Compliance score calculation for a citation
Summarize
Summary of Compliance Score Calculation for a Citation
This document outlines the methodologies used to calculate a citation's compliance score in ServiceNow, detailing both the old and new formulas, as well as the impact of enabling certain properties on the calculation process.
Show less
Key Features
- Old Formula: Compliance Score for a Citation = Average(Child Citations + Associated Control Objectives). This method considers the compliance scores of child citations and associated control objectives.
- New Formula: Compliance Score for a Citation = (Average of child citations + Average of directly linked Controls) ÷ 2. The new method excludes control objectives and focuses on directly linked controls.
- Weighted Control Average: When enabled, this property alters the compliance score calculation by factoring in the weights of compliant and non-compliant controls, providing a more nuanced score.
Key Outcomes
With the new scoring methodology, customers can expect a more accurate reflection of compliance based on directly linked controls rather than associated objectives. The use of a weighted average further enhances the reliability of the compliance score by accounting for the significance of compliant controls. This enables ServiceNow customers to make informed decisions based on precise compliance metrics.
Two methodologies determine a citation's compliance score. The previous method (which averaged child citations and associated control objectives) and the current method (which averages child citations and directly linked controls)
Old formula (before enabling property)
Compliance Score for a Citation = Average(Child Citations + Associated Control Objectives)
Under the old calculation method, a citation’s compliance score is based on the following factors:
- The compliance scores of its child citations
- The compliance scores of its associated control objectives.
Example 1:
If a citation has no child citations and is associated with one control objective that has a compliance score of 42%, then the citation’s compliance score is 42%.
The control objective’s score (42%) comes from averaging its own controls (50%) and its child control objective’s score (33%).
Example 2:
If a citation has one child citation with a compliance score of 70% and one associated control objective with a compliance score of 42%, then the compliance score is 56%, which comes from averaging 70% and 42%.
Compliance Score = (70% + 40%) ÷ 2 = 56%
New formula (after enabling property)
Compliance Score for a Citation =
(Average of child citations + Average of directly linked Controls) ÷ 2
With the new feature enabled, the compliance score calculation changes significantly:
- Control objective scores are no longer used.
- Instead, the calculation considers the compliance scores of directly linked controls (Level 1 controls). Note:Level 1 controls are the controls of the control objectives directly associated with the citation.
Example:
Average compliance score for controls =
(100% + 0% + 100% + 0%) ÷ 4 = 50%Weighted control average
When the Use weighted control average when calculating compliance scores property is enabled, the compliance score of a citation changes.
- Controls associated to the citation through one control objective: 3
- The status of the controls: 1 compliant, 2 non-compliant
- The weights of each control:
- Control A (Compliant) → 100
- Control B (Non-compliant) → 10
- Control C (Non-compliant) → 10
Compliance score = (100% + 0% + 0%) ÷ 3 = 33%Compliance score = (Sum of weights of compliant controls X 100)
÷ Sum of weights of all the controls
So Compliance score = (100 X 100) ÷ 120 = 83.3%