Finished 2026 Q1 strong with a very important launch for one of the world’s top global insurers – implemented and successfully deployed first batch of Control Automations for the ServiceNow IRM solution.
Automated control workflows in areas such as: good coding practices, secure design, development and testing environment management, testing best practices and others within ServiceNow IRM.
What this means:
- Scalable foundation for ongoing control automation across the enterprise
- Reduced manual effort and faster risk remediation timelines
- Clear, auditable evidence of compliance for internal and external audits.
Key Challenges in Implementing Automated Controls
The journey to automation is rarely a “plug-and-play” experience. During the implementation, the team had to navigate several critical hurdles:
- Data Quality & Silos. Automated controls are only as good as the data feeding them. The first step was to standardize data across different systems to ensure that the data being loaded to ServiceNow is accurate and shows actual status for each system in scope. Enhancements in this area are still ongoing and will be further advanced by the respective Service owners.
- Defining ‘Automatable’ Logic. Not every control can be automated. A major challenge was translating complex, qualitative human-centric controls into binary, data-driven logic that the system could test without intervention.
- Architectural Complexity. Without a strong enterprise architecture, ServiceNow IRM can become a “Wild West” of disconnected workflows as well as increased complexity of the technical solution. Therefore, the team took architectural decision to implement data load to ServiceNow from different systems storing the evidences for defined controls via the unified API.
- Change Management. Shifting from manual control compliance verifications to an automated platform leaves less space for any data manipulations, which required adjustments for service owners and auditors accustomed to traditional methods.
The Result: A New Standard for Resilience
This first badge of automations – targeting high-frequency IT controls is expected to deliver a reduction in manual effort for compliance tasks as well as ensure data accuracy, when it comes to organization’s compliance to approved processes and regulations.
With this successful foundation, the global insurer is now scaling the program to include new automated controls in Q2 and beyond.
Kudos to the whole multinational multi-company team who contributed to turning this vision into reality!
—
If you’re exploring how ServiceNow IRM could elevate your risk program, or how automated control automations can transform your risk and compliance posture, let’s connect.