Pre-requisites to enable policy redlining feature

Release version: Yokohama

Updated January 30, 2025

3 minutes to read

Summarize

Summarized using AI

Summary of Pre-requisites to enable policy redlining feature

The policy redlining feature in ServiceNow's Compliance Workspace enables policy collaborators to create, update, and manage policy documents with integrated redlining capabilities. This feature is currently available only to ServiceNow cloud-based customers and requires specific configurations and integrations with cloud hosting services such as Microsoft OneDrive, Microsoft SharePoint, or Google Drive.

Show full answer Show less

Key Configurations and Integrations

Cloud Hosting Service Selection: You must connect to only one cloud hosting service—either Microsoft (OneDrive and SharePoint) or Google Drive—to host policy documents for redlining.
Required Spokes and Versions:
- For Microsoft Office 365 integration: Microsoft OneDrive Spoke (version 2.1.1 or 2.3.1) and Document Service Framework (versions 1.0.5 or 2.0.0 depending on OneDrive or SharePoint)
- For Google Drive integration: Google Drive Spoke (1.4.1) and Document Service Framework for Google Drive (1.0.1)
Integration Hub Entitlements: Integration Hub transactions required for Office 365 and Google Drive integrations are not included in the Compliance Workspace product and require separate Automation Engine or Integration Hub entitlements.
Microsoft Azure App Permissions: To connect to Microsoft OneDrive or SharePoint, specific Azure App permissions such as email, openid, profile, Files.ReadWrite, offlineaccess, User.Read, User.ReadBasic.All, and Sites.ReadWrite.All are necessary.
Google Drive Setup: Requires setting up a Google Drive spoke account, integrating Document Services with Google Drive, and integrating with Google Docs to manage documents from ServiceNow.

System Properties and User Roles

System Property Configuration: Navigate to All > Policy and Compliance > Administration > GRC properties to select the cloud hosting service under "Select a file sharing service to host documents and attachments." Options include OneDrive, SharePoint, Google Drive, or None (for importing policy text without cloud hosting).
Default Folder Path: Specify the folder path in Microsoft OneDrive where documents and attachments will be stored; sub-folders can be organized within this path.
User Roles: The mpdocumentuser role must be assigned to users who will create, update, or delete policy redlining documents. Additionally, the sncompliance.user role is necessary for compliance-related access.
Administrator Responsibilities: System administrators must establish cloud hosting connections, configure system properties, and assign the appropriate roles to policy redlining users.

Practical Implications for ServiceNow Customers

By completing these pre-requisites, ServiceNow customers can enable the policy redlining feature within Compliance Workspace, allowing collaborative policy document editing with cloud-hosted storage. Proper setup ensures secure and efficient integration with Microsoft or Google cloud services, leveraging existing infrastructure for document management while maintaining compliance and governance standards.

Certain configurations are required to be set up for policy collaborators to use the policy redlining feature in the Compliance Workspace.

Important:

Currently, the policy authoring and redlining feature is available exclusively to ServiceNow cloud-based customers.

Spoke support for cloud hosting services

Spokes required for Policy authoring – integration with Microsoft Office 365

Microsoft OneDrive Spoke – 2.1.1
Microsoft OneDrive Spoke for Document Service Framework – 1.0.5

Spokes required for Policy authoring – integration with Microsoft SharePoint

Microsoft OneDrive spoke 2.3.1
Document services framework for OneDrive – 2.0.0

Spokes required for Policy authoring – integration with Google Drive

Document Service Framework for Google Drive Spoke – 1.0.1
Google Drive Spoke – 1.4.1

Note:

Integration Hub entitlements included in the Compliance Workspace are for Policy authoring – integration with O365 and integration with Google Drive. Using Microsoft integration or Google Drive integration requires Integration Hub transactions not included in the Compliance Workspace product but requires an Automation Engine or Integration Hub entitlement.

Connecting to cloud hosting services

If you’re a policy collaborator wanting to use the policy redlining feature in the Compliance Workspace, then you must set up the following configurations.

Note:

You can establish a connection with only one of the following cloud hosting services: either Microsoft or Google Drive.

Microsoft implies both Microsoft OneDrive and Microsoft SharePoint.

Establish a connection with cloud hosting services

Connection with Microsoft OneDrive

You must first set up the Microsoft OneDrive to perform actions in Microsoft OneDrive from ServiceNow. For more information, see Setup Microsoft OneDrive for Document Services.

Note:

To set up connection you require Microsoft Azure App permissions such as email, openid, profile, Files.ReadWrite, offline_access, User.Read, User.ReadBasic.All, Sites.ReadWrite.All.

Connection with Microsoft SharePoint

You must first set up the Microsoft SharePoint to perform actions in Microsoft SharePoint site from ServiceNow. For more information, see Setup Microsoft OneDrive for Document Services.

The Microsoft OneDrive setup configured in ServiceNow is the same as that is done for Microsoft SharePoint as well. However, the Microsoft Azure App permissions are required for Microsoft SharePoint.

Note:

To set up connection you require Microsoft Azure App permissions such as email, openid, profile, Files.ReadWrite, offline_access, User.Read, User.ReadBasic.All, Sites.ReadWrite.All.

Connection with Google Drive

To set up Google Drive as a cloud hosting service and to create or update the policy text document that resides in Google Drive, you must:

Set up Google Drive spoke account.
Integrate the Document Services with Google Drive. For more information, see Document Services Framework for Google Drive.
To manage documents in Google Docs from your ServiceNow instance, you must integrate the ServiceNow instance with Google docs. For more information, see Set up the Google Docs.

Setting up system properties to connect with cloud hosting services

Enable system properties to use policy redlining in Compliance Workspace

Navigate to All > Policy and Compliance > Administration > GRC properties.
1. To opt Microsoft OneDrive as your cloud hosting service, select One drive in the Select a file sharing service to host documents and attachments system property list.
  If you select None in the Select a file sharing service to host documents and attachments system property list, then you can import the policy text. For more information, see Import policy text for redlining.
2. To opt Google Drive as your cloud hosting service, select Google drive in the Select a file sharing service to host documents and attachments system property list.
3. To opt Microsoft SharePoint, select SharePoint in the Select a file sharing service to host documents and attachments system property list.
Set the folder path that is to be created in Microsoft OneDrive in the Default folder path where documents and attachments will be located. You can organize files in sub-folders within this path system property list.

Provide mp_document_user role

The mp_document_user role is required to access policy redlining document-related tables. This role is required for users using the policy redlining feature to create, update, and delete the related documents.

As a sys admin you can establish the cloud hosting connection, enable system properties, and provide the mp_document_user role and compliance user (sn_compliance.user) role for the policy redlining users.