Notes (alphabetical)
Search to quickly find notes, articles, guides, and resources across the site.
Search to quickly find notes, articles, guides, and resources across the site.
Further reading Security Incident Response Team - SIRT (Gitlab Handbook)
ServiceNow is a US technology company that provides a cloud-based platform for enterprise workflow solutions, with the aim of automating business processes. Starting out with ITSM, the company has expanded its product range into areas such as customer service management (CSM), human resources workflows (HRSD), IT operations management (ITOM), and low-code application development, positioning themselves as a comprehensive platform for enterprise digital transformation through standardisation of workflows. Modules IT Service Management (ITSM) IT Operations Management (ITOM) Customer Service Management (CSM) IT Asset Management (ITAM) Strategic Portfolio Management (SPM) Third-Party Risk Management Workflows IT Workflows Employee Workflows Customer Workflows Creator Workflows Further reading Article on ServiceNow Cloud Observability | The Register Hugging Face and ServiceNow release a free code-generating model, 4 May 2023, TechCrunch ServiceNow is acquiring Element AI, the Canadian startup building AI services for enterprises, 30 Nov 2020, TechCrunch
Drivers Organisation relies increasingly on third parties, and their sub-contractors (fourth parties) Vendor information is currently collected via email and spreadsheet - hard to stay current, information goes missing, how to see full current picture (live dashboard?) TPRM overview (ServiceNow) Notes Replaces the previous Vendor Risk Management (VRM) module Launched with Vancouver release TPRM calculated score Fourth parties Risk intelligence feeds Tiering Assessment Due Diligence Record (DDR) Inherent Assessment (INA) Linked to Vendor Management module Transform map - set up one time or for recurring integration Roles Third party reader Third party editor Third party contract negotiator Due diligence approver Key Steps Initial onboarding AML / Sanctions / other onboarding steps Inherent Risk Questionnaire Risk assessment Issues & Task Management Internal assessment External assessment Approval of responses Contract risk Due diligence Assessment questions and Questionnaires Further reading Third-Party Risk Management - ServiceNow UK What you need to know about ServiceNow’s new Third Party Risk Management (TPRM) - AC3 Case Study on NTT - Implementation of ServiceNow Third-Party Risk Management - Nihilent (PDF) Trust but Verify: Streamlining Third-Party Risk with ServiceNow - Infocenter.io - provides good overview of TPRM module, benefits, features, implementation considerations
When an organization engages a cloud provider, responsibility for activities and controls is shared between them, and they will agree a shared responsibility model. In general the cloud provider is responsible for the underlying infrastructure, while the customer is responsible for data, applications and configurations. The precise division of responsibility will depend on the cloud service model (IaaS, PaaS, or SaaS), with the customer having greater management responsiblity and control with IaaS than PaaS and SaaS. ...
Shariah-compliant investing seeks financial returns by investing in companies that follow Islamic finance principles. Further reading Understanding Shariah Compliant Investment: A Simple Guide - Good Finance What is Shariah-compliant investing? - Pensionbee