Create a COE security policy

  • Versão de lançamento: Australia
  • Atualizado 12 de mar. de 2026
  • 1 min. de leitura

    • Use COE Security Configuration to define group restrictions for a COE and for all or specific HR services under it.

    Antes de Iniciar

    Role required: admin, sn_hr_er.admin

    Certain users will be able to access a COE even it is restricted. For example, Opened for, Opened by, Watch List and Collaborators get access to a restricted COE irrespective of its security policies.

    COE security policies are a way to easily restrict access to different COEs via configuration. The underlying COE security policy implementations are ServiceNow ACLs.

    Procedimento

    1. Navigate to All > HR Administration > COE Security Configuration.
    2. Click New.
    3. On the form, fill in the fields.
      Tabela 1. COE Security Policy form
      Field Description
      Policy name Name that you want to give to the security policy that is created for the Center of Excellence (COE).
      COE Center of Excellence (COE) that you want to create a security policy for.
      Nota:
      The COEs that appear depend on the Application selected.
      Applies to all services Option to apply all HR services for the COE security policy.
      Applies to all child COEs Option to apply the security policy on child COEs of the parent COE.
      Short description More information about the security policy that is created for the Center of Excellence (COE).
      Services HR service that the COE security policy applies to.

      This field appears only if the Applies to all services check box is not selected.
      Application Application that the COE security policy applies to.
      Active Option to indicate the active status of the COE security policy. Only active security policies are applied.
      Type Access that you want your HR agents to have for the cases that fall under the COE or HR services.

      Valid values:

      • Read
      • Write
      Applies when Condition statement that filters an HR case.

      If the HR case matches the conditions, the COE security policy applies to it.

      You can create conditions based on key words or fields from the HR case.

      When defining conditions like case sensitivity or null values, see API GlideFilter - Scoped, Global.
      Nota:
      An empty filter condition matches all records for the selected COE.
    4. Click Save or Submit.
    5. Add the groups that you want the COE security policy to grant access to.
      Nota:
      Leave this list blank to ensure no groups have access through the COE security policy.
    6. Click Update.