resolution, and supports informed decision-making to maintain SOX regulatory requirements efficiently.
The SOX Content Pack dashboards display multiple SOX reports on a single screen. Various GRC roles have read or edit access to these dashboards.
Policy and Compliance Management roles for SOX
- The Compliance Reader (sn_compliance.reader) can read SOX Compliance Dashboard and SOX Processes
- Compliance Manager (sn_compliance.manager) can read SOX Compliance Dashboard, SOX Risk Dashboard, and edit SOX Processes
- The Compliance Admin (sn_compliance.admin) can read SOX Risk Dashboard and edit SOX Compliance Dashboard and SOX Processes
Risk Management roles for SOX
- Risk Reader (sn_risk.reader) can read SOX Risk Dashboard and SOX Processes
- Risk Manager (sn_risk.manager) can read SOX Compliance Dashboard, SOX Risk Dashboard and edit SOX Processes
- Risk Admin (sn_risk.admin) can read SOX Compliance Dashboard and edit SOX Risk Dashboard and SOX Processes
Audit Management roles for SOX
- Audit User (sn_audit.user) can read SOX Compliance Dashboard, SOX Risk Dashboard and SOX Processes
- Audit Admin (sn_audit.admin) can read SOX Compliance Dashboard, SOX Risk Dashboard and edit SOX Audit Dashboard and SOX Processes
SOX Compliance Dashboard
The SOX Compliance Dashboard displays an overview of all controls, attestations, and control issues. Navigate to . The following reports are available:
- Compliance Overview
- This dashboard shows the compliance overview of SOX policies and controls, and the effect on the entities related to SOX processes. It also shows:
- Key Controls
- Controls by Profile
- Control Compliance
- Controls by type
- Failed Controls
- Control Exceptions
- Attestation Overview
- This dashboard provides an overview of all the attestations related to SOX controls, and it helps to monitor the status and progress of attestations for the compliance teams to track. It shows:
- Pending Attestations
- Past due Attestations
- Attestations by Profiles
- My Attestations
- Issue Overview
- This dashboard provides an overview of all issues related to the SOX controls. It shows:
- Issues past due 90 days
- Issues pending 30 to 90 days
- Issues pending 30 days
- Issues due in next 30 days
- Issues by Profile
- Pending Issues by Owner
- Issues Closure Rate
- Control Issues by Policy
SOX Risk Dashboard
The SOX Risk Dashboard displays an overview of all risks, assessments, and risk issues. Navigate to . The following reports are available:
- Risk Overview
- This dashboard provides an overview of the risks related to SOX processes and controls. It shows:
- Very high risk
- High risk
- Moderate risk
- Low risk
- Very low risk
- Risks by profile
- Risks by Response
- Inherent risk heatmap
- Residual risk heatmap
- Risks by Compliance
- Risk Exception
- Assessment Overview
- This dashboard provides the overview of the risk assessment for risks related to SOX processes and controls. It shows:
- Pending Assessments
- Past due Assessments
- Assessments by Profiles
- My Assessments
- Issue Overview
- This dashboard provides the overview of the risk issues related to SOX processes and controls, and helps the risk teams monitor the open issues that are assigned to the owners. It shows:
- Issues past due 90 days
- Issues pending 30 to 90 days
- Issues pending 30 days
- Issues due in next 30 days
- Issues by profile
- Pending Issues by Owner
- Issues Closure Rate
- Risks Issues by Policy
SOX Audit Dashboard
The SOX Audit Dashboard displays an overview of all audits and audit issues. Navigate to . The following reports are available:
- Audit Overview
- This dashboard provides the progress of the ongoing SOX audits and monitors the various audit tasks. This is useful for the Audit managers. It shows :
- Audit Tasks Due > 90 Days
- Audit Tasks Due 90 to 30 Days
- Audit Tasks Due Last 30 Days
- Audit Tasks Due in Next 30 Days
- Issue Overview
- This dashboard provides the progress of issues and helps audit teams to monitor the pending issues. It shows:
- Issues Due > 90 days
- Issues Due 30-90 days
- Issues Due Last 30 days
- Issues Due in Next 30 days
- Issues by profile
- Issues by Owner
- Pending Issues by Entity