• Info@joyatres.com

    • ServiceNow IRM/GRC Training (Integrated Risk Management)

    JOYATRES Online Training Institute provides comprehensive ServiceNow IRM/GRC online training and real-time support for professionals. The ServiceNow Integrated Risk Management (IRM) and Governance, Risk, and Compliance (GRC) training covers the complete risk and compliance lifecycle including Entity Framework, Policy & Compliance Management, Risk Assessment, Audit Management, and Third-Party Risk Management. This training prepares you for CIS-RC (Certified Implementation Specialist - Risk and Compliance) certification with emphasis on Entity Framework, Advanced Risk Assessment (ARA), Smart Assessment Engine (SAE), Continuous Monitoring, TPRM, and advanced 2026 features including Agentic GRC and AI Control Tower.

    ServiceNow IRM/GRC Training Course Content

    This is the entry-point course (typically 2 days) that covers the core GRC framework.

    • Entity Framework: The most critical concept. You'll learn to create Entities from existing data (like Servers from the CMDB or Users from HR) and group them into Entity Types.
    • Policy & Compliance: Managing the lifecycle of a Policy, mapping it to Control Objectives, and generating Controls across the organization.
    • Risk Management: Learning to identify risks, perform qualitative assessments, and understand the Risk Register.
    • Audit Management: Basic planning of audits and managing Audit Tasks and evidence collection.

    This 3-day technical course is for those who configure and deploy the system.

    • Advanced Risk Assessment (ARA): Building complex Risk Assessment Methodologies (RAMs) using different factors (Impact, Likelihood, Control Effectiveness) and scoring logic.
    • Smart Assessment Engine (SAE): Configuring dynamic, questionnaire-based assessments that change based on user input.
    • Continuous Monitoring: Setting up Indicators that automatically monitor data in the platform (e.g., "Is the firewall off?") and fail controls in real-time if a threshold is met.
    • Issue Management: Automating the triage and remediation of issues found during audits or risk assessments.

    ServiceNow's Vendor Risk Management (VRM) module (now part of IRM) allows you to manage third-party vendors and their security posture.

    • Vendor Portals & Assessment Distribution: Letting vendors fill out security questionnaires (e.g., CISA Cyber Essentials, ISO) through a branded portal.
    • Risk Tiering & Due Diligence: Automatically routing vendors into different risk tiers (Low, Medium, High, Critical) based on data classification they process.
    • Fourth-Party Tracking: Tracking subcontractors your vendors use (vendors of vendors) for supply chain risk.

    This is the "future-looking" part of IRM/GRC. ServiceNow is building AI agents that proactively manage GRC workflows.

    • AI Control Objective Rationalization: AI suggests what controls may be redundant based on purpose and evidence.
    • Issue Summarization: AI Assistant for IRM reads dozens of issues and writes an executive summary automatically.
    • Agentic Workflows: ServiceNow's roadmap for agents that can automatically triage vendor risks or assign audits.
    • AI Control Tower: Centralized dashboard showing all instances of AI in use across the company, with oversight capabilities for risk flagging.
    © 2026 All Rights Reserved by JOYATRES | Powered By Name Lelo