|
| 1 | +GRC Policy Deletion Guard |
| 2 | +Overview |
| 3 | +This Business Rule enhances data integrity for ServiceNow's Governance, Risk, and Compliance (GRC) module. It prevents the deletion of a sn_compliance_policy record if it is still associated with any active controls. This ensures that policy changes are managed properly and prevents compliance gaps that could occur if a foundational policy is removed while dependent controls are still active. |
| 4 | +Details |
| 5 | +Script Name: Prevent Delete of Policy with Active Controls |
| 6 | +Target Table: sn_compliance_policy |
| 7 | +Run Time: before delete |
| 8 | +Action: Prevents a policy from being deleted if it has active, linked controls. Displays an error message to the user and aborts the deletion action. |
| 9 | +Logic: |
| 10 | +Uses GlideAggregate for an efficient query on the many-to-many (m2m) table (sn_compliance_m2m_policy_policy_statement) that links policies to control statements. |
| 11 | +The query filters for records where: |
| 12 | +The document field matches the sys_id of the policy being deleted. |
| 13 | +The related content record (the control statement) has its active field set to true. |
| 14 | +A COUNT aggregate is performed on the filtered records. |
| 15 | +If the count is greater than zero, the script adds an error message to the form and aborts the deletion process using current.setAbortAction(true). |
| 16 | +Business Rule Configuration |
| 17 | +To implement this functionality, configure the following settings in the Business Rule record: |
| 18 | +Name: Prevent Delete of Policy with Active Controls |
| 19 | +Table: sn_compliance_policy |
| 20 | +When to run: |
| 21 | +When: before |
| 22 | +Delete: checked |
| 23 | +Advanced: checked |
| 24 | + |
| 25 | + |
| 26 | +Purpose and Benefits |
| 27 | +This Business Rule provides the following benefits to the GRC application: |
| 28 | +Data Integrity: Prevents the accidental or erroneous deletion of policies that are still in active use, thereby preventing broken relationships in your GRC data model. |
| 29 | +Controlled Changes: Enforces a process where administrators must first inactivate or re-associate all controls linked to a policy before it can be deleted, ensuring proper change management. |
| 30 | +User Feedback: Provides clear and immediate feedback to the user, explaining why the requested action was denied and outlining the necessary steps to proceed. |
| 31 | +Performance: Utilizes the efficient GlideAggregate method, which scales well even on large production instances. |
| 32 | +Usage |
| 33 | +This script is a core part of GRC data governance. If a user attempts to delete a policy with active controls, they will see an error message and the deletion will be stopped. The user must navigate to the related controls and either make them inactive or associate them with a different policy before attempting to delete the original policy again. |
| 34 | + |
| 35 | + |
| 36 | + |
0 commit comments