This guide provides instructions for integrating the Bitsight Security Ratings Platform and ServiceNow Vendor Risk Management (VRM) application. This is version 1 of the Bitsight and ServiceNow application integration.
See instructions for the following tasks:
Requirements
- A supported version of ServiceNow.
- The Bitsight for Vendor Risk Management solution.
Download and Installation
- Download and install the application from the ServiceNow App Store.
Verterim, a professional services firm that specializes in GRC, also has an integration and app in the ServiceNow App Store. It brings our data into the “Security Scores” table in the ServiceNow Vendor Risk Management application. It triggers assessments (questionnaires) based on changes in the normalized ratings by using “Score Based Submission Rules.”
- Assign a Bitsight admin type of role to a user in ServiceNow. See instructions for managing ServiceNow user roles.
- Go to the Bitsight “Application Configuration” module in ServiceNow.
- Create or retrieve your API token from the Bitsight platform and then enter your Bitsight API token into the “REST API Token” field.
- Set your integration configurations.
Field | Description |
---|---|
Insert Bitsight companies that do not match existing company records in ServiceNow [Boolean] |
Determines if companies that do not match existing records should be inserted.
|
Mark all imported companies as Vendors [Boolean] |
Determines if companies that are imported from your Bitsight portfolio are marked as “vendors” in ServiceNow. If “Yes,” all imported companies are automatically marked as vendors. |
Maximum age (days) of alert to trigger issue creation (defaults to 7) [Integer] |
Set the maximum age of alerts that will create Vendor Risk Issues in ServiceNow. Alerts older than this threshold will be ignored. |
Create Vendor Risk Issue on Score Change [Boolean] |
Determines if a Vendor Risk Issue is to be created in ServiceNow on warning alerts. Set this to Yes to automatically create issues for portfolio records whose rating drops beyond the configured threshold value (see Score Drop Trigger Delta). |
Score Drop Trigger Delta [Integer] |
If the rating decreases by this value, Vendor Risk Issues will be created in ServiceNow if the “Create Vendor Risk Issue” flag is checked. |
Create Vendor Risk Issue on Alerts with Critical Severity [Boolean] |
Set this to Yes to automatically create Vendor Risk Issues in ServiceNow for portfolio records when a Critical ( critical decrease) Bitsight alert is received. |
Create Vendor Risk Issue on Alerts with "Warning" Severity [Boolean] |
Set this to Yes to automatically create Vendor Risk Issues in ServiceNow for portfolio records when a Warning ( decrease) Bitsight alert is received. |
- October 25, 2021: Separated tasks instructions to their own pages.
- October 6, 2020: Version 1.4.1 now available.
Feedback
0 comments
Please sign in to leave a comment.