USE CASE GUIDE Risk exposure consists of multiple factors, including security incidents, vulnerabilities, and software configurations. Because all of these issues are prioritized by how critical they are to the business in the ServiceNow CMDB, the dashboard can show the current number of critical versus non-critical open issues across the organization. This data can also be used in ServiceNow Governance, Risk, and Compliance to track overall business risk. The CISO can also go one level deeper with reports, which can be created using any data tracked by ServiceNow. Reports can be scheduled to run automatically and be sent by email, so all stakeholders have the most recent data. Operational teams A vulnerability manager needs to understand the current status of vulnerabilities and remediation. With ServiceNow Vulnerability Response, they can get real-time updates on remediation efforts, open vulnerabilities, and high-risk items. They can also understand what types of assets are impacted, see where they reside in the organization, and dig deeper to get details on each vulnerable item from the dashboard. Tracking of remediation targets allows them to see if there may be compliance issues from unpatched vulnerabilities. Analyst Security analysts need the greatest level of detail. If they’re working on a security incident and want information on how a similar incident was resolved, they can leverage the Security Operations post-incident review. This review is automatically created at the close of each security incident and contains a time-stamped record of every action related to the security incident taken within ServiceNow, whether in security or IT. Assessments from incident responders can also be included as part of the post-incident review. Analysts can also build their own custom reports and dashboards based on any information they have access to in ServiceNow with Performance Analytics. These can help identify patterns or potential issues 16