IT Service Management (ITSM)

What is ITSM?

IT Service Management (ITSM) refers to the strategies, policies, and processes used to design, deliver,
manage, and improve IT services within an organization. ITSM focuses on aligning IT services with business
needs and ensuring efficient service delivery.

ITSM is typically implemented using ITIL (Information Technology Infrastructure Library) best practices, which
provide a structured framework for managing IT services.

Key Components of ITSM & How They Work

1. Incident Management 🔥

 What it does: Handles unexpected disruptions (e.g., system crashes, network failures).

 How it helps:

o Reduces downtime by quickly resolving incidents.

o Automates ticketing and categorization.

o Improves customer satisfaction with faster resolutions.

 Example: If an employee’s email is not working, they raise a ticket, and ITSM assigns it to the right
technician for resolution.

2. Problem Management 🔎

 What it does: Identifies and eliminates the root causes of recurring incidents.

 How it helps:

o Prevents repeat issues by addressing underlying causes.

o Reduces the impact of future incidents.

o Uses Root Cause Analysis (RCA) to prevent problems.

 Example: If a company's VPN frequently disconnects, ITSM investigates the root cause (e.g., outdated
firmware) and implements a permanent fix.

3. Change Management 🔄

 What it does: Controls and manages IT infrastructure changes to prevent service disruptions.

 How it helps:

o Ensures smooth transitions when updating or deploying new software.

o Reduces the risk of downtime during upgrades.

o Requires approval processes before implementing changes.

  Example: A company upgrades its HR system. ITSM ensures proper testing and approvals before
deployment, reducing risks.

4. Service Request Management 📋

 What it does: Handles user requests for services (e.g., software installation, password resets).

 How it helps:

o Automates service requests using workflows.

o Improves IT efficiency by prioritizing tasks.

o Reduces manual effort for routine requests.

 Example: An employee requests a new laptop. ITSM routes the request for approval and tracks the
delivery process.

5. Asset Management (ITAM) 💻

 What it does: Manages IT assets (hardware, software, licenses) throughout their lifecycle.

 How it helps:

o Tracks asset usage and ownership.

o Prevents wasted resources (e.g., unused software licenses).

o Ensures compliance with software licensing agreements.

 Example: ITSM tracks which laptops are assigned to employees and when they need replacements.

6. Knowledge Management 📚

 What it does: Stores and organizes IT solutions, troubleshooting guides, and FAQs.

 How it helps:

o Enables self-service for employees.

o Reduces the workload on IT teams.

o Speeds up incident resolution with predefined solutions.

 Example: An employee searches the ITSM portal for a guide on connecting to Wi-Fi, solving the issue
without IT intervention.

IT Asset Management
1. What is IT Asset Management (ITAM)?

ITAM is the process of tracking, managing, and optimizing IT assets throughout their lifecycle, from
procurement to retirement. It helps organizations reduce costs, ensure compliance, and improve efficiency.

Key Benefits of ITAM

✔ Better visibility of IT assets

✔ Cost optimization
✔ Improved compliance and risk management
✔ Enhanced decision-making
✔ Efficient resource allocation

2. Key Stages of ITAM

1️⃣ Procurement

 Identifying and purchasing hardware & software based on business needs.

 Vendor selection, contract negotiation, and cost optimization.

 Example: Buying new laptops for employees.

2️⃣ Deployment

 Installing and configuring assets for operational use.

 Integrating assets with existing IT infrastructure.

 Example: Setting up a new server in a data center.

3️⃣ Maintenance

 Regular updates, repairs, and performance checks.

 Preventative measures to reduce downtime.

 Example: Updating software patches and replacing faulty hardware.

4️⃣ Monitoring

 Tracking asset performance, usage, and compliance.

 Identifying underutilized or faulty assets.

 Example: Monitoring server performance to detect failures early.

5️⃣ Compliance

 Ensuring software licenses and hardware meet regulatory requirements.

 Avoiding fines and legal risks.

 Example: Conducting software audits to check licensing compliance.

6️⃣ Retirement

 Secure disposal, recycling, or reselling of outdated assets.

  Data wiping and environmental responsibility.

 Example: Decommissioning old computers and securely erasing data.

ITAM vs. CMDB

Feature ITAM (IT Asset Management) CMDB (Configuration Management Database)

Purpose Manages asset lifecycle & costs Tracks relationships & dependencies of IT assets

Focus Financial & operational aspects Technical & configuration data

Examples Purchase orders, contracts, asset status Server configurations, software dependencies

Important Tables in ITAM (ServiceNow)

Table Name Purpose

alm_asset Stores all IT & non-IT assets

alm_hardware Stores hardware asset details

alm_software Tracks software assets & licenses

cmdb_ci Stores IT asset configurations (from CMDB)

proc_order Stores procurement order details

alm_stockroom Manages inventory of assets before deployment

ast_contract Stores asset contracts (warranty, lease, etc.)

How ITAM Manages Asset Assignments?

🔹 Asset Assignment – ITAM records who owns or uses a particular asset (e.g., laptops, software licenses,
mobile devices).
🔹 User & Department Association – Links assets to employees, teams, or departments.
🔹 Tracking Status – Shows whether an asset is in use, in stock, under maintenance, or retired.
🔹 History & Audit Logs – Keeps a record of who had the asset and when it was reassigned.

Key Tables in ServiceNow for Asset Assignment

Table Name Purpose

alm_asset Stores asset details, including assignment info.

cmdb_ci_user Links assets to users.

alm_hardware Stores hardware-specific assignment details.

alm_software Tracks assigned software licenses.

Table Name Purpose

Example Use Case:

 A company assigns Laptop-123 to John Doe (Employee ID: 567).

 ITAM records the assignment in alm_asset and updates the status to "In Use".

 If John leaves the company, ITAM updates the record to "Available" or "Reassigned".

IT Operations Management (ITOM)

ServiceNow ITOM refers to ServiceNow IT Operations Management. It is a complete group of applications and
a part of the ServiceNow platform that provides better solutions to busineses to advance their IT operations
and administration. ITOM comprises a variety of tools and processes developed to streamline and automate
various IT activities. It offers various features like event handling, cloud management, orchestration, service
mapping, discovery, and many more. To improve the operational efficacy of business enterprises, ServiceNow
ITOM is extensively helpful.

It helps to automate varios tasks and processes done manually, and eliminates the need for manual errors.
Further, it improves time management. With automation, IT teams can work with more focus on various
initiatives along with productivity improvement. Thus, ServiceNow ITOM helps enterprises with powerful
cloud management features that enables them to optimize the usage of various cloud resources. Moreover, IT
teams can make many essential business decisions related to resource distribution and cost savings. This is
based on the insights and performance reports from ITOM.

Furthermore, IT teams can effectively identify the potential issues in the system and resolve them on time
using ITOM. This helps them to improve service delivery much more efficiently.

Service Mapping in ServiceNow – Simplified Explanation

What is Service Mapping?

Service Mapping is a feature in ServiceNow that automatically discovers all the applications and devices in
your organization and shows how they are connected. It helps you understand how different components
interact and identifies the impact of any issue on the entire system.

How Does It Work?

It follows a top-down mapping approach, which means it starts from an application and works downward to
identify all the underlying systems and connections. This helps IT teams quickly locate issues and understand
dependencies.

Roles in Service Mapping

Different users have specific responsibilities in Service Mapping:

 sm_admin – The admin role responsible for setting up, fixing, and maintaining Service Mapping.

 sm_user – Can only view the service maps to plan changes or analyze service availability.

 sm_app_owner – Application owners who provide important information for mapping and review
the final results.

Setting Up Service Mapping (Step-by-Step)

1. Enable Service Mapping Plugin

o Install the required plugin: com.snc.service-mapping.

2. Install and Configure MID Server

o The MID Server acts as a bridge between ServiceNow and your organization's private
network.

o Watch a MID Server installation tutorial here.

 3. Verify Discovery is Working

o Discovery helps identify and map applications, devices, and servers.

o Watch a Discovery setup tutorial here.

4. Configure Credentials for Host and Application Access

o Service Mapping needs credentials to access different systems and applications.

o Add new credentials in the Credential Management section of ServiceNow.

5. Verify Service Mapping Readiness

o Service Mapping automatically checks if everything is set up correctly, including MID Servers,
credentials, and discovery settings.

Key Points to Remember

✔ MID Server retrieves and stores credentials securely in memory.

✔ Service Mapping Readiness ensures that all required components are configured before mapping
services.
✔ Top-down mapping helps understand how issues impact the overall system.

No, you don’t have to manually create a service map in ServiceNow. Service Mapping automatically discovers
and builds the service maps for you.

How is the Service Map Created?

1. Automated Discovery – Service Mapping scans your organization’s IT infrastructure and identifies
applications, servers, and devices.

2. Top-Down Mapping – It starts from a business service (like a web application) and maps all the
connected components, such as databases, web servers, and network devices.

3. Data Collection – It gathers information from MID Servers, credentials, and discovery tools to create an
accurate service map.

4. Dependency Mapping – The system detects relationships between different components and displays
them visually.

Do You Need to Do Anything Manually?

 Setup MID Server & Credentials – You must configure MID Servers and provide credentials for
ServiceNow to access and discover resources.

 Review & Approve Maps – Users with the sm_app_owner role should check the generated maps and
approve or refine them if needed.

Orchestration
What is Orchestration in ITOM?
Orchestration in IT Operations Management (ITOM) automates IT
processes across different systems, applications, and services. It helps
 reduce manual effort, improve efficiency, and ensure consistent execution
of workflows.
In ServiceNow ITOM, Orchestration allows organizations to automate
tasks such as provisioning, incident resolution, security responses, and
cloud management.

Example: Automated Server Provisioning

Scenario:
A company needs to provision new virtual servers automatically when the
demand increases.
How Orchestration Works:
1. Trigger – A request for a new server is submitted in ServiceNow (e.g.,
through a service request or monitoring alert).
2. Workflow Execution – ServiceNow Orchestration automatically triggers
a workflow that includes:
o Checking available resources
o Creating a new virtual server in AWS/Azure/VMware
o Installing required software and configurations
3. Approval & Notifications – If required, it sends approval requests to IT
managers. Once approved, it sends notifications to the requester.
4. Logging & Monitoring – The entire process is logged in ServiceNow,
and monitoring is enabled for the new server.
Outcome:
 The server is provisioned automatically without manual intervention.
 IT teams save time and effort.
 The process is standardized and repeatable.

As previously mentioned, orchestration is automation scaled up.

Effective orchestration tools allow organizations to automate and
support entire interconnected workflows, computer systems,
services, and middleware within their computing environment.
Orchestration is versatile and may be applied to distributed systems
either in the cloud or on premises. In other words, orchestration
handles entire groups of tasks from start to finish.

So, for example, if an organization wants to orchestrate creating an

active directory, they will build an automated workflow for several
interconnected tasks. These might include creating users, modifying
users, creating groups, modifying groups, etc. Orchestration may
also be applied to ensure that automated tasks are occurring in a
predefined order. Orchestration is itself a complex endeavor and
depends on a full understanding of all steps involved in the process
to be orchestrated and tracking those steps across many different
environments. That said, if a process consists of repeatable,
automatable tasks, then it may be orchestrated.

What is ServiceNow ITOM Discovery

ServiceNow ITOM Discovery is a module within the ServiceNow platform designed to automate the process of
identifying and mapping all the devices, applications, and services running within an IT infrastructure. This
process allows organizations to maintain an accurate Configuration Management Database (CMDB), which is
essential for effective IT operations.

With ITOM Discovery, you can:

 Automatically discover physical and virtual devices, cloud infrastructure, applications, and services.

 Build accurate and up-to-date relationships between various IT components.

 Ensure compliance and minimize risk by eliminating blind spots in your infrastructure.

By leveraging ITOM Discovery, businesses can reduce manual efforts, improve asset management, and quickly
respond to incidents and changes within their environment.

Five (5) Key Benefits of ITOM Discovery

1. Enhanced Visibility

ServiceNow ITOM Discovery provides a unified view of all your IT assets, from on-premises data centers to
cloud environments. This visibility is critical in identifying potential risks, detecting outages, and ensuring all
components are functioning optimally.

2. Improved CMDB Accuracy

A well-maintained CMDB is the foundation of any successful IT operations strategy. ITOM Discovery ensures
that your CMDB remains accurate and up-to-date by continuously identifying and mapping new devices and
services.

3. Faster Incident Resolution

With a clear picture of how various IT components interact, ITOM Discovery allows teams to quickly identify
the root cause of incidents. This leads to faster resolution times, reduced downtime, and better service
availability.

4. Optimized IT Operations

By automating the discovery process, ITOM Discovery frees up your IT team to focus on more strategic tasks. It
reduces the manual effort of asset tracking and helps prevent costly configuration errors.

5. Cloud and Hybrid Environment Support

ITOM Discovery is equipped to handle modern cloud and hybrid environments, giving you full visibility into
both your on-premise and cloud-based infrastructure. This is essential for organizations adopting multi-cloud
strategies.

Why ITOM Discovery Matters

As IT environments become more complex, with a mix of on-premise, cloud, and hybrid systems, maintaining
control and oversight is increasingly challenging. Without proper visibility into the infrastructure, organizations
run the risk of unplanned outages, security vulnerabilities, and inefficient operations.

ServiceNow ITOM Discovery addresses these challenges by providing the automation, visibility, and accuracy
needed to stay ahead. Whether you're migrating to the cloud, scaling up your infrastructure, or managing a
complex IT ecosystem, ITOM Discovery ensures that you have a comprehensive, real-time view of your IT
assets.

How Discovery Works in ServiceNow ITOM

1. MID Server Deployment

o A MID (Management, Instrumentation, and Discovery) Server is installed within the

organization's network to collect data securely.

2. Scanning & Identification

o Discovery scans the network to detect devices, applications, and servers.

o It identifies what type of device it is (e.g., Windows server, Linux machine, router, database).

3. Classification & Exploration

o After identifying the device, Discovery collects details such as IP addresses, installed software,
running processes, and configurations.

4. Dependency Mapping

o Discovery maps how different IT assets are connected, helping IT teams understand
dependencies between applications and infrastructure components.

5. Updating CMDB

o The collected data is stored in CMDB (Configuration Management Database), ensuring that the
IT inventory remains up to date.

Example: Automated IT Asset Discovery

Scenario:

An organization has 500+ servers and network devices spread across multiple locations. Manually tracking
them is inefficient.

How Discovery Helps:

1. IT teams install a MID Server in the network.

2. Discovery automatically detects all connected devices (servers, routers, databases, applications).

3. It collects key details like OS version, IP address, installed software, and active users.

4. The data is stored in CMDB, giving IT teams real-time visibility of their infrastructure.

5. If a new server or device is added, Discovery automatically updates the CMDB.

Outcome:

 No manual tracking needed

 Better visibility of IT assets

 Faster troubleshooting with dependency mapping

Why Do We Need to Install a MID Server for Discovery?

A MID (Management, Instrumentation, and Discovery) Server is required in ServiceNow ITOM Discovery
because it acts as a secure bridge between ServiceNow (which is cloud-based) and an organization's on-
premise or private network infrastructure.

Key Reasons for Using a MID Server in Discovery

1. Security & Firewall Bypass 🔒

o Organizations have internal networks protected by firewalls, meaning external systems (like
ServiceNow in the cloud) cannot directly access internal servers, devices, or applications.

o A MID Server runs inside the company network and securely communicates with ServiceNow,
allowing Discovery to collect data without exposing sensitive systems to external access.

2. Agentless Data Collection

o Unlike traditional monitoring tools that require agents installed on each device, MID Server
performs agentless discovery—scanning and collecting data remotely without requiring
software installation on every asset.

3. Efficient Network Scanning 🌍

o MID Servers efficiently scan thousands of devices across networks, including servers, routers,
databases, cloud resources, and applications.

o It retrieves details like IP addresses, running services, software versions, and configurations.

4. Scalability & Load Distribution ⚙️

o Large organizations may have multiple data centers or cloud regions.

o Multiple MID Servers can be installed across different locations to distribute workload and
improve performance.

5. Secure Data Transmission 🔐

o MID Server ensures encrypted communication between on-premise infrastructure and

ServiceNow, keeping sensitive information safe.

6. Dependency Mapping 🔗

o ServiceNow Discovery, through the MID Server, not only detects assets but also maps
dependencies between applications and IT infrastructure.

o This helps in troubleshooting issues and understanding service impact.

Example: Why MID Server is Needed for Discovery?

Scenario:

A company has 500 servers and network devices in their private data center.

 Their IT infrastructure is not exposed to the internet for security reasons.

 ServiceNow, being cloud-based, cannot access their network directly.

Solution:

✅ A MID Server is installed inside the company’s network.

✅ The MID Server collects data from servers, routers, and databases.
✅ It then securely sends the data to ServiceNow CMDB.
✅ Now IT teams have real-time visibility of their IT assets inside ServiceNow.

What is ITOM?
IT Operations Management (ITOM) refers to the processes, tools, and technologies that organizations use to
manage and optimize IT infrastructure, services, and operations. ITOM in ServiceNow focuses on automating
IT operations, ensuring system stability, and proactively identifying issues before they impact business
operations.

🔹 Goal of ITOM → To provide a stable, efficient, and proactive IT environment by managing IT infrastructure,
applications, and services.
🔹 ITOM vs. ITSM → ITSM focuses on delivering IT services, while ITOM focuses on maintaining IT infrastructure
to support those services.

Key Components of ITOM

ServiceNow ITOM consists of several modules to manage IT operations effectively:

1️⃣ Discovery

 Automatically scans and identifies all IT assets (servers, networks, databases, software, etc.) in an
organization.

 Builds an updated Configuration Management Database (CMDB).

 Helps in tracking changes in IT infrastructure.

🔹 Example:
A company adds a new cloud server. ServiceNow Discovery detects and updates it in CMDB, so IT
teams are aware of its existence and dependencies.

2️⃣ Event Management

 Collects, monitors, and analyzes IT system alerts/events.

 Uses AI to prioritize critical issues and reduce alert noise.

  Helps predict failures before they impact business.
🔹 Example:
A bank’s server load increases unexpectedly. ServiceNow Event Management detects high CPU usage
and sends an alert before the server crashes.

3️⃣ Cloud Management

 Manages multi-cloud environments (AWS, Azure, Google Cloud, etc.).

 Automates cloud resource provisioning.

 Optimizes costs and performance of cloud services.

🔹 Example:
A retail company wants to scale cloud storage during a sale event. ITOM Cloud Management
automatically increases storage capacity and scales it down when demand decreases.

4️⃣ Orchestration & Automation

 Automates repetitive IT tasks and workflows to improve efficiency.

 Reduces manual effort by executing predefined scripts.

🔹 Example:
A new employee joins, and ITOM automates the setup by provisioning their email, system access, and
applications without manual intervention.

5️⃣ Operational Intelligence (AIOps)

 Uses AI & machine learning to analyze IT system performance and detect anomalies.

 Helps predict system failures before they occur.

🔹 Example:
A data center experiences increasing latency. ServiceNow AIOps detects a pattern, identifies a failing
hard drive, and notifies IT before it causes downtime.

Benefits of ITOM

✅ Improved IT Visibility – Discovery keeps track of IT assets in real-time.

✅ Reduced Downtime – Proactive monitoring prevents failures.
✅ Cost Optimization – Automates processes, reducing manual work.
✅ Stronger Security – Detects vulnerabilities in infrastructure.
✅ Better Cloud Management – Optimizes cloud usage and costs.

Real-World Example of ITOM in Action

📌 Company: An E-commerce Website (e.g., Flipkart, Amazon)

🔹 Scenario:
During a major sale event, the e-commerce site expects high traffic. If the servers can’t handle the load, the
website may crash, causing loss of revenue.

🔹 How ITOM Helps:

✅ Discovery → Identifies all active servers and their dependencies.
✅ Event Management → Detects server overload signs before failure.
✅ Cloud Management → Automatically scales resources to handle traffic.
✅ AIOps → Uses AI to predict potential failures and suggests solutions.
✅ Automation → Creates an incident and alerts the IT team if performance drops.

🔹 Outcome:

 No downtime during the sale.

 IT operations remain proactive, not reactive.

 Customer experience is smooth and uninterrupted.

How CMDB, ITAM, and ITSM Relate to ITOM

Component Belongs To Purpose

Stores and manages all IT assets and their relationships.

CMDB (Configuration
Part of ITSM & ITOM Used for tracking dependencies and improving IT
Management Database)
visibility.

ITAM (IT Asset Separate from ITOM Focuses on tracking IT assets, including hardware,
Management) (but integrated) software, and licenses, from procurement to retirement.

ITSM (IT Service Deals with IT service delivery and support (like incident,
Separate from ITOM
Management) problem, change management).

ITOM (IT Operations Independent but Focuses on automating IT operations, monitoring

Management) integrates CMDB systems, and ensuring IT infrastructure stability.

Where Do They Fit?

 CMDB is a core component of ITSM and ITOM.

o ITSM uses CMDB to manage services.

o ITOM uses CMDB for real-time monitoring and automation.

 ITAM is not part of ITOM, but it works closely with CMDB.

o ITAM helps track assets (ownership, licenses, lifecycle).

o ITOM helps monitor and automate operations on those assets.

Example of How They Work Together

🚀 Scenario: A Server Fails in an Organization

 1. ITOM (Operations Management) detects an issue in a critical server.

2. Event Management (part of ITOM) raises an alert before a failure occurs.

3. CMDB (part of ITSM & ITOM) helps IT teams see which other systems depend on that server.

4. ITSM handles the incident by creating a ticket for resolution.

5. ITAM ensures asset tracking and license compliance when replacing the server.

ITBM (IT Business Management) in Simple Terms

IT Business Management (ITBM) in ServiceNow helps companies align IT with business goals by planning,
tracking, and optimizing IT projects, finances, and resources. It ensures that IT investments provide maximum
value to the business.

Why is ITBM Important?

Imagine a company working on multiple IT projects. Without proper planning, they might:
❌ Spend too much money on unnecessary projects
❌ Waste time on low-priority tasks
❌ Overload employees with work

ITBM helps organizations avoid these issues by prioritizing important projects, managing budgets, and
tracking progress efficiently.

Key Components of ITBM

1️⃣ Project Portfolio Management (PPM)

 Helps organizations plan, track, and prioritize IT projects.

 Example: A company can see which projects are on track and which need more resources.

2️⃣ Financial Management

 Tracks IT budgets, expenses, and investments to ensure cost control.

 Example: ITBM can show if a department overspent on cloud services and help optimize costs.

3️⃣ Application Portfolio Management (APM)

 Helps organizations manage which applications are useful and which should be retired.

 Example: If an old software is expensive but rarely used, ITBM can recommend its removal or
replacement.

4️⃣ Agile Development & Scaled Agile Framework (SAFe)

 Supports teams using Agile methodologies for faster development and delivery.

 Example: A software team can track sprints and releases within ServiceNow instead of using multiple
tools.

5️⃣ Demand Management

  Helps identify and evaluate new ideas or project requests before approving them.

 Example: Before starting a new app, ITBM assesses if it's worth investing time and money.

How ITBM Helps Businesses?

✅ Saves money by tracking IT costs

✅ Ensures teams work on high-priority projects
✅ Helps IT teams and business leaders collaborate better
✅ Provides real-time reports and dashboards for decision-making

Human Resources Service Delivery (HRSD)

HRSD (Human Resources Service Delivery) in ServiceNow helps companies streamline and automate HR
processes, making it easier for employees to access HR services and for HR teams to manage requests
efficiently.

Why is HRSD Important?

Without HRSD, employees often face:

❌ Long wait times for HR queries
❌ Confusing paperwork for leave requests, onboarding, etc.
❌ Multiple emails and calls just to get a simple answer

HRSD solves this by providing a self-service portal, automation, and a structured workflow to handle HR tasks
smoothly.

Key Features of HRSD

1️⃣ Employee Service Center (Self-Service Portal)

 A central place where employees can:

✅ Ask HR-related questions
✅ Check policies and FAQs
✅ Submit requests (like leave, benefits, payroll issues)

Example: An employee can request a salary slip without emailing HR—just by using the portal.

2️⃣ Case and Knowledge Management

 Employees can create HR cases (requests), and HR teams can track and resolve them efficiently.

 HRSD also includes a knowledge base so employees can find answers themselves.

Example: Instead of HR answering “How many casual leaves do I have?” 100 times, employees can check the
policy in the HR knowledge base.

3️⃣ Onboarding and Offboarding Automation

 Automates new hire onboarding (document verification, training, system access).

 Ensures smooth offboarding when an employee leaves (exit interviews, return of assets).
Example: A new employee joins, and HRSD automatically:
✅ Creates an IT access request
✅ Sends documents for digital signing
✅ Assigns onboarding tasks

4️⃣ HR Workflows and Automation

 Automates repetitive tasks like approvals, document processing, and tracking employee requests.

 Reduces manual effort and ensures faster response times.

Example: Instead of manually approving every work-from-home request, HRSD can auto-approve based on
predefined policies.

5️⃣ Integration with Other Systems

 HRSD connects with payroll, benefits, and IT systems to provide a unified HR experience.

 Can integrate with Microsoft Teams, Workday, SAP, and more.

Example: If an employee updates their address in HRSD, it automatically updates in payroll and benefits
records.
Governance, Risk, and Compliance (GRC)

GRC (Governance, Risk, and Compliance) helps organizations manage policies, reduce risks, and follow
regulations to avoid legal or security issues. It ensures that businesses operate smoothly while staying within
the rules.

Breaking Down GRC

1️⃣ Governance (G) – Setting the Rules & Policies

 Governance is about creating clear policies, procedures, and decision-making structures to run a
company efficiently.

 Ensures that employees and departments follow the right guidelines and best practices.

Example: A company creates an IT security policy stating that all employees must use strong passwords and
enable multi-factor authentication.

2️⃣ Risk Management (R) – Identifying & Reducing Risks

 Risk management involves finding, assessing, and minimizing potential threats (financial,
cybersecurity, legal, operational).

 Helps businesses prepare for unexpected problems before they cause damage.

Example: A bank uses GRC to monitor for cyber threats and fraud risks to protect customer data and prevent
financial losses.

3️⃣ Compliance (C) – Following Rules & Regulations

 Compliance ensures that businesses follow laws, industry standards, and internal policies to avoid
penalties or legal issues.

 Companies need to comply with government regulations (like GDPR, HIPAA, SOX, etc.) and industry
best practices.

Example: A healthcare company must follow HIPAA regulations to protect patient data. GRC ensures all
patient records are secure and private.

2️⃣ How GRC Integrates with ITSM & ITOM

GRC doesn’t work in isolation—it integrates with ITSM (IT Service Management) and ITOM (IT Operations
Management) to improve overall IT efficiency.

📌 GRC + ITSM (IT Service Management)

GRC ensures that IT service management follows security and compliance rules.

Example:

 A company’s Change Management process (part of ITSM) requires approvals before making changes to
IT systems.

 GRC ensures that only authorized changes are made by enforcing governance policies.
  If an unauthorized change happens, GRC can trigger an incident in ITSM.

🔗 Integration:
✔ When a security risk is detected, a ServiceNow Incident (ITSM) is created automatically.
✔ If an employee reports a compliance issue, it’s logged in ITSM and assigned to GRC for investigation.

📌 GRC + ITOM (IT Operations Management)

GRC ensures that IT operations run smoothly without violating security policies or exposing risks.

Example:

 ITOM detects a server failure that could disrupt business operations.

 GRC assesses whether this failure affects compliance (e.g., data backup requirements).

 If it does, an automatic risk alert is generated, and IT teams are notified.

🔗 Integration:
✔ ITOM identifies infrastructure issues, and GRC ensures compliance with security policies.
✔ When new software is deployed, GRC checks if it meets risk and compliance standards.