Pre-requisites to enable policy redlining feature

  • Release version: Xanadu
  • Updated August 1, 2024
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Pre-requisites to Enable Policy Redlining Feature

    The policy redlining feature in the Compliance Workspace requires specific configurations for policy collaborators. It is exclusively available to ServiceNow cloud-based customers. This feature facilitates document management and collaboration for policy authoring by integrating with various cloud services.

    Show full answer Show less

    Key Features

    • Cloud Hosting Services: Supports integration with Microsoft OneDrive, Microsoft SharePoint, and Google Drive.
    • Required Spokes:
      • Microsoft OneDrive: Spoke 2.1.1 and Document Service Framework 1.0.5.
      • Microsoft SharePoint: Spoke 2.3.1 and Document Services Framework 2.0.0.
      • Google Drive: Document Service Framework 1.0.1 and Spoke 1.4.1.
    • Integration Hub Transactions: Required for O365 and Google Drive integration, necessitating an Automation Engine or Integration Hub entitlement.

    Key Outcomes

    To utilize the policy redlining feature, policy collaborators must:

    • Establish a connection with either Microsoft or Google Drive.
    • Set up necessary Azure App permissions for Microsoft services.
    • Configure system properties in ServiceNow to select the appropriate cloud hosting service.
    • Assign the mpdocumentuser role for access to document-related tables in the policy redlining feature.

    As an admin, you will manage the cloud connections, configure properties, and ensure users have the required roles for effective collaboration.

    Certain configurations are required to be set up for policy collaborators to use the policy redlining feature in the Compliance Workspace.

    Important:

    Currently, the policy authoring and redlining feature is available exclusively to ServiceNow cloud-based customers.

    Spoke support for cloud hosting services

    Spokes required for Policy authoring – integration with Microsoft Office 365
    • Microsoft OneDrive Spoke – 2.1.1
    • Microsoft OneDrive Spoke for Document Service Framework – 1.0.5
    Spokes required for Policy authoring – integration with Microsoft SharePoint
    • Microsoft OneDrive spoke 2.3.1
    • Document services framework for OneDrive – 2.0.0
    Spokes required for Policy authoring – integration with Google Drive
    • Document Service Framework for Google Drive Spoke – 1.0.1
    • Google Drive Spoke – 1.4.1
    Note:
    Integration Hub entitlements included in the Compliance Workspace are for Policy authoring – integration with O365 and integration with Google Drive. Using Microsoft integration or Google Drive integration requires Integration Hub transactions not included in the Compliance Workspace product but requires an Automation Engine or Integration Hub entitlement.

    Connecting to cloud hosting services

    If you’re a policy collaborator wanting to use the policy redlining feature in the Compliance Workspace, then you must set up the following configurations.
    Note:
    You can establish a connection with only one of the following cloud hosting services: either Microsoft or Google Drive.

    Microsoft implies both Microsoft OneDrive and Microsoft SharePoint.

    Establish a connection with cloud hosting services
    Connection with Microsoft OneDrive
    You must first set up the Microsoft OneDrive to perform actions in Microsoft OneDrive from ServiceNow. For more information, see Setup Microsoft OneDrive for Document Services.
    Note:
    To set up connection you require Microsoft Azure App permissions such as email, openid, profile, Files.ReadWrite, offline_access, User.Read, User.ReadBasic.All, Sites.ReadWrite.All.
    Connection with Microsoft SharePoint
    You must first set up the Microsoft SharePoint to perform actions in Microsoft SharePoint site from ServiceNow. For more information, see Setup Microsoft OneDrive for Document Services.

    The Microsoft OneDrive setup configured in ServiceNow is the same as that is done for Microsoft SharePoint as well. However, the Microsoft Azure App permissions are required for Microsoft SharePoint.

    Note:
    To set up connection you require Microsoft Azure App permissions such as email, openid, profile, Files.ReadWrite, offline_access, User.Read, User.ReadBasic.All, Sites.ReadWrite.All.
    Connection with Google Drive
    To set up Google Drive as a cloud hosting service and to create or update the policy text document that resides in Google Drive, you must:
    1. Set up Google Drive spoke account.
    2. Integrate the Document Services with Google Drive. For more information, see Document Services Framework for Google Drive.
    3. To manage documents in Google Docs from your ServiceNow instance, you must integrate the ServiceNow instance with Google docs. For more information, see Set up the Google Docs.

    Setting up system properties to connect with cloud hosting services

    Enable system properties to use policy redlining in Compliance Workspace
    1. Navigate to All > Policy and Compliance > Administration > GRC properties.
      1. To opt Microsoft OneDrive as your cloud hosting service, select One drive in the Select a file sharing service to host documents and attachments system property list.

        If you select None in the Select a file sharing service to host documents and attachments system property list, then you can import the policy text. For more information, see Import policy text for redlining.

      2. To opt Google Drive as your cloud hosting service, select Google drive in the Select a file sharing service to host documents and attachments system property list.
      3. To opt Microsoft SharePoint, select SharePoint in the Select a file sharing service to host documents and attachments system property list.
    2. Set the folder path that is to be created in Microsoft OneDrive in the Default folder path where documents and attachments will be located. You can organize files in sub-folders within this path system property list.
    Provide mp_document_user role
    The mp_document_user role is required to access policy redlining document-related tables. This role is required for users using the policy redlining feature to create, update, and delete the related documents.

    As a sys admin you can establish the cloud hosting connection, enable system properties, and provide the mp_document_user role and compliance user (sn_compliance.user) role for the policy redlining users.