Likelihood to Recommend Product is a great tool to serve as a central point to compile and document sox controls. This allows transparency across the team and teammates to edit and view progress. The tool also provides an interface that will make it easy for the internal audit team to track and compile control requests. I particularly like how it lets all of the control owners take ownership of their controls. I am currently exploring some of the advanced tools that support testing and the accuracy and completeness of our data, which i'm very excited to explore.
Read full review Oracle EBS R12 requires a unique user skillset to understand how it handles user access and functions. Accordingly, ServiceNow has this high level of sophistication to manage this information and apply it to Sensitive Access and Segregation of Duties rules to identify exceptions. This depth of configuration is critical to accurately identify when Oracle Responsibilities (access) truly allows access and thus could be a violation. ERPs with less complexity may not require this customization of ServiceNow GRC, but you would be wise to raise these questions and examples in the demo to ensure it will work for you. In the past, we have found that risks of under-reporting exceptions or false positives become so voluminous that users don't always get to the accurate violations for timely remediation. Proper configuration up front will improve your effectiveness and ROI down the road.
Read full review Pros HighBond is great for managing requests, to do’s, and review notes HighBond is generally flexible with the configuration and terminology you can use. HighBond is a good tool for centralizing risks, controls, test plans, and procedures in a framework that allows you to standardize its usage. Read full review Finding reported by the auditor. GRC helps us identify, assign, and track the resolution of this. Exception to information security policy. These require quarterly reviews and setting up reminders to revisit these. Building out new projects and baking security and compliance into the project and tracking it in GRC to ensure we deliver a compliant product on day one Read full review Cons The current setup does not have a risk management option. There is not an easy way to catalog all audits and then cycle through them. The set up of tabs within a project can be a bit cumbersome and excessive. Read full review Delivering more out of the box functionality that rivals other GRC platforms. The bare bones approach may not help companies that do not have expertise or capabilities to build effective GRC processes. Easier way to implement workflow. Offering better metrics without buying add-on tools. Read full review Usability I'm satisfied with our experience. The configuration was the biggest challenge, but we have moved onto the stage of user training and usability. We would appreciate having better user training documentation and possibly videos and/or computer-based training to help our international users adopt this software for their GRC needs.
Read full review Support Rating HighBond by Galvanize support has some of the best and fastest support that I have experienced. Though we only contact them through emails, they were quick to provide insightful information about our problems. Whenever we email them about an issue, they would be able to reply in less than an hour, ready and prepared with useful solutions to address the issue.
Read full review It's a good system, but I am awaiting key features in the new release. We hear that ServiceNow is continually adding new features and we look for improved reporting, better Oracle Integration, and user training opportunities. To the extent these materialize, we expect further improvements in our experience with ServiceNow GRC. Until that time, though, we believe we are meeting our objectives expected at the beginning of this project.
Read full review Implementation Rating I was not involved in the implementation, but i do think the interface works well and is a great tool to centralize our compliance program. I'm currently in the process of exploring many of the advanced features and using the Diligent Academy to learn about some of these exciting features to add value to our organization. I recently attended a CPE and was very impressed with the presenters and their energy and knowledge of the product
Read full review Alternatives Considered Diligent Highbond stacks up somewhat poorly against our other tools. In addition to what was included above, we use some smaller tools that fulfill many of the gaps left by Diligent Highbond. We have since started to move away from Diligent Highbond.
Alteryx is better at processing data and their server tool can be used to publish results for review.
Read full review We just recently started using
TrustArc for data privacy requests and I can already speak to the fact that
TrustArc is a more confusing platform once there. The positives of ServiceNow would be that a majority of our URL's drive to owned websites which our employees are very comfortable with using versus pushing them to another website that feels unsafe.
Read full review Return on Investment It has saved me time generating status reports It has saved me time in coordinating with others to obtain information, since it tracks requests and sends reminders It saves time with to dos and open reviews to keep track of tasks to be completed Read full review Effective Enterprise Risk Management Holistic Real-time Monitoring of your technology and Risk Negative - Asset Management has some issues and Ghost / Shadow IT is big issue Read full review ScreenShots Diligent One Platform Screenshots