Windward provided the Cybersecurity and Compliance Team planning, design, and implementation support for a newly migrated ServiceNow GRC application in preparation for certification efforts. Throughout the engagement, Windward worked closely with the compliance team to enable the ServiceNow platform to align with the needs of certification needs of the customer. This encompassed addressing challenges in recognizing and managing control data, ensuring data readiness, updating GRC configurations, refining reports and dashboards, and providing guidance on organizational change
Established data readiness across ServiceNow foundational data, CI’s, assets, APM, GRC controls and related data to fully support the certification process. This included addressing gaps in their Entity structure (Infrastructure, Common, Application, Facilities) and controls.
Enriched situational reports and dashboards for managers and program leaders who rely on control data to scope and prioritize certification progress, remediation efforts, and capacity building.
Updated ServiceNow GRC configurations, which totaled approximately two dozen detailed user stories, to align to the customer’s certification processes.
Supported our customer’s cybersecurity leaders on organizational process transitions, which included planning, technical execution, coordination, and oversight of project tasks associated with tool-process alignment.
Advised how to best leverage ServiceNow capabilities, including security exceptions, continuous monitoring, risk management, vulnerability response and third-party risk management.
