ServiceNow Articles / Blogs / Perficient

Enhance Self-Service Experience with ServiceNow Virtual Agent

James Junloy — Thu, 03 Oct 2024 21:58:19 +0000

In today’s world, automation and self-service is all around us. From self-order tablets at restaurants to self-checkout lanes at grocery stores and self-check in kiosks at airports, the ability to complete tasks without requiring additional human assistance is incredibly valuable, saving both time and resources.

For organizations utilizing ServiceNow as their IT Service Management (ITSM) platform, the ServiceNow Virtual Agent offers a powerful solution to streamline support and enhance the self-service experience for users.

What is the ServiceNow Virtual Agent?

The ServiceNow Virtual Agent is an intelligent conversational chatbot that provides 24/7 automated support. It enables users to resolve common IT service issues, submit new IT incidents/requests, and find information stored in knowledge bases.

Users can quickly get resolutions without waiting for human assistance. By handling routine inquiries and tasks, the Virtual Agent can reduce the volume of calls and lessen the workload of Service Desk agents, allowing them to focus on more complex issues. In other words, the Virtual Agent can act as a tier 1 level support, deflecting mundane tasks from the Service Desk.

Key features and benefits

Out-of-the-box conversation topics

ServiceNow provides out-of-the-box conversation topics that can quickly be tailored to an organization’s existing processes, resulting in immediate business value, such as:

Open IT Ticket
Password Reset
Unlock Account
VPN Connectivity
Hardware Issues

Natural language understanding

The Virtual Agent comes with pre-built natural language understand (NLU) models, allowing the Virtual Agent to understand what the user enters into the chat and map it to specific topics, for example:

“My account is locked”
“I cannot connect to the VPN”
“I need a new keyboard”

Custom NLU models can also be created and trained for terminology specific to the organization.

Topic recommendation analysis

The ServiceNow platform has machine learning capabilities that can analyze historical Incident data, identifying frequent issues within the organization and then recommend new topics for the Virtual Agent.

Multi-channel integration

The ServiceNow Virtual Agent can easily be integrated across multiple channels, including:

Employee Center/Service Portal
Intranet site
Microsoft Teams
Slack
ServiceNow Now Mobile.

This ensures users can receive automated support easily, anywhere and anytime.

Transfer to live agent

In scenarios where users cannot resolve their issue with the Virtual Agent, a request can be made to reroute the chat to a live Service Desk agent. The agent can view the user’s chat logs with the Virtual Agent and provide further assistance.

Conversational Analytics

In addition to reporting capabilities available within the ServiceNow platform, the Virtual Agent comes with a built-in Conversational Analytics dashboard that provides insight on user interactions. This lets admins see data on how the Virtual Agent is performing, and allows them to optimize it further.

Example use cases

Below are two examples of how the ServiceNow Virtual Agent can provide users self-service options to resolve common issues, reducing the number of calls and repetitive tasks that the Service Desk receives.

Password reset

Without Virtual Agent: a user calls the Service Desk and talks with an agent because they require instructions on how to reset their password.

With the Virtual Agent: a user initiates a new chat, selects the Password Reset topic, and the Virtual Agent will guide them through the self-service password reset process.

Troubleshooting computer issues

Without Virtual Agent: a user calls the Service Desk and describes an issue they are experiencing on their computer. The Service Desk agent spends time trying to diagnose the issue and provide a solution.

With Virtual Agent: a user initiates a new chat and provides details of a computer issue. The Virtual Agent searches the knowledge base and suggests solutions.

Maximize Returns On Your CMDB Investment

Amit Talekar — Wed, 08 Nov 2023 16:00:27 +0000

CMDB Challenges: Unraveling the Common Thread:

The prevalent concerns that echo through the minds of all Configuration Management Database (CMDB) owners across our customers are: How can I maximize the value of my CMDB? What are the winning strategies for CMDB adoption?

Establishing trust in CMDB as a reliable source of data remains a challenge. We require remediation/best practices to instill confidence in its data integrity.
Furthermore, updating/maintaining relationships demands more technical proficiency than what you have readily available. Is it possible to implement a simplified interface layer to ease this process?

Are these common concerns in your organization? If you are challenged to address these issues, I recommend you start by looking at the following four key areas. Evaluating how you contribute to these factors will enable you to drive costs down and maximize your existing CMDB investment.

A Strategic Partner

A strategic partner prioritizes your long-term objectives, enhances your existing capabilities, and, all while facilitating the achievement of your business goals. Additionally, you should explore opportunities to optimize your cost structure by leveraging resources not limited to the U.S. or India but also in Latin America.

Expansion of the current CMDB existing capabilities:

Do you know your current CMDB status? Have you formulated a roadmap to address existing concerns? Are you collaborating with a partner to extend your current capabilities toward your envisioned future state CMDB by considering the questions below?

Data intelligence across CMDB ingestion, CMDB maintenance supported by CMDB insights

Leveraging robust data governance practices, encompassing data validation, normalization, and reconciliation processes guarantees the accuracy, and consistency of the CMDB. Additionally, guidance on clear data ownership and using data quality KPIs for monitoring CMDB, and CSDM adoption qualify further contribute to this assurance.

A CMDB enables you to comprehend the implications for your business, such as understanding the impact on business services if a specific server experiences downtime or is organization-compliant with regulatory requirements. Are you collaborating with your partner on the best practices and CMDB expansions below to enhance CMDB ROI?

Service mapping empowers organizations to rapidly construct a detailed overview of how their IT applications, equipment, and interdependencies function together. Do you have Service Mapping and CMDB alignment on your roadmap?
Expand your CMDB ROI to the next level by integrating and automating CMDB with discovery/event sources, assets, risk management tools, security, DevOps, and ITSM processes, among others.”

Stakeholder collaboration and communication

Are you leveraging Change Management Services today to communicate with all stakeholders? The Change Management Services are designed to facilitate a seamless transition for stakeholders into new CMDB-related processes and technologies. This crucial step is instrumental in guaranteeing that the organizational changes necessary for CMDB enhancements are not only well-received but also seamlessly integrated, leading to improved CMDB performance.

Training and enablement:

Leveraging your in-house, full-time talent vs support, project, or program work is an essential consideration for risk management and cost reduction. To achieve this, you and your partner should collaborate to implement co-development, peer reviews, personalized knowledge transfer plans, shadowing opportunities, and other strategies that enable you to efficiently upskill the appropriate resources with the necessary skill sets for the task at hand.

Contact us today to explore how our ServiceNow CMDB Consulting Services can transform your IT service management and configuration management capabilities.

Transforming ESG Challenges with Automation: ServiceNow’s Sustainable Approach

Amit Talekar — Thu, 01 Jun 2023 13:54:50 +0000

What is ESG?

The environmental, social, and governance (ESG) is a framework that helps investors and companies evaluate how well investments or businesses perform in terms of environmental, social, and governance aspects while considering sustainability, social responsibility, and governance practices for creating long-term value.

The example factors of ESG are listed below. ESG can differ for each organization due to contextual factors such as industry, size, location, and stakeholder expectations, which influence how they assess and address environmental, social, and governance performance. Additionally, organizations may have diverse priorities, strategies, and risk profiles, resulting in varied approaches to ESG integration and reporting.

Why is ESG Strategy Important?

In today’s business landscape, ESG considerations are more critical than ever. ESG considerations are important for companies as they help manage risks, promote long-term sustainability, engage stakeholders, drive innovation, and ensure regulatory compliance. Incorporating ESG factors into business strategies can contribute to companies’ financial performance, reputation, and resilience in a changing business and societal landscape. Companies that prioritize responsible business practices are not only contributing to a sustainable future but also gaining a competitive edge in attracting customers who prioritize sustainability.

The absence of an ESG strategy can subject businesses to risks in reputation, legality, and finance, while also depriving them of potential advantages like enhanced reputation, capital access, and increased innovation. It is vital for companies to embrace an ESG strategy to maneuver the evolving business environment, fortify their resilience, and establish sustainable long-term value.

Challenges to ESG

While ESG considerations are gaining momentum, there are challenges associated with standardization, ownership, data availability, and quality, KPI understanding and complexity, stakeholder engagement, and impact assessment. Companies and investors need to be mindful of these challenges and work towards addressing them to ensure meaningful and effective incorporation of ESG factors into corporate practices.

Transform ESG Challenge with Automation

Automation has the potential to transform how businesses approach ESG challenges by driving operational efficiencies, reducing environmental impact, promoting social equity, enhancing corporate governance, and supporting risk management efforts. However, it is crucial to ensure that automation is implemented responsibly. This is shown with careful consideration of ethical, social, and human rights implications, to ensure that the benefits of automation are realized in a sustainable and responsible manner. By leveraging automation as a tool for positive change, businesses can contribute to building a more sustainable, equitable, and responsible future for our planet and society.

ServiceNow, a leading provider of digital workflow automation solutions, is at the forefront of leveraging automation to address ESG challenges. Through its innovative platform, ServiceNow offers a range of capabilities that can contribute to solving ESG issues in a sustainable and responsible manner. With ServiceNow, organizations can seamlessly integrate ESG considerations into their enterprise systems, leveraging real-time views on metrics against ESG goals to enable more accurate decision-making. The platform’s capabilities provide a full audit trail, ensuring data provenance and reducing external audit fees. ServiceNow also automates the production of reports/disclosures, saving time for the reporting team. Additionally, it helps organizations efficiently manage exceptions to their ESG policies, identifying areas of risk that may hinder the achievement of ESG targets.

ESG Features

ServiceNow consistently enhances its technology stack with new integrations and capabilities in each release. Recent updates have introduced the following new ESG features:

Enhanced ESG data collection and reporting, including carbon emissions accounting with expanded metric calculation capability
Efficient and user-friendly data collection through a spreadsheet-style format for seamless ESG data input
Ability to plan out and track goals, targets, and initiatives
Automated creation of disclosure reports aligned to frameworks like GRI and SASB
Integration with advanced Strategic Portfolio Management software for seamless program and project management.
Integrate ESG management with workday
Upload historical data and use ESG management as a system of record.

If you’re interested in learning more about Perficient’s ServiceNow capabilities and how ServiceNow ESG can benefit your organization, reach out!

Problem Solving with Enterprise Architecture, Portfolio Management, and Design Thinking Mindset

Liyu You — Thu, 18 May 2023 17:25:45 +0000

What problems and challenges are we facing today?

As an enterprise doing business in today’s dynamic and competitive global market, we are facing a multitude of challenges and opportunities:

GRC, legal mandates, and regulatory compliance
Cyber security breaching concerns
Never-ending competitive products & services released into the market
New disrupted technology emerging constantly
Continuous customer/employee journey & experience improvement
Process optimization/automation, cost reduction, and customer/employee satisfaction
New products, services, and brands development and launching
Long and short terms corporate strategies and goals setting
Portfolio mgmt. for new initiatives/changes & operational excellence to run the business as usual
Business Continuity and Disaster Recovery considerations

The list can go on and on… Only those who have an agile and the right mindset can adapt, survive, and thrive. Enterprise Portfolio/Value Management (EPMO / EVMO), Enterprise Architecture (EA), and Design Thinking (among others) should work together to tackle complex, and interdependent problems.

Often, the scope of problems expands across multiple lines of businesses (LOBs), and we need to work together (as One Trusted Team) across LOBs within the enterprise and among extended enterprise to the vendors, suppliers, and partners.

What is Enterprise Architecture and why?

EA provides many benefits to the organization, including:

Providing a shared vision by standardizing practices, and processes
Aligning investments and resources to the company and LOB’s strategy
Better compliance with regulations
Improving collaboration between business & IT, and LOBs
Reducing IT complexity and costs by removing redundancies among organizational silos
Ensure system interoperability, build organizational agility & resilience

According to Gartner, EA is a discipline for proactively and holistically leading enterprise responses to disruptive forces by identifying and analyzing the execution of change toward desired business vision and outcomes. EA delivers value by presenting business and IT leaders with recommendations for adjusting policies and projects to achieve targeted business outcomes that capitalize on relevant business disruptions.

There are multiple EA domains depending on the chosen framework(s), including:

Business Domain: describes the company / LOB’s strategies, services, organization, business processes, and capabilities required to deliver the services.
Reporting & Analytics Domain: reporting and dashboards for enterprise governance, interactive, and drill-down capabilities are desired.
Information / Data Domain (including Data Governance): defines the enterprise’s information requirements and data model and helps ensure data is managed to support business needs.
Omni-channel / Interface Domain: Web, Mobile, Phone, Email, SMS, Chatbot, IM, and social media can be deployed for better customer journey & experience (CX).
System / Application Domain: defining the enterprise’s system/application portfolio, integration, and how these IT assets support the processes and services delivered.
Technical Infrastructure Domain: identifying the technology platform instances (SW & HW) that support the applications and data and deployment – Dev, QA, Prod, etc.
Security & Privacy Domain: Identity management, authentication & authorization, Confidentiality, Integrity, & Availability (CIA), PII, and PHI.
Integration & Interoperability Domain: Any integration with internal or external systems, real-time, batch or scheduled, etc.
Audit & Compliance Domain: Mandatory internal / external audit and compliance requirements for project go-live and on-going operations.
Non-functional Qualities Domain: Accessibility, Capacity, Availability & Reliability, Scalability, Usability, Observability, Load & Performance (L&P), Record Retention, BCP/DR, Portability, Localization, Maintainability & Manageability, and Compatibility, etc.

What is Project Portfolio Management and Why?

If done correctly, we can unleash our creativity and achieve “do the right things right” by leveraging innovation/ideation, demand/proposal, project/program, and portfolio management. The components include:

Innovation Management: Manage the innovation lifecycle, encouraging ideation, and streamlining innovation processes to drive competitive advantage by quickly identifying and pursuing the most promising ideas.
Demand / Proposal Management: Manage and prioritize business demands by capturing, analyzing, and prioritizing requests based on their strategic value and resources. The platform facilitates collaboration and data-driven decision-making to improve efficiency and reduce costs.
Project / Program Management: Manage projects and programs throughout the entire lifecycle using a structured approach to planning, resource allocation, budgeting, scheduling, and risk management. The platform facilitates collaboration and monitoring of progress and performance to improve efficiency and customer satisfaction.
Portfolio Management: Manage portfolios of projects, programs, and demands. It provides a structured approach including planning, prioritization, resource allocation, and performance monitoring. The capability helps organizations make informed decisions, and deliver value to customers while maximizing return on investment.

Design Thinking Process Overview

Design thinking is a user-centered problem-solving approach emphasizing empathy, collaboration, creativity, and iteration. It involves defining the problem, understanding user needs, generating ideas and prototypes, and refining the solution based on feedback. It consists of the following stages:

Empathize: understand the users and their needs by conducting research, observations, interviews, and surveys. The goal is to gain insights into the users’ journeys, experiences, challenges, and desires.
Define: analyze the information gathered to define the core problem or challenge. This involves synthesizing the research findings, identifying patterns, and reframing the business problem and desired outcomes in a human-centered way.
Ideate: generate a wide range of creative ideas and potential solutions. It encourages brainstorming, thinking outside the box, and considering diverse perspectives. Various ideation techniques such as mind mapping and sketching can be used to stimulate innovative thinking.
Prototype: create low-fidelity prototypes of the ideas, which can be physical models, digital simulations, storyboards, or any other form that helps convey the concepts. Prototypes are used to gather feedback, test assumptions, and refine the ideas before moving forward.
Test: test the prototypes with users to gather feedback, understand how they interact with the prototypes, identify improvement areas, and validate the solutions against the requirements. The insights gathered to inform further iterations and refinements.
Iterate: repeat the previous stages based on the insights gained from testing. The iterations refine the design, address any identified shortcomings, and drive continuous improvement.

Perficient + ServiceNow

We are a top-tier digital transformation consulting firm with extensive experience in automation platforms and process implementation. As a ServiceNow Premier Partner, we utilize the Global Solution Framework to provide value-added services to our client’s most significant business challenges. Our industry expertise spans healthcare modernization to financial services transformation, and our global team of experts is highly proficient in ServiceNow’s enterprise capabilities, providing advantages to HR, CSM, PMO, IT, and other operational teams within businesses.

To learn more about Perficient’s ServiceNow expertise, subscribe to Perficient’s blog, and follow us on LinkedIn.

Join the Knowledge Revolution at ServiceNow Knowledge Conference 2023 and Connect with Experts

Amit Talekar — Wed, 26 Apr 2023 15:00:42 +0000

Are you ready to revolutionize your business with ServiceNow? Then mark your calendars for the upcoming ServiceNow Knowledge Conference 2023! The Perficient ServiceNow team will be there. As a proud attendee of this prestigious event, I can’t wait to share my excitement and encourage you to connect.

Gaining Insights

At ServiceNow Knowledge Conference, you’ll have the opportunity to gain insights from industry leaders, connect with like-minded professionals, and explore the latest advancements, and success stories in ServiceNow’s cutting-edge technology. This year’s conference promises to be bigger and better than ever, focusing on knowledge sharing, innovation, and collaboration.

Opportunities

One of the conference’s highlights is the Knowledge Expo, where you can engage with ServiceNow experts, partners, and customers to learn about the latest product updates, best practices, and success stories. From interactive demos to hands-on workshops to build low-code apps by joining CreatorCon programs, you’ll have plenty of opportunities to deepen your understanding of ServiceNow and how it can transform your organization.

Connect

In addition to the invaluable learning opportunities, the ServiceNow Knowledge Conference also offers numerous networking, meetups, and social gatherings events. These events provide a unique platform for connecting with the Perficient team, sharing our experiences, and building lasting relationships that can benefit your career and business. Connect and discover how Perficient shines as an expert partner with comprehensive solutions, global reach, innovation, collaboration, customer-centric approach.

Keynote Speakers

But that’s not all! ServiceNow Knowledge Conference also features inspiring keynote speakers who will share their insights, stories, and visions for the future of digital transformation. From thought-provoking discussions on the latest trends in IT, HR, customer service, IRM, and more, to practical tips for optimizing your ServiceNow implementations. By the end of this conference, you’ll leave armed with new ideas and strategies to drive success in your organization. To maximize the value of the conference, it’s crucial to proactively plan areas of interest and optimize your schedule to fully comprehend how ServiceNow can benefit organizations in key areas. These include customer experience, employee experience, operational excellence, technology excellence, hyper-automation, and integration

Get Connected

So, if you’re ready to be part of the Knowledge Revolution and take your ServiceNow knowledge to the next level, I invite you to get connected and join me at the ServiceNow Knowledge Conference 2023. Don’t miss this unparalleled opportunity to learn, connect, and collaborate with fellow ServiceNow enthusiasts. See you at the conference! #Knowledge2023 #ServiceNowRevolution

ServiceNow Robotic Process Automation (RPA)

Narsimhamurty Dewarkonda — Tue, 04 Apr 2023 15:00:17 +0000

What is ServiceNow RPA?

Robotic Process Automation is a form of Business Process Automation where ‘robots’ are a substitute for people to perform routine, error-prone, and high-volume manual processes, usually interacting with legacy systems without APIs.

ServiceNow RPA Benefits

Improved accuracy: RPA working is based on a set of rules, never deviating as they perform their tasks.
Reliable: People can get complacent while doing repetitive tasks. RPA can do repetitive tasks, they approach every job with the same attention, thus significantly reducing the risk to the organization.
Reduced costs: RPA can reduce the wage bill wasted on simple tasks, while also allowing businesses to use time more effectively. As a result, RPA significantly reduces processing costs, often providing a positive return on investment within one year.
Enhanced scalability: RPA is scalable to accommodate growing business needs.
Increased speed: RPA bots do not get tired, and they do not make mistakes. They are also capable of moving through processes very quickly without having to pause.
More productivity: RPA allows talented workers to apply their skills to more valuable tasks. Employees have the time and freedom to accomplish more, improving productivity across the business.
Unrestricted integration: RPA can integrate with any platform. This allows RPA to function with customers’ already-established systems.
AI compatibility: Standard RPA can perform simple, rules-based tasks. AI-enhanced RPA robots can do even more. With the right AI technology, RPA can process unstructured data, recognize speech, apply machine learning models and natural language processing, and more.

Use Cases

Many employees spend much of their time engaged in repetitive, monotonous tasks. With ServiceNow RPA, many of those tasks can be automated, freeing employees to focus on more critical projects.

For example,

Logging into applications
Automating the filling of forms
Collecting data from applications
Extracting data from emails, PDFs, and forms by opening emails and attachments
Filling the information in a form
Making calculations
Moving documents and files

Robotic Process Automation applications

The RPA Hub platform consists of four applications:

RPA Hub: RPA Hub application provides a centralized orchestration to deploy, monitor, manage, measure, and verify compliance of all robots at an enterprise level.
Unattended Robot: Unattended Robot is a software agent, install on a Windows machine. Unattended Robots can execute unattended automation without requiring any human intervention. Unattended Robot Login Agent is a software agent that you install on a Windows machine with Unattended Robot.
Attended Robot: Attended Robot is a software agent that you install on an Attended Robot that can execute attended automation that requires human intervention.
RPA Desktop Design Studio: RPA Desktop Design Studio is a Windows native application used by RPA developers to design or configure automation workflows.

Unattended and Attended Robot

How does it work?

Automated processes in RPA Hub are designed and built using Desktop Design Studio in Windows. Packaged, deployed, and managed from within ServiceNow Instance in RPA Hub. Executed on Windows machines using the runtime engines, either attended with user interaction or unattended, without interaction.

Developers use RPA Desktop Design Studio to create automation (RPA and RDA) projects.
The developer uploads the automation from RPA Design Studio to the ServiceNow Instance RPA Hub. It is available as a package in RPA Hub.
A robot is created by defining the machine name (RPA) on which the automation will execute, or the username (RDA), that will execute the automation.
The bot process is the mapping of packages and robots.
On the runtime machines (VM/VDI for RPA and user desktops for RDA), the robot triggers and fetches the latest package version.

Business Values and Adoption of ServiceNow BCM

Liyu You — Mon, 27 Mar 2023 15:26:28 +0000

What is Business Continuity Management?

Business Continuity Management (BCM) is a framework and process for identifying and addressing risks to an organization’s business operations, ensuring business continuity during disruptions, and facilitating recovery afterward. ISO 22301 is an international standard that specifies requirements for a Business Continuity Management System (BCMS) to help organizations prepare for, respond to, and recover from disruptive events.

What is ServiceNow BCM?

ServiceNow BCM provides tools to identify and assess potential risks, and analyze the potential impact of those risks on critical business assets including people, business services, processes, capabilities, business/IT applications, business/IT data, infrastructures, vendors, and partners; develop plans and procedures to ensure that those assets are available, and the business can continue to operate in the event of a disruption.

ServiceNow BCM also enables organizations to manage and track their BCM program and activities, conduct testing and training exercises, and communicate with stakeholders during a disruption. Overall, ServiceNow BCM helps organizations improve their resilience and ability to respond to unexpected events, ensuring business continuity and minimizing the impact of disruptions on operations.

Why BCM and ServiceNow BCM?

ServiceNow BCM is part of the ServiceNow Governance, Risk & Compliance (GRC) suite of applications, which has been named a leader by Gartner Magic Quadrant and Forrester Wave, please see the post, Business Benefits and Adoption of ServiceNow GRC for more details. They are essential for organizations for several reasons:

It can provide a structured approach to identifying potential risks, assessing their impact on critical business services and processes, and developing plans and procedures to ensure those business services and processes can continue to operate during a disruption.

ServiceNow BCM enables organizations to automate and streamline their BCM processes, improving efficiency and reducing the risk of errors or omissions.

By improving their ability to respond to disruptions, organizations can make sure the people are safe, minimize the impact on their operations and customers, reducing the risk of financial losses, reputational damage, and legal liability.

In addition to these practical benefits, implementing a BCM program can help organizations meet regulatory requirements, demonstrate their commitment to risk management and corporate responsibility, and build stakeholder trust.

ServiceNow BCM Process Overview

ServiceNow BCM process consists of several key stages:

Setting up Libraries:

A set of basic configurations need to be set up to establish the dependency mapping and to build templates for the subsequent BCM stages, such as BIA and Plan.

Element Definitions (sample*):
- Business processes IT assets
- Facilities
- Vendors
Impact categories and Ratings
Recovery Timeframes and Tiers
Documentation sections

Note that the configurations have to be tailored to your company’s culture, languages used, and way of doing business and communicating.

Business Impact Analysis (BIA):

The BIA component helps organizations understand the potential impact of those risks on their critical business processes and functions, including financial, operational, reputational, and regulatory impacts. The impacts entered to determine the criticality tier rating, Recovery Time Objective (RTO), and Recovery Point Objective (RPO). BIA maps dependencies to the applications, locations, and vendors required for the business process to be carried out successfully.

BCP/DR Planning and Response:

This component involves using the process, asset, vendor libraries, and the business impact analysis as input, creating the business continuity plans for departments covering the critical business processes, and making the disaster recovery plans for critical IT assets. The plans can be created based on the configured plan templates, including:

BCP – Business continuity plans / Business Processes
DRP – Disaster Recovery plans / IT assets
Created from the pre-defined and stored templates.
Loss Scenarios (Applications, Facilities, Workforce, etc.).
Recovery strategies
Recovery teams and tasks

On selecting the template, the document structure and the default content are loaded which can be edited to create tailored content for different departments. Planners can add recovery tasks along with details of assets they’re tagged to, owners of the tasks, and dependencies of the tasks.

Plan Exercising and Training:

This component involves exercising the plans to be at a high level of assurance having updated business continuity strategy and plan in place; ensuring the employees are rehearsed with the business continuity plan and know what needs to be done during a crisis; track the assets that were recovered within the planned RTOs and the ones that couldn’t meet the RTOs.

Plan exercises can be planned, executed, monitored, and documented.
Observations/lessons learned are recorded to make any course corrections in the plan or execution of the plan.
Continual process improvement

Crisis Management:

This component is used to report crisis events and activate the relevant plans, track the recovery activities during the crisis, track the assets recovered, and if the recovery occurred within established RTOs. Managers can track task execution during events in a predefined order in a plan. They can also open individual tasks to override a plan sequence.

Reporting and Compliance:

This component involves tracking and reporting on BCM program activities and ensuring compliance with relevant policies, regulations, and standards, such as ISO 22301 and HIPAA.

Overall, these components work together to help organizations improve their resilience and ability to respond to unexpected events, ensuring business continuity and minimizing the impact of disruptions on business operations.

Adoption of ServiceNow BCM

Use the steps in the following BCM application checklist to download the Business Continuity Management from the ServiceNow Store, and all the way to get it ready for operation.

The flow of implementation steps is illustrated here. Please see ServiceNow BCM documentation for more details – Business Continuity Management implementation.

Perficient + ServiceNow

To learn more about Perficient’s ServiceNow expertise, subscribe to Perficient’s blog, and follow us on LinkedIn.

How ServiceNow Financial Services Operations (FSO) is Revolutionizing the Financial Industry

Swaroop Raj — Thu, 16 Feb 2023 16:00:35 +0000

What is ServiceNow Financial Services Operations (FSO):

Financial Services Operations (FSO) is an offering by ServiceNow utilizing its existing platform custom-tailored to the use cases for Financial Institutions providing a comprehensive solution for managing operations end-to-end. ServiceNow’s FSO allows financial institutions to automate core operational processes, through pre-built applications and workflows that streamline operations across all departments from front to back office, in a more efficient manner.

ServiceNow was named a Leader in The Forrester Wave: Value Stream Management Solutions, Q4 2022. Vendors were evaluated against 25 categories of current offering, strategy, and market presence, which aligned ServiceNow to meeting enterprise needs. According to the report, “ServiceNow is well-known for its IT Service Management (ITSM) offering that powers many teams’ change management processes and is one of the largest players in the VSM market.

With ServiceNow’s value stream management capabilities embedded throughout its IT service management and strategic portfolio management solutions, Perficient believes ServiceNow Financial Service Operations (FSO) is well positioned completely transform your organization. With ServiceNow your company could achieve accelerated development, greater speed to market, and increased team execution and delivery for Financial Institutions while adhering to compliance and risks.

ServiceNow Financial Services Operations (FSO) Product Suite:

Below are the products suites ServiceNow Financial Operations (FSO) currently caters to:

Payment Operations:

Financial Institutions can use ServiceNow Payment Operations solution to manage requests for payment inquiries, claims, or debit approvals related to their day-to-day operations. This feature helps resolve inquiries related to Beneficiary Claim Non-Receipt (BCNR) and Payment in Error (PiE) quickly and efficiently and keeps track of the status of debit approval cases. With preconfigured dashboards containing actionable data visualizations, financial institutions can improve its business processes and measure the value of its services.

Card Operations:

The ServiceNow Card Operations provides a unified platform for creating and management of cases related to credit card inquiries, including new cards being requested, increasing, or decreasing credit limits, blocking, or unblocking cards, and closing down a card account. This makes it easy for companies to comply with all relevant regulations and keep their customers happy.

Complaint Management:

The ServiceNow Complaint Management product can be used to swiftly address complaints within the complaint servicing team or routed to internal business units to provide a streamlined and prompt decision experience. This allows for cross-departmental collaboration and tracking of complaint status, from initiation to resolution.

By using automated workflows and response templates, ServiceNow FSO platform can route cases to specific business units for review and approval. This allows for a faster resolution time as responses are gathered quickly and reviewed in a guided playbook kind of experience using configurable response templates based on complaint types. It also provides a performance analytics dashboard with pre-configured reports that can highlight risks and potential regulatory issues.

Loan Operations:

ServiceNow Loan Operations provide a single platform solution to manage service requests and system-generated exceptions for all types of consumer and business loans. Also, this includes an automated workflow that routes cases across various departmental functions, such as loan, document, and credit assessment departments. Additionally, the platform provides a role-specific customized agent workspace with performance metrics dashboards to help managers understand team efficiency and business performance.

Customer Lifecycle:

The Customer Lifecycle Operations platform helps manage and oversee client onboarding processes, by gathering information, verifying identity documentation, and orchestrating the approval process. Also, key benefits include an account opening and onboarding process providing a unified playbook experience that focuses on specific tasks, as well as custom workspaces and roles in helping the officers complete them in the right order.

Treasury Operations:

ServiceNow Treasury Operations product provides an easy solution for financial institutions to manage treasury product onboarding processes. This is made available with workflows that are specifically designed for crucial services, such as wire transfers and Remote Deposit Capture (RDC). It provides a single platform to manage new requests in real-time, which makes the process more streamlined and simplified. Additionally, it provides a unified experience across the company’s treasury products, reducing bottlenecks and complexity during the onboarding process.

Document Management:

ServiceNow Document Management product can be integrated into the existing ECM platforms to manage tasks assigned to the Document Services team across any onboarding and renewal workflows. This includes onboarding customers, assets, and products, and issuing approvals for documents. It enables service owners to set up document categories, document types, and rules for inbound and outbound communication (including deferring or approving certain documents) and approval rules for a unified document management experience.

Know-Your-Customer:

Using ServiceNow FSO offering, Financial Institutions can verify the identity of applicants and prevent fraudulent activities by eliminating potential problems early on in the process. This system helps to coordinate verification efforts between front-office KYC analysts, relationship managers, and AML officers to determine eligibility for banking accounts and products.

Compliance & Risk:

ServiceNow GRC (Governance, Risk, and Compliance) is a solution designed to help organizations manage compliance and risk by providing assessment tools, policy management, incident management, and reporting tools. ServiceNow GRC can streamline compliance processes and reduce risk by automating manual tasks, standardizing procedures, and providing real-time visibility into compliance status. Additionally, it integrates with other ServiceNow products to provide a comprehensive view of risk and compliance across the entire organization. With ServiceNow GRC, organizations can ensure that they meet regulatory requirements, manage risks effectively, and make informed decisions to improve their overall compliance posture.

If you’re interested in learning more about Perficient’s ServiceNow capabilities and how ServiceNow FSO can benefit your organization, reach out!

4 Use Cases for ServiceNow SecOps – VR, SIR, and TI

Liyu You — Thu, 08 Dec 2022 16:02:41 +0000

In a world where cyber breaches dominate the headlines, cybersecurity is more important than ever. According to the Ponemon Institute and IBM, the average cost of a data breach in 2022 is $4.35 million USD, and it takes an average of 277 days to identify and contain a breach. While there are many ways that a data breach can happen, the most common are phishing, email compromise, software vulnerability, compromised credentials, and insider threats.

What is ServiceNow SecOps?

Protecting data is easy with ServiceNow Security Operations (SecOps). This product includes proactive and reactive measures and a host of readily available 3^rd party threat intelligence resources. Proactive measures include Vulnerability Response (VR) and Configuration Compliance. Reactive measures include Security Incident Response (SIR). ServiceNow SecOps seamlessly integrates with other security products and capabilities such as security control tools.

Why ServiceNow SecOps?

Provides a single source of truth and system of action to solve
Integration between IT and Security teams for SIR/VR improves communication, raises visibility, and reduces resolution time

Why do we need SecOps?

60% of breaches are due to unpatched vulnerabilities
Security tools/teams are in disconnected silos. E.g., IT, Security, Service Desk, and GRC
Problems are compounded by various factors such as people, processes, partners, and technology.
Manual SecOps based on email, calls, texts, and spreadsheets
It takes weeks to resolve or mitigate a security incident/vulnerability

Who benefits from the solution?

Many individuals across the enterprise, including C-suite executives, end users, IT, security, service desk, GRC, HR, and legal teams.

What values does ServiceNow SecOps bring to the table?

A single ServiceNow platform for all SecOps applications and integrations
Automation & Orchestration to streamline the processes and save time for better accountability and SLAs
Reducing SIR or VR time from weeks to hours
IT, Security, Service Desk, and GRC teams working together seamlessly
Rich dashboards and reporting for better governance and visibility

ServiceNow SecOps Use Cases

ServiceNow SecOps is a powerful tool with many capabilities. To see how ServiceNow SecOps could protect your company, we’ve outlined a few use cases (UCs) below.

UC #1: User Reported Security Incident — SIR Playbook

Vigilant users are an organization’s first line of defense! They can report oddities using the Security Incident Catalog. A phishing email can be reported via “Report Phishing” Outlook plugin, Wombat. For each security incident category, the SIR playbook can be orchestrated covering the entire SDLC (i.e., NIST) – Preparation; Detection & Analysis; Containment, Eradication & Recovery, and Post Incident Activity.

UC #2: Infrastructure Vulnerability Response (IVR) and Application Vulnerability Response (AVR)

The scanner (Qualys, Tenable, or Rapid 7) can be integrated into ServiceNow VR to scan the environment and create Vulnerable Items (VI’s). IVR manages vulnerabilities on networked assets including servers and network devices.

The scanner (Veracode or Fortify) can scan the environment and create Application Vulnerable Items (AVI’s). AVR manages vulnerabilities in custom-developed applications or 3^rd party software. By leveraging Software Asset Management, Software Exposure Assessment can be used to create AVI’s and Remediation Tasks proactively.

Vulnerability Solution Management correlates your vulnerability exposure with Microsoft Security Response Center (MSRC) and Red Hat solutions for remediation activities and monitors their completion.

UC #3: Automation and Orchestration

Threat Intelligence (TI): relevant TI data can be imported directly into the SIR and VR for enrichments for security analysts to make decisions, reducing their need to perform manual lookups and freeing up their attention to understanding the depth of the security incident.

Sighting Search: Searches various SIEMs or other log sores for instances of observables to determine the presence of malicious IOCs in your environment.

Incident Enrichment: Enrich configuration items (CI’s) or observables with additional information from different sources during SIR investigations.

Get Network Statistics: Retrieves active network connections from an endpoint/host
Get Running Processes: Retrieves running processes from an endpoint/host

Containment/Eradication:

Block/unblock observables on the firewall, web proxy, or other control points
Isolate/ endpoints or hosts associated with a security incident
Search an email server and delete emails from the server.

UC #4: SIR/VR Reporting and Analytics

ServiceNow SecOps provides rich Dashboards, Analytics, and Reporting for different personas such as CIO/CISO, security managers, and analysts. More out-of-the-box or customized reporting and analytics are available. The visibility is defined by the access controls.

Security Operations Efficiency Dashboards
- Analysis Efficiency – how many open or closed incidents per analyst?
- Detection and Response Effectiveness – false/true positive security incidents, backlog/closed security incident analysis
- Security incident Stage Analysis – how many are in the Draft/Analysis/…/Review stages?
Security Incident Explorer
- Security Incident Closure by Priority
- Security Incident by Attack Category
- Security Incident Map – provides incident location worldwide
Vulnerability Management Dashboards
- Vulnerable Items by Remediation Target Status
- Deferred Vulnerable Items Expiring this week
- Vulnerable Item by Age

If you are interested in learning more about our ServiceNow practice and our ServiceNow SecOps capabilities, reach out!

5 Implementation Patterns for ServiceNow GRC – Policy and Compliance

Liyu You — Thu, 10 Nov 2022 16:20:18 +0000

You can read Liyu You’s first blog about ServiceNow GRC, here.

The ServiceNow Policy and Compliance Management provide a centralized process for creating and managing internal policies and controls that are mapped to external regulations, standards, and frameworks. For governance, it includes personas, roles, rights, and responsibilities.

There are many regulations, standards, and frameworks that businesses need to comply with, on top of landscape changes with high non-compliance fines. ServiceNow GRC enables “test once, satisfy many” by deploying compliance frameworks such as Unified Compliance Framework (UCF) and managing regulatory change by integrating tools such as Thomson Reuter Regulatory Change Management.

Answering who, what, why, and how will help with business justification.

Who?	People with different personas across the enterprise benefit from the solution. They include C-suite executives, directors, managers, action-takers, and employees.
What?	What problems do we solve? 1. No central location for all GRC artifacts (authority documents, citations, policies, procedures, standards, controls, etc.) across all enterprise domains/BUs 2. Employees may not have access to all relevant GRC artifacts pertaining to them 3. GRC lifecycles are managed manually and are time-consuming 4. No enterprise-wide visibility/insight of GRC artifacts in terms of departments, categories, status, etc. GRC assessment is very difficult, if not possible 5. Roles, rights, and responsibilities in the GRC lifecycles are not clear and thus accountability cannot be established and enforced What values does ServiceNow GRC bring to the table? 1. Provide a central location for all GRC artifacts across all enterprise domains. 2. Employees have access to all relevant GRC artifacts pertaining to them per their roles 3. GRC lifecycles are managed through orchestration and automation, thus saving time 4. Have enterprise-wide visibility/insight into GRC statistics in terms of departments, categories, status, etc. GRC assessment is structured and easy to follow Roles, rights, and responsibilities in the GRC lifecycles are transparent and thus accountability can be established and enforced
Why?	Why ServiceNow solution? ServiceNow provides a single source of truth, a system of action, and the right platform to solve the issues listed above that most enterprises face today.
How?	How does it work? How to access the system? By accessing the ServiceNow instance through web or mobile

Implementation Patterns

Once who, what, why, and how have been answered, the next step is to identify which implementation pattern will work best for your enterprise.

IP #1: Policy Management Lifecycle — Draft -> Review -> Awaiting approval -> Published -> Retired

A policy defines an internal practice that processes must follow. The policy can have a hieratical structure, type (policy, procedure, standard, plan, checklist, framework, and template) and category (incident, problem, vulnerability response [VR], etc.), and other attributes.

IP #2: Policy Acknowledgement Campaign Lifecycle — New -> Pending Acknowledgement -> Closed -> Canceled

A policy campaign is a record used to prepare for a policy acknowledgment request. It defines the audience who must provide an acknowledgment of a particular policy. It can be used in the enterprise security program for awareness training.

IP #3: Policy Exception and Extension Lifecycle — New -> [optional substate “Pending Verification”] Analyze -> Review -> Awaiting Approval -> Approved -> Closed

Users can request exceptions for policies, control objectives, or issues by specifying the reason for the exception on a particular list of the systems or entities to which the exception will apply. The user must also specify the duration for which the exception is required. Risk assessment must be performed, and approval is required for governance and accountability.

IP #4: Control Lifecycle — Draft -> Attest -> Review -> Monitor -> Retired

Controls are specific implementations of a control objective. Controls are automatically generated when you associate a policy with an entity type or an entity type with a control objective. For the control objective, a control is created for each entity listed in the entity type. Controls can also be manually created.

IP #5: Reporting and Analytics

ServiceNow Analytics and Reporting solutions contain preconfigured dashboards. These dashboards contain actionable data visualizations that help you improve your business processes and practices.

Use the Performance Analytics widgets on the dashboard to visualize data over time, analyze your business processes, and identify areas of improvement.

Compliance Overview (Compliance Requirements, Overall Compliance, Compliance by Authority Document, Compliance Score Trends, Non-Compliant Entities, Compliance Breakdown)
Compliance Overview – PA Premium. The same contents as Compliance Overview; However, with interactive filters and checkboxes.
Policy Overview (Control Compliance, Control Details, Compliance Score by Department, Control Overview, Exempted Controls by Policy, Control Issues by Policy, Exempted Controls by Entity, Total Control Objectives by Policy)
Policy Overview – PA Premium. The same contents as Policy Overview; However, with interactive filters and I checkboxes.
Policy Acknowledgement Overview ([Past Due, Pending, Accepted, Declined, Exception Requested, Exempted], Policy Acknowledgement Status)
Policy Exception Overview (Active Policy Exceptions, Policy Exceptions by Priority, Policy Exceptions by Policy, Policy Exceptions by Control Objectives, Policy Exceptions by Entity, Policy Exceptions by Department, Approved Policy Exceptions, Exempted Controls)
My Attestation Overview (My Past Due Attestations, My Attestations, My Pending Attestations)

Getting Started with ServiceNow – Performance Analytics

Prajwal Chauvhan — Fri, 21 Oct 2022 16:00:58 +0000

Why Performance Analytics?

It is crucial for an organization to have reliable and efficient services. However, such services are not always easy to use and may not have the visibility, alignment, and reporting that you are looking for.

With the help of ServiceNow’s performance analytics, you can quickly and effectively make decisions with pre-built KPIs and dashboards that are adaptable to all corporate digital workflows.

Consider the difference between using GPS navigation and driving without it. Without GPS, you choose your path based on past experiences without understanding what lies ahead. However, based on current traffic data, GPS gives you the best route possible.

Performance analytics offers precise, real-time insight into all aspects of service performance across the ServiceNow platform, which is one of their benefits. So, you can quickly spot potential improvement areas and roadblocks.

ServiceNow Performance Analytics Benefits:

Anticipate trends: monitor performance to spot problem areas and prevent service problems
Prioritize resources: identify what’s important and modify service coverage
Drive automation and self-service: quickly pinpoint where automation and self-service can boost productivity, cut costs, and
Informed Decision Making: By coordinating IT services and operations with company strategy, you may advance the business and speed up outcomes.

Key Features:

Indicator Sources
- Groups of records from a ServiceNow table share a common attribute, such as assignment group or priority.
- Create indicator sources with care because an indicator source can be used by multiple indicators.
- Let’s say you only want incident records that have a high priority. Choose the facts table from the indicator source and apply the conditions as needed. As shown below:

Indicators:
- Used to monitor performance over time.
- They use indicator sources to compute scores.
- To forecast future trends, compare previous and present performance using indicators.
- There are three types of indicators.
  - Automated Indicator: Scores are automatically collected using scheduled data collection jobs.
  - Manual Indicator: Scores are entered manually or imported from a third-party source.
  - Formula Indicator: Scores are calculated using scores of other indicators.
- Let’s say we want daily scores of incidents with high priority. Select the indicator source you created based on your needs in the field “Indicator source.” As shown below:

Breakdown Sources:
- Define which elements are unique to a breakdown.
- Is a collection of records from a table or database view.
- One breakdown source can be used in multiple breakdowns.
- Assume we want to categorize all incidents based on their priority. Choose the facts table from the breakdown source and apply the conditions as needed. As shown below:

Breakdown:
- Breakdown is used to gain a deeper understanding of the data and break it up in a meaningful way.
- Breakdowns are configured only on reference or choice fields i.e., priority, state, or assignment group.
- There are two types of breakdowns:
  - Automated Breakdown: Automated breakdown elements are constructed from data already present in breakdown sources.
  - Manual Breakdown: Elements of manual breakdowns are manually typed to specify an organization.
- With breakdown, you can all open incidents that meet certain
- Choose the breakdown source you created per the requirements in the filed “Breakdown Source.” As shown below:

Data Collector:
- The process collects data scores from indicators and displays them on the dashboard using widgets.
- In performance analytics, two types of data collectors are available:
  - Historical Data and Daily Data Collector:

1. 1. Used to collect historical data. This can be illustrated with real-world examples.
  2. Can identify how many incidents or problems were resolved within a certain timeframe using the ‘Relative Start’ and “Relative End’ fields.
  3. You can specify how often a data collector runs using the “Run” parameter. As shown below:

- A daily data collector is used to collect data every day. For example, assume we need to keep track of the number of incidents resolved each day. Then we should make use of the daily data collector.

Widgets:
- Widgets are used for the visualization of indicator scores and can be reused across multiple dashboards. There are several performance analytics widgets.
  - Time Series: display how an indicator score has changed over time.
  - Breakdown: Indicator scores for each breakdown element.
  - Score: Indicator aggregate scores
  - List: Multiple indicators’ scores.

Analytics Hub:
- User interface that is mainly for assessing, comparing, and predicting the performance of indicators over time.
- Displays data for a single indicator.

Dashboards:
- Dashboards are used as a canvas to combine several widgets and reports into a single display to convey visual information about one or more business processes or services.
- Users with admin and dashboard_admin roles assigned can access and edit all dashboards.
- Users with pa_admin and pa_power_user roles assigned can access only those dashboards that they have created or that have been shared with them with edit rights.
- The content of the dashboard can be arranged with the help of tabs and widgets.
- A dashboard may contain several tabs. On each tab, you can keep one or more widgets.

Reduce IT Cost and Risk Using ServiceNow – Technology Portfolio Management

Sheikh Ayesha Tabassum — Thu, 13 Oct 2022 15:00:19 +0000

As organizations continue using technology building blocks from different vendors, it becomes quite tedious to manage and keep track of various technologies. If technologies are not updated periodically, and timely with different versions/models, they eventually turn into a liability to key business functions and products.

The underlying technologies of the business applications used in your enterprise have a shelf life that must be actively managed and diligently monitored to track their versions and lifecycle.

Internal and external lifecycle stages of the software product

Typical Software Product goes through the below lifecycles,

Pre-Release: When the software was first made available.
Date of General Availability: When the program was made generally accessible to the public.
Upgrade Note: Only displayed if the field for Lifecycle type is set to Internal.
End of Life: The day on which the publisher will stop producing the software.
End of Support: The last day that the publisher will make improvements to the software.
End of Extended Support: The deadline by which the software’s publisher will stop offering updates or support.

View the timeline of technology risks.

In the Technology Portfolio Management timeline, you can see the internal and external life-cycle phases of all technologies or product models used in your organization. The color code indicates the stage at which the technology is in terms of the risk factor.

Users can view the risks associated with business applications in various ways thanks to the TPM timeline panel. Views might be simply a list of Business Apps that are categorized by Product Classification, Software Model, Application Backlog, or the applications’ underlying technology.

You can drill down to the specific underlying application service that each of these views supports, the underlying technology that each of these views operates on, or the specific business application that is being used.

The Enterprise Architect (EA) can use the timeline view to track the versions and life cycles of technologies, and the number of applications running on those technologies. EA can assess risks on a business application due to its end of life, and create demands and projects as needed.

You can click the risk bubble of a software model to view the scores at the risk parameter level.

Technology risk calculation

Lifecycle stage – Internal and External

Use the software product lifecycle form to associate the lifecycle phase for each software model with a risk. The risk values in the lifecycle table are very high, high, moderate, low, and none. Accordingly, the risk is also very high, high, moderate, low, or none.

For lifecycle stage parameters, only the risk value is considered irrespective of the lifecycle phase.

Aging

Similarly, aging has the following risk values:

0–90 days is high risk.
90–180 days is moderate risk.
More than 180 days is low risk.

Based on the lifecycle stages and the aging stages, the risk of the hardware and software models are calculated as follows:

If there is a single High risk, then the risk of the software model is High.
If there is a single Moderate risk, then the risk of the software model is Moderate.
The risk of the software model is Low only if the risk of all the underlying components is Low.

Parameters to determine risk at software and hardware model level

Assessing the technology risks

Risk scores are set first at the Product Model level, then bubble up to the Application Service where the owners of the Business Application can act.
Because the ServiceNow approach focuses on the operational aspect of Technology Portfolio Management first, we can better automate and assess the risks associated with using technologies.

These calculated Business Application risks are then revealed on the Business Capabilities where the Business Applications are used.

Information on the software product

You can create a list of all software models that your organization uses either manually or import from existing databases or sources. A common set of modules of ServiceNow are shown in the below diagram which collects the software and hardware information through an automated process called discovery.

ServiceNow makes it simple to assess risks, identify current technology usage, and gauge impacts on business capabilities. It offers a simple way for customers to use self-service technology and a reliable tracking system. Only ServiceNow can bring together practices and procedures that would otherwise be incompatible.