USE CASE GUIDE Alternately, non-critical failures can be deferred to the next standard change window using the exception management approval process. Once the failures are addressed, a follow-up scan confirms the fix, and the group is closed. Test results from Configuration Compliance can also feed into ServiceNow® Governance, Risk, and Compliance. Configuration Compliance tests can be associated with a GRC policy to generate controls, profiles, and indicators. A test failure means the control is non-compliant, generating a risk issue. When the misconfiguration is remediated, the risk issue is closed automatically. 10