BMC Helix Remedyforce is a cloud-delivered SaaS solution for IT Helpdesk and Ticketing Management.
$67.90
per user/per month
ServiceNow Governance, Risk, and Compliance
Score 8.1 out of 10
N/A
ServiceNow Governance, Risk, and Compliance provides the tools businesses use to proactively manage risk by measuring, testing and auditing internal processes. This solution helps business users ensure compliance to regulations, policies, standards and frameworks. It is available via the Standard, Professional, and Enterprise editions, the latter two supporting GRC and internal auditing processes.
[BMC Helix Remedyforce] is probably best suited for an MSP who needs to keep multiple clients separated. If you were an internal IT department I think the additional features it has would be lost. When dealing with an MSP who needs to know what software and what issues have effected specific clients it is very well suited to do that.
Oracle EBS R12 requires a unique user skillset to understand how it handles user access and functions. Accordingly, ServiceNow has this high level of sophistication to manage this information and apply it to Sensitive Access and Segregation of Duties rules to identify exceptions. This depth of configuration is critical to accurately identify when Oracle Responsibilities (access) truly allows access and thus could be a violation. ERPs with less complexity may not require this customization of ServiceNow GRC, but you would be wise to raise these questions and examples in the demo to ensure it will work for you. In the past, we have found that risks of under-reporting exceptions or false positives become so voluminous that users don't always get to the accurate violations for timely remediation. Proper configuration up front will improve your effectiveness and ROI down the road.
An admin user is able to quickly create a request definition with all of its components from one screen. We use to have to go to the 7 or 8 different screens to create each piece of the request definition.
Ability to update multiple Incidents/Service Requests at once with the update button. This allows essentially an inline edit functionality within Remedyforce.
Change management schedule is a great feature as well to be able to see how changes align and what there expected start dates/times are.
Finding reported by the auditor. GRC helps us identify, assign, and track the resolution of this.
Exception to information security policy. These require quarterly reviews and setting up reminders to revisit these.
Building out new projects and baking security and compliance into the project and tracking it in GRC to ensure we deliver a compliant product on day one
The ability to monitor/regulate the volume of tickets when you integrate with your monitoring software. We have so many items that trigger alerts, creating a ticket for each is somewhat overwhelming. Would like to be able to better control when an incident should be created.
Being able to report on Service requests and tasks together would be nice. Right now I have to do it separately as they are in different buckets, so to speak.
Remedy console is an improvement from where it started but can still be a cleaner interface for a tech to be able to work out of for their day to day work.
Delivering more out of the box functionality that rivals other GRC platforms. The bare bones approach may not help companies that do not have expertise or capabilities to build effective GRC processes.
Easier way to implement workflow.
Offering better metrics without buying add-on tools.
The total amount of time spent from installation to configuration for a minimal ticketing system was 2 hours. Maintenance and customization for the application can be completed with a great amount of ease. In addition having a customer portal is an added benefit that pays for itself
I'm satisfied with our experience. The configuration was the biggest challenge, but we have moved onto the stage of user training and usability. We would appreciate having better user training documentation and possibly videos and/or computer-based training to help our international users adopt this software for their GRC needs.
It's a good system, but I am awaiting key features in the new release. We hear that ServiceNow is continually adding new features and we look for improved reporting, better Oracle Integration, and user training opportunities. To the extent these materialize, we expect further improvements in our experience with ServiceNow GRC. Until that time, though, we believe we are meeting our objectives expected at the beginning of this project.
Learning industry best practices or gaining insight on them from either BMC or an implementation partner would have saved some headaches we faced after roll-out.
I previously worked with tools like Service Manager which were difficult to configure, administer and maintain. The support options were very limited. Remedyforce has local US support, dedicated reps, and a more developed infrastructure to work from to support an organization. This runs on the Salesforce platform so worrying about server failures and unscheduled outages was no longer going to be an issue for us. Self service, knowledge base, and change control were just a few highly utilized features that helped employees support themselves and automate very manual processes.
We just recently started using TrustArc for data privacy requests and I can already speak to the fact that TrustArc is a more confusing platform once there. The positives of ServiceNow would be that a majority of our URL's drive to owned websites which our employees are very comfortable with using versus pushing them to another website that feels unsafe.
Remedyforce has allowed us to eliminate other solutions that provided similar features. By now using one true ITSM we have been able to save money which in higher education is always a concern.
The reports and dashboards allow for a birds-eye view of our daily operations and provide managers and executives the information they need to make important cost saving decisions.
