Resilience metrics

  • Release version: Xanadu
  • Updated July 31, 2025
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Resilience metrics

    The Operational Resilience Workspace provides a centralized landing page where ServiceNow customers can view resilience metrics for services, business services, and organizational pillars. These metrics help monitor operational status, completed activities, red flags, and improvement suggestions.

    Show full answer Show less

    Key Features

    • Services overview tab: Displays the status and resilience metrics of services using the Service (CMDB) Main node configuration, including operational status and risk indicators.
    • Business services overview tab: Shows resilience metrics for business services based on the OpRes with CSDM header Main node configuration, including red flags and completed activities.
    • Pillars overview tab: Provides status and resilience metrics for organizational pillars.
    • Configurable UI: Administrators can show or hide the Services or Business services overview tabs to align with organizational needs.
    • Third-party Risk Management (TPRM) integration: Starting with release 21.0.x, TPRM risk assessments with very high risk ratings and specific states are integrated as red flags in the reports for business services, service offerings, and business processes.
    • Role-based access: Viewing related lists, red flags, and third-party risk data requires appropriate user roles. If TPRM is installed, users with the TPRM viewer role can access risk red flags without needing IRM roles.
    • Separate reports by user roles: Different reports are available for BCM Professional and IRM Professional users, with roles defined to control creation, participation, and management of operational resilience, BCM, and IRM activities.

    Key Outcomes

    • Customers can efficiently monitor the resilience and operational health of their services and pillars through a consolidated workspace.
    • Integration with TPRM enhances risk visibility by incorporating third-party risk assessments as actionable red flags.
    • Role-based controls ensure that users have appropriate access to resilience data and can engage in activities aligned with their responsibilities.
    • Administrators can tailor the workspace views to suit organizational structures and preferences, improving usability.

    You can view resilience metrics for services or business services, and pillars on the landing page of the Operational Resilience Workspace.

    Services, Business services, and Pillars overview

    The landing page displays a summary of the resilience metrics for the services or business services and pillars.

    Dashboard data.
    The landing page of the Operational Resilience Workspace displays the following tabs:
    • Services overview tab—Displays an overview of the status of the services in your organization. The Service (CMDB) Main node configuration fetches service-related data. Resilience metrics for the services, including their operational status, completed activities, red flags, and suggestions for improvements, are displayed on this tab. For information on the resilience metric displayed on the Services overview tab, see Services overview tab.
    • Business services overview tab—Displays the status of the business services in your organization. The Opres with CSDM header Main node configuration sets up the business services-related data. Resilience metrics for the business services, including their operational status, completed activities, red flags, and suggestions for improvements, are displayed on this tab. For information on the resilience metric displayed on the Business services overview tab, see Business services overview tab.
    • Pillars overview tab—Displays the status and metrics of the pillars in your organization. For information on the resilience metric displayed on the Pillars overview tab, see Pillars overview tab.

    Existing customers typically use the Service (CMDB) Main node configuration, while new customers use the OpRes with CSDM header Main node configuration. Depending on the setup done by your administrator, either the Services overview or the Business services overview tab, is shown on the landing page.

    Administrators or UI Builder administrators can show or hide these tabs from the Workspace view based on organizational needs. For information on how to display or hide either the Services overview or Business services overview tab, see Show Business services overview tab in Workspace view.

    Third-party Risk Management (TPRM) integration

    Starting with Operational Resilience, release 21.0.x, you can track third-party risk assessments as red flags in the Operational Resilience reports and the overview pages for business services, service offerings, and business processes.

    TPRM risk assessments are integrated into Operational Resilience if they meet the following conditions:
    • The risk rating is Very High (using the overridden risk rating if applicable).
    • The risk rating is valid beyond the current date.
    • The state is one of the following: Generating observations, Responses received, or Finalizing with third party.
    • The risk assessment applies to either the Company or an engagement.
    Opening a third-party risk assessment from Operational Resilience displays the same view as when accessed directly from the Vendor Management Workspace.

    To view Related lists and Red flags data in the Operational Resilience Workspace, you must have appropriate user roles as explained in this section.

    TPRM is not installed
    If TPRM is not installed, Operational Resilience users cannot access risk red flags without the IRM roles.
    TPRM is installed
    However, if TPRM is installed, Operational Resilience users can access both risk red flags and Third-party Risk Management red flags because they are assigned the TPRM viewer role. The TPRM viewer role includes risk viewer capabilities, thus eliminating the need for IRM roles.

    For information on the roles required to view the related lists and red flags data, see the "Roles to view elated lists and Red flags data" table in the Create New Service form page.

    Displaying reports for different user roles

    Separate reports are displayed in the Operational Resilience Workspace landing page for BCM Professional and IRM Professional users.

    Enhanced roles for accessing the reports

    The roles installed with Operational Resilience now contain the relationship for BCM Professional and IRM Professional users.

    All Operational Resilience users can access general reports on the landing page.

    The roles required to access the BCM and IRM reports in the Operational Resilience Workspace are explained in the following table.

    Table 1. Roles to access the reports
    Type of reports Required roles Information Contains
    BCM reports sn_oper_res.bcm_opres_admin Users with this role can create and delete both operational resilience activities and BCM activities.
    • sn_oper_res.admin
    • sn_bcm.bcm_opres_manager
    sn_oper_res.bcm_opres_manager Users with this role can create both operational resilience activities and BCM activities.
    • sn_oper_res.manager
    • sn_bcm.bcm_opres_user
    sn_oper_res.bcm_opres_user Users with this role can participate in both operational resilience activities and BCM activities.
    • sn_oper_res.user
    • sn_bcm.viewer
    IRM reports sn_oper_res.irm_opres_admin Users with this role can create and delete both operational resilience activities and IRM activities.
    • sn_oper_res.admin
    • sn_bcm.irm_opres_manager
    sn_oper_res.irm_opres_manager Users with this role can create both operational resilience activities and IRM activities.
    • sn_oper_res.manager
    • sn_bcm.irm_opres_user
    sn_oper_res.irm_opres_user Users with this role can participate in both operational resilience activities and IRM activities.
    • sn_oper_res.user
    • sn_compliance.reader
    • sn_risk.reader

    IRM reports.