Learn the proper way to modify risk scores in ServiceNow to align with your company’s unique risk assessment requirements. ServiceNow certified experts explain the best practices.
Table of Contents
Question
How does a user modify Risk Scores to suit their organizational needs?
A. alter values in the Risk Score Configuration module
B. amend constants in the RiskScoreUtil script include
C. change the business impact for affected Business Services and Configuration Items
D. recode logic in the Risk Score Calculator
Answer
A. alter values in the Risk Score Configuration module
Explanation
To modify Risk Scores in ServiceNow to suit your organizational needs, the correct approach is to alter values in the Risk Score Configuration module (Choice A).
The Risk Score Configuration module allows administrators to define the factors that are considered when calculating risk scores and adjust the weightings of those factors. This provides flexibility to tailor the risk scoring to your organization’s specific risk tolerances and priorities.
For example, you can configure the Risk Score Calculator to put more emphasis on security vulnerabilities vs availability issues if data breaches are a bigger concern than system downtime for your business. Or you could increase the weighting of risks affecting certain critical business services or CIs.
Directly modifying the underlying scripts and logic like the RiskScoreUtil script include or Risk Score Calculator (Choices B and D) is not the supported method and may cause issues with future upgrades. Simply changing the business impact values (Choice C) without adjusting the risk score configuration would affect the impact assessment but not actually change how the risk scores themselves are calculated.
Therefore, using the Risk Score Configuration module is the proper way to comprehensively customize ServiceNow’s Risk Scores according to your company’s needs while following best practices. It allows granular control over the risk scoring methodology itself.
ServiceNow CIS-SIR certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the ServiceNow CIS-SIR exam and earn ServiceNow CIS-SIR certification.