Roles installed with Operational Resilience

Xanadu Governance, Risk, and Compliance

Release

xanadu

ft:locale

en-US

ft:publication_title

Xanadu Governance, Risk, and Compliance

ft:clusterId

grc

bundleId

grc

workflow

Technology

Roles installed with Operational Resilience

Release version: Xanadu

Updated July 31, 2025

4 minutes to read

Summarize

Summarized using AI

Summary of Roles Installed with Operational Resilience

The Operational Resilience application includes several roles designed to facilitate various functions related to operational resilience management. Each role has specific responsibilities that support the configuration, management, and reporting of operational resilience activities within the organization.

Show full answer Show less

Key Features

Operational Resilience Administrator: Configures scenarios, sets up entities, and customizes dashboards. Requires the ITIL role for CMDB relationships.
Operational Resilience Manager: Ensures operational resilience through dashboards and reports, and reviews supporting data.
Operational Resilience User: Reviews reports and completes impact tolerance assessments. Can access vulnerability data.
BCM and Operational Resilience Roles: Include various combinations that provide access to BCM and Operational Resilience functionalities.
IRM Operational Resilience Roles: Designed for Integrated Risk Management users, enabling limited access to specific functionalities.
Incident Reporting Roles: Specific roles for managing and participating in incident reporting activities related to digital resilience.

Key Outcomes

By utilizing these roles, ServiceNow customers can effectively manage and report on operational resilience, ensuring that they meet compliance and risk management standards. Access to specific workspaces and functionalities is streamlined based on role assignment, enhancing operational efficiency and oversight.

Several types of roles are installed with the Operational Resilience application.

Roles that are installed with Operational Resilience

Note:

For more information on roles and FAQs, see KB0555605.

Table 1. Roles installed with Operational Resilience
Role name	Description
Operational Resilience administrator [sn_oper_res.admin]	The Operational Resilience administrator is responsible for: Configuring scenarios Setting up entity types, entity filters, and reporting pillars based on dashboard requests from the business teams. Customizing reports on the Operational Resilience dashboard. The Operational Resilience administrator should have the ITIL role to add the CMDB relationship between the service and the process. The Operational Resilience administrator role contains the following roles: sn_grc.admin sn_oper_res.manager Contains sn_grc_case_mgmt.grc_case_admin, who inherits the ability to set up the vulnerability type, state models, vulnerability assessment templates, and document templates.
Operational Resilience Manager [sn_oper_res.manager]	The Operational Resilience Manager is responsible for: Ensuring operational resilience in the organization using the dashboards and reports Reviewing reports on the Operational Resilience dashboard, as well as supporting data. The Operational Resilience Manager role contains the following roles: sn_grc.manager sn_compliance.reader sn_oper_res.user sn_risk.reader Contains sn_grc_case_mgmt.grc_case_manager, who inherits the ability to submit operational vulnerability (A type of case).
Operational Resilience User [sn_oper_res.user]	The Operational Resilience User is responsible for: Reviewing reports on the Operational Resilience dashboard, as well as supporting data. Completing impact tolerance and test plans for individuals assigned to the service impact analysis. The Operational Resilience User can access the Vulnerability Response data. The Operational Resilience User role contains the following roles: sn_incident.read sn_grc.reader task_editor Contains sn_grc_case_mgmt.grc_case_business_user, who can be assigned tasks or issues in the operational vulnerability.
sn_oper_res.operational_resilience_business_user	Submits "Report operational vulnerability" from the employee center from: instancename/esc?id=emp_taxonomy_topic&topic_id=14aedd93a314121051b1ab18951e6150&in_context=true
BCM and Operational Resilience Administrator [sn_oper_res.bcm_opres_admin]	The BCM and Operational Resilience Administrator role contains the following roles: sn_oper_res.bcm_opres_manager sn_oper_res.admin
BCM and Operational Resilience Manager [sn_oper_res.bcm_opres_manager]	The BCM and Operational Resilience Manager role contains the following roles: sn_oper_res.bcm_opres_user sn_oper_res.manager
BCM and Operational Resilience User [sn_oper_res.bcm_opres_user]	The BCM and Operational Resilience User role has the following permissions: Can read the BCM UIB Workspace. Cannot access the IRM reports or data. The BCM and Operational Resilience User role contains the following roles: sn_bcm.viewer sn_oper_res.user
IRM Operational Resilience User [sn_oper_res.irm_opres_user]	The Integrated Risk Management (IRM) Operational Resilience User role cannot access the BCM reports and data. It contains: sn_grc.reader sn_oper_res.user The following user roles are contained only when policy and compliance management and risk management are installed: sn_compliance.reader sn_risk.reader
IRM Operational Resilience Administrator [sn_oper_res.irm_opres_admin]	The IRM Operational Resilience Administrator role contains the following roles: sn_oper_res.irm_opres_manager sn_oper_res.admin
IRM Operational Resilience Manager [sn_oper_res.irm_opres_manager]	The IRM Operational Resilience Manager role contains the following roles: sn_oper_res.irm_opres_user sn_oper_res.manager

Table 2. Model types when Lite Apps are installed
Roles	Family	Comments
sn_oper_res.admin	IRM	None
sn_oper_res.manager	IRM	None
sn_oper_res.user	IRM	The sn_oper_res.user role is required to access Vulnerability profile records.
New roles introduced
sn_oper_res.bcm_opres_admin	BCM	The sn_bcm.viewer role is required to access the BCM Configurable Workspace. A user with the sn_oper_res.bcm_opres_user+ role can access both Operational Resilience Workspace and BCM Configurable Workspace.
sn_oper_res.bcm_opres_manager	BCM
sn_oper_res.bcm_opres_user	BCM
sn_oper_res.irm_opres_admin	IRM	A user with the sn_oper_res.irm_opres_user+ role can access the Operational Resilience Workspace, but cannot access the Compliance Workspace and Risk Workspace. Extra roles are needed to access the Compliance Workspace and Risk Workspace.
sn_oper_res.irm_opres_manager	IRM
sn_oper_res.irm_opres_user	IRM

Roles created for BCM Professional and IRM Professional

The following roles are created for the BCM Professional users:
Note:
When the app-grc-bcm-lite applications are not installed, the users with these roles are counted as operators.
- sn_oper_res.bcm_opres_admin
- sn_oper_res.bcm_opres_manager
- sn_oper_res.bcm_opres_user
The following roles are created for the IRM Professional users:
Note:
When the app-grc-bcm-lite applications are not installed, the users with these roles are counted as operators.
- sn_oper_res.irm_opres_admin
- sn_oper_res.irm_opres_manager
- sn_oper_res.irm_opres_user
When the following Lite applications are installed, the users with the sn_oper_res.bcm_opres_user, sn_oper_res.irm_opres_user, or sn_oper_res.user roles are counted as Lite operators.
- BCM Lite application: app-grc-bcm-lite (Plugin id: com.snc.app_grc_bcm_lite)
- IRM Lite application: app-grc-business-user-lite (Plugin id: com.sn_grc_lite)
The sn_oper_res.admin, sn_oper_res.manager, and sn_oper_res.user roles are included in IRM.

Roles required for accessing the Workspaces

A user with one of the following roles can access the Operational Resilience Workspace and BCM Configurable Workspace:

sn_oper_res.bcm_opres_user
sn_oper_res.bcm_opres_manager
sn_oper_res.bcm_opres_admin

A user with any following role can access the Operational Resilience Workspace:

sn_oper_res.irm_opres_user
sn_oper_res.irm_opres_manager
sn_oper_res.irm_opres_admin

A user with one of the following roles can access the Risk Workspace:

sn_risk_workspace.business_op_risk_manager
sn_risk_workspace.IT_risk_manager
sn_risk_workspace.operatonal_risk_manager

A user with one of the following roles can access the Compliance Workspace:

sn_compliance_ws.corporate_compliance_analyst
sn_compliance_ws.corporate_compliance_manager
sn_compliance_ws.it_compliance_manager

Roles used for reporting the incidents

The following roles are used for reporting incidents in the Digital resilience incident reporting module.

Table 3. Roles used for reporting the incidents
Role	Description
sn_dri_inc_rptg.digital_resilience_incident_admin	Role for setting up administrative and Digital resilience incident activities.
sn_dri_inc_rptg.digital_resilience_incident_manager	Role for creating Operational Resilience and Digital resilience incident activities.
sn_dri_inc_rptg.digital_resilience_incident_user	Role for participating in Operational Resilience and Digital resilience incident activities.

Plugin dependencies for BCM Professional

For BCM Professional, the following mandatory applications are installed with Operational Resilience. BCM plugins.

Business Continuity Planning (com.snc.bcm.app_bcm_planning)
Business Impact Analysis (com.snc.bcm.app_bcm_bia)
Crisis Management (com.snc.bcm.app_bcm_exercise)
Data Relationships Framework (com.sn_app_grc_relationship_config)
Optional: Vulnerability Response (com.snc.vulnerability)

Plugin dependencies for IRM Professional

For IRM Professional, the following mandatory applications are installed with Operational Resilience. IRM plugins.

Advanced Risk Assessment (com.sn_risk_advanced)
Data Relationships Framework (com.sn_app_grc_relationship_config)
Policy and Compliance Management (com.sn_compliance)
Risk Management (com.sn_risk)
Optional: Vulnerability Response (com.snc.vulnerability)