Exploring Configuration Compliance

Washington DC Security Management

Release

washingtondc

ft:locale

en-US

ft:publication_title

Washington DC Security Management

ft:clusterId

security

bundleId

security

workflow

Technology

Exploring Configuration Compliance

Release version: Washingtondc

Updated August 8, 2025

2 minutes to read

Summarize

Summarized using AI

Summary of Exploring Configuration Compliance

The ServiceNow® Configuration Compliance application allows organizations to verify adherence to security and corporate policies by utilizing test results from third-party Secure Configuration Assessment (SCA) integrations. It helps identify, prioritize, and remediate non-compliant configuration items, thereby enhancing security posture.

Show full answer Show less

Key Features

Integrate with third-party tools to automatically import policies, tests, and authoritative sources.
Correlate policies and tests to configuration items, ensuring assets comply with established controls.
Streamline remediation processes across security, IT, and business stakeholders.
Utilize intelligent workflows and change management integration for efficient task hand-offs.
Access dashboards for real-time metrics on remediation status and compliance.

Key Outcomes

By leveraging Configuration Compliance, customers can focus remediation efforts on critical vulnerabilities, improve compliance rates, and ensure effective management of change requests related to remediation tasks. This facilitates better risk reduction and aligns security practices with overall business processes.

Use test results obtained from third-party Secure Configuration Assessment (SCA) integrations to verify compliance with security or corporate policies. Identify, prioritize, and remediate non-compliant configuration items.

Note:

Starting with v14.9 of Configuration Compliance, the following terms have been renamed:

Table 1. Changes in terminology
Terminology prior to v14.9	Terminology v14.9 onwards
Test Result Group	Remediation Task
Group Rules	Remediation Task Rules
Policy	Test group

What is Configuration Compliance

The ServiceNow® Configuration Compliance application enables you to prioritize and remediate the most critical configuration-related vulnerabilities in your environment quickly and efficiently. Configuration Compliance is available by subscription in the ServiceNow® Store.

Key features of Configuration Compliance

Use the Configuration Management Database (CMDB) in your ServiceNow AI Platform® to help you expose and fix your most critical configuration-related security vulnerabilities. Focus your remediation resources on activities with the greatest risk reduction. Streamline the remediation process across security, IT, and your business process stakeholders. The Configuration Compliance application includes the following key features:

With supported third-party integrations, automatically import policies, tests, authoritative sources, and technologies. See Configuration Compliance integrations for more information about supported integrations.
Correlate policies and tests to configuration items (assets) to identify configuration-related vulnerabilities and help you verify that your assets are in compliance with your policies and controls.
Unify configuration assessment, assignment, and remediation across all of your assets.
Configuration scanning content can be imported from leading Secure Configuration Assessment (SCA) ecosystem integration applications.
Configuration findings, test failures, can be grouped and routed automatically based on remediation specialist skill sets and areas of responsibility. Intelligent workflows and tight integration with change management provide smooth task hand-offs between groups.
When used with the ServiceNow Governance, Risk, and Compliance (GRC) application, configuration tests in Configuration Compliance can be rolled up to their corresponding GRC controls.
With enhanced change management, create pre-populated change requests for IT directly from Configuration Compliance to help you with your remediation tasks that require additional resources.
With dashboards, view remediation status metrics on remediation task, compliance test, and policy records.

Who uses Configuration Compliance

Configuration Compliance activities can involve many levels of management.

System administrators
Vulnerability administrators
Vulnerability managers
Vulnerability analysts
Compliance administrators

Configuration Compliance tasks involve the following roles.

sn_vulc.admin — can read, write, delete
sn_vulc.write — can read and write
sn_vulc.remediation_owner — Can read and update assigned records
Note:
The sn_vulc.remediation_owner role is also automatically assigned when any user is assigned the itil role.
sn_vulc.read — can read

Configuration Compliance and Security Operations

When the Qualys Vulnerability Integration and the Tenable Vulnerability Integration are installed, access to Vulnerability Response becomes available. You can have multiple deployments of these integrations. Data sourced from each deployment is identified and available in a single instance of GRC.

Available versions for Washington DC


Release version	Release notes
Configuration Compliance v14.11, 14.2, v15.0, v15.1, v15.2, v15.3	Configuration Compliance release notes For compatibility information, see KB0856498 Vulnerability Response Compatibility Matrix and Release Schema Changes