How to Utilize the ServiceNow Security Policy in the HRSD Module

ServiceNow HR COEs, which are part of the ServiceNow HRSD module, is the data modeling approach that allows HR teams to organize work by the functional disciplines. They are an extension of the HR Case Core table which includes payroll, employee lifecycle management, employee relations, etc. With COEs, you can enable custom configurations for data, services, and processes that are present, limit access to sensitive information, promote consistency for metrics and reporting, and drive automation by predefining requests to the service level. Thus, the COEs are an extension of the ServiceNow security policy for the HRSD module.

ServiceNow COE Security Configuration allows companies to define group restrictions for a COE (Centre of Excellence) and all or specific HR Cases on ServiceNow HR Service Delivery. Previously, any user with the case reader or case writer roles within HR could view any cases within the COE. Companies were often unaware of the ServiceNow HR COE Security Policy offered by ServiceNow, which led to them creating custom access control lists (ACLs).

ServiceNow comes with COE Security Policies pre-installed. The rules can be set up in the HR module to limit which groups can read or write (or both) on a particular HR Case, based on the criteria provided.

Want to hrdeliver an exceptional employee experience? Watch our webinar on how to deliver an  exceptional employee experience with ServiceNow HRSD

The two roles configuring ServiceNow COE Security Configuration are the administrator, aka admin, or the HR ER (employee relations) administrator, a.k.a, sn_hr_er.admin.

Note: In spite of a restricted ServiceNow HR COE Security Policy, some users will be able to access it. for instance, people that fall under the labels “Opened by”, “Opened for”, “Watch List”, and “Collaborators” can access items regardless of the COE Security Configuration Policy.

The steps to navigate ServiceNow COE Security Configuration are simple:

• Navigate to All > HR Administration > COE Security Configuration.

• Then Click on COE Security Configuration Module. Below the form will be displayed.

• Then click on New that will navigate to COE Security Policy form.

With options for applying COE security policies for respective COEs with the desired conditions.

• COE refers to the Center of Excellence (COE) for which you want to create a security policy.
• Applies to all services is a choice between applying the COE configuration security policy to all or specific HR services.
• The COE Security policy is applicable to the HR service known as Services. Only when the ‘Applies to all services’ check box is deselected does this field show up.
• The application refers to what the COE Security Configuration Policy applies to.
• Active is an option to display the COE security policies’ active status. Only live COE security configuration policies are put into action.
• Type is the level of access you want your HR representatives to have for issues involving COE or HR services. Using the valid Read and Write values
• Applies when the filtering requirement for an HR case is met. The COE security policy is applicable in this scenario if the HR case satisfies the requirements. Based on key terms or fields from the HR case, you can establish conditions. All records for the chosen COE are matched by an empty filter condition.
• Add the groups that you want the COE security policy to grant access to.
• Click Update.

1. In the below image, COE Security Policy for HR Total Rewards is created.
2. COE is selected in the COE field (HR Total Rewards), So that security policy is applied to the respective COE table.
3. In the Type field value is selected as Read, which means Read access for the Users.

4. In the Group Section HR Tier3 group is selected, which means only the users from the HR Tier3 Group has Read access to HR Total Rewards Case COE.

1. In the below image COE Security Policy for HR Total Rewards is created.
2. COE is selected in the COE field (HR Total Rewards), So that Security policy is applied to the respective COE table.
3. In the Type field value is selected as Write, which means Write access for the Users.
4. In the Group Section HR Tier1 group is selected, which means only the users from the HR Tier1 Group has got Write access to HR Total Rewards Case COE.

In short, the ServiceNow COE Security Configuration Policy on ServiceNow HR Service Delivery allows HR teams to control access to several functions without having to create an access control list (ACL), which takes up more time and is more difficult to coordinate. Creating your own ACLs means you have to maintain and troubleshoot them on your own and you also face scaling difficulties.

When it comes to implementing these solutions, you will be hard-pressed to find a better ServiceNow partner than Royal Cyber. If you are interested in implementing the ServiceNow HR Service Delivery module and setting up the ServiceNow HR COE security policy, our ServiceNow team can help you build a single powerful platform for all your HR services. Our powerful capabilities in HRSM applications will improve your HR Core HR, Talent Management, and Workforce Management. For more information visit our website Royal Cyber  or contact us at [email protected].