Microsoft System Center Service Manager vs. ServiceNow Governance, Risk, and Compliance

We use Microsoft System Center Service Manager in the education sector. We believe this is the only real way to manage our IT systems and ensure compliance for not only today but tomorrow as well (what ever that brings!) Our IT management team significantly streamlined our working practices to mold a slick IT support service which serves our end users efficiently. Microsoft System Center Service Manager brought added automation and clarity for all major stakeholders in our organization through detailed reporting and scheduling, ensuring a complete realtime picture of the IT estate.

Incentivized

Oracle EBS R12 requires a unique user skillset to understand how it handles user access and functions. Accordingly, ServiceNow has this high level of sophistication to manage this information and apply it to Sensitive Access and Segregation of Duties rules to identify exceptions. This depth of configuration is critical to accurately identify when Oracle Responsibilities (access) truly allows access and thus could be a violation. ERPs with less complexity may not require this customization of ServiceNow GRC, but you would be wise to raise these questions and examples in the demo to ensure it will work for you. In the past, we have found that risks of under-reporting exceptions or false positives become so voluminous that users don't always get to the accurate violations for timely remediation. Proper configuration up front will improve your effectiveness and ROI down the road.

Incentivized

• This tool is used to track support requests among our IT staff.
• We use this tool to automate some more routine tasks.

Incentivized

• Finding reported by the auditor. GRC helps us identify, assign, and track the resolution of this.
• Exception to information security policy. These require quarterly reviews and setting up reminders to revisit these.
• Building out new projects and baking security and compliance into the project and tracking it in GRC to ensure we deliver a compliant product on day one

Incentivized

• The software requires a lot of memory to run smoothly, otherwise it will be slow.
• It takes some time to learn, and training prices are a bit high.
• The price is a bit high; System Center is not a cheap solution.

Incentivized

• Delivering more out of the box functionality that rivals other GRC platforms. The bare bones approach may not help companies that do not have expertise or capabilities to build effective GRC processes.
• Easier way to implement workflow.
• Offering better metrics without buying add-on tools.

Incentivized

As with all software, Microsoft System Center Service Manager has its quirks but it has more than made up for them with the sheer amount of functions the system brings to the table. Being based on the ITIL framework really shows with its design/terminology and, generally, we have found it 'just clicks' with our ITIL trained staff which makes operating our system straightforward and enables us to report to end users and all stakeholders consistently with ease.

Incentivized

I'm satisfied with our experience. The configuration was the biggest challenge, but we have moved onto the stage of user training and usability. We would appreciate having better user training documentation and possibly videos and/or computer-based training to help our international users adopt this software for their GRC needs.

Incentivized

The customer support service is excellent. They help from start/deployment through to any time later on. They responded quickly and resolved our issues professionally and in no time.

Incentivized

It's a good system, but I am awaiting key features in the new release. We hear that ServiceNow is continually adding new features and we look for improved reporting, better Oracle Integration, and user training opportunities. To the extent these materialize, we expect further improvements in our experience with ServiceNow GRC. Until that time, though, we believe we are meeting our objectives expected at the beginning of this project.

Incentivized

I can't really compare them as we haven't used an "all in one" tool like SCCM. There are other patch management software, other remote control applications, and to be honest, I find those work better when compared to SCCM. However, there hasn't been an application yet that does it all, so I feel it's unfair to compare. All of these tools that SCCM offers could/should be fine-tuned and made to be a bit more user-friendly.

Incentivized

We just recently started using TrustArc for data privacy requests and I can already speak to the fact that TrustArc is a more confusing platform once there. The positives of ServiceNow would be that a majority of our URL's drive to owned websites which our employees are very comfortable with using versus pushing them to another website that feels unsafe.

Incentivized

• The tool has saved money in a transition from another 3rd party tool
• It simplifies the ease of use for users. This is similar to other Microsoft tools
• We are able to provide reports of system performance when questions arise about availability.

Incentivized

• Effective Enterprise Risk Management
• Holistic Real-time Monitoring of your technology and Risk
• Negative - Asset Management has some issues and Ghost / Shadow IT is big issue