Skip to main content
Image coming soon

Building Audit-Ready ITSM: Change, Incident and CMDB

$199.00
Adding to cart… The item has been added

A focused course, tailored for you

Building Audit-Ready ITSM: Change, Incident and CMDB

How to configure change, incident, and CMDB workflows that pass an audit without rebuilding them after the fact.

A ServiceNow ITSM developer can build a workflow that closes every ticket on time and still fail an audit. The gap is not in the process logic. It is in the evidence layer: when approvals were captured, how CI relationships were scoped, whether the audit trail is exportable to a GRC platform. Fixing it after an audit finding means rebuilding configurations that were already in production.

$199 one-time
Tailored to your situation. Access within 24 hours. 30-day money-back.

Includes a hand-built implementation playbook delivered alongside course access, generated for your specific situation.

Why this course

Most ITSM builds are optimised for throughput, not auditability. Change workflows run, tickets close, SLAs are met. Then an auditor or a compliance team asks for the pre-approval evidence record and the CMDB scope used to assess impact. The current build has neither in a usable form. The developer who built it has to go back into production and retrofit evidence capture into workflows that were never designed for it. That retrofit is expensive, breaks existing integrations, and creates a period of non-compliance while the fix is in flight. The right answer is building for auditability from the first configuration decision, not as a post-audit cleanup task.

What you walk away with

  • Configure change workflows with embedded pre-approval evidence capture that satisfies ISO 20000 and ITIL 4 audit requirements.
  • Build a CMDB CI relationship model that accurately scopes change impact and holds up to an auditor's scope challenge.
  • Design a service catalog that auto-generates the paper trail compliance teams need without manual ticket annotation.
  • Export clean, structured ITSM data to a GRC platform via a scripted API that maps to standard control frameworks.
  • Produce an incident management configuration where every major incident has a linked problem record and a root-cause evidence chain.
  • Deliver a platform governance layer: access controls, update set hygiene, and change management for platform changes themselves.

The 12 modules

Module 1. Audit Anatomy of an ITSM Build
What an ISO 20000 or SOC 2 Change Management auditor actually looks at when they open a ServiceNow instance. This module maps the five most common audit findings in ITSM builds to the specific configuration decisions that caused them. You leave with a checklist of the 12 configuration points auditors look for, so you know exactly what to build in the modules that follow.
Module 2. Change Workflow Design for Evidence Capture
Most change workflows capture approval as a single Yes/No field. Auditors want to see who approved, what they reviewed, when, and what evidence they had in front of them. This module shows how to redesign the approval stage in Flow Designer so the pre-approval evidence record is a structured, exportable object attached to the change ticket at the moment of approval, not reconstructed afterward.
Module 3. CMDB CI Scoping for Change Impact Assessment
Change impact assessment is meaningless if the CMDB CI relationships are incomplete or stale. This module covers the specific relationship classes and CI attributes that an auditor needs to verify change scope: how to build discovery rules that maintain accuracy, how to use the Affected CIs field to generate an auto-calculated impact assessment, and how to version the CMDB state at change approval time so the pre- and post-change CMDB snapshot is part of the ticket record.
Module 4. Emergency Change and Out-of-Band Evidence
Emergency changes are where most ITSM audit findings cluster. The workflow bypasses normal approval stages and the evidence trail is thin. This module builds a compliant emergency change workflow that captures the retroactive approval and evidence record in a structured form, ties the emergency change to a problem record automatically, and flags it in the Change Advisory Board dashboard for review without requiring manual annotation.
Module 5. Incident Management with Root Cause Linkage
For major incident management, auditors want to see the incident record, the linked problem record, and the root cause determination with evidence. This module configures the major incident flag logic, the auto-creation of a linked problem record at the right threshold, and the root cause evidence template that compliance teams can pull directly from the incident ticket without a separate document being maintained outside the platform.
Module 6. Service Catalog as Compliance Artefact Generator
A service catalog request should generate the paper trail automatically. This module shows how to build catalog items and workflows so that every approval, every provisioning step, and every fulfiller action is a structured record tied to the original request. Specifically: how to use workflow annotations to produce the human-readable evidence log an auditor can read without knowing ServiceNow, and how to map catalog items to service definitions in the service portfolio.
Module 7. GRC Integration via Scripted REST API
Compliance and audit teams need ITSM data in their GRC platforms. This module builds a scripted REST API that exports change records, incident records, and CMDB snapshots in a structured format that maps to common control frameworks. You will configure table API filters for date range and record type, handle pagination for large exports, and build the field mapping between ServiceNow fields and the GRC platform's control evidence schema.
Module 8. Access Control Architecture for ITSM Compliance
Auditors check who can create, approve, and close change and incident records. Segregation of duties failures (approver = requester, developer = approver in production) are common findings. This module designs the ACL and role architecture for ITSM that enforces segregation of duties at the record level, produces an access audit report from the platform, and handles the edge case of admin override with a logged justification record.
Module 9. Update Set Governance and Platform Change Management
Platform developers make changes to the ServiceNow instance itself via update sets. Those changes are subject to change management too. This module builds the update set workflow: how to tie an update set to a change ticket, how to require CAB approval before a production push, and how to capture the before- and after-state of a configuration record so the change has a reversible evidence trail. This is the configuration that governs your own work.
Module 10. SLA Design with Compliance Reporting
SLA records are audit evidence. An SLA breach on a critical incident or a change that ran past its approved maintenance window is a finding. This module configures SLA definitions, pause conditions, and breach notifications so that the SLA record is an accurate reflection of what happened and why. Specifically: how to build the SLA exception record that captures the justification for a pause or a breach, so the compliance report does not just show a red SLA without context.
Module 11. Reporting and Dashboard Design for Audit Readiness
Building an audit-ready dashboard in ServiceNow means the compliance team can run their own review without asking the developer to pull data. This module builds three reports: a change management compliance summary (approvals, CAB attendance, emergency change ratio), an incident management summary (major incident rate, mean time to root cause, problem record linkage rate), and a CMDB accuracy indicator tied to the discovery schedule. Each report is scheduled to run weekly and exported to a shared folder.
Module 12. Implementation Playbook and Go-Live Checklist
The final module assembles everything built across the course into a structured go-live checklist: 47 configuration points across change, incident, CMDB, service catalog, access control, and reporting that an auditor would check on day one. You also get the hand-built implementation playbook specific to your environment. This module covers how to run a pre-audit self-assessment using the checklist, document the gaps, and build a remediation roadmap that closes them before the audit opens.

How this addresses your situation

Specific modules that map to what you said you are dealing with.

Change audit finding: auditor cannot locate the pre-approval evidence record -> Module 2 (evidence capture in approval stage) + Module 4 (emergency change retroactive evidence).
CMDB scope challenge: auditor questions whether all affected CIs were listed in the impact assessment -> Module 3 (CI relationship scoping and CMDB snapshot at approval time).
GRC platform data request: compliance team needs structured ITSM exports -> Module 7 (scripted REST API with control framework field mapping).
Segregation of duties finding: approver and requester are the same person in production -> Module 8 (ACL and role architecture for ITSM segregation of duties).

What you get with this course

  • 12 written modules delivered in the Art of Service learning environment.
  • Downloadable templates for every module: approval workflow configuration checklist, CMDB CI relationship map template, emergency change evidence record template, GRC export field mapping spreadsheet, access control role matrix, audit-readiness dashboard report templates.
  • The hand-built implementation playbook tailored to a ServiceNow ITSM developer's specific configuration context, delivered alongside course access.

What you will have in hand by Day 1, Week 1, Month 1

Within 24 hours your account in the learning environment is provisioned and the tailored implementation playbook is delivered alongside it.

Before and after

Before

ITSM workflows run and tickets close on time. An audit finding or a GRC data request arrives and the evidence layer is missing or scattered across manual documents outside the platform. Retrofitting takes weeks and breaks existing integrations.

After

Change, incident, and CMDB configurations are built to capture evidence at the right stage. The audit trail is in the platform, exportable, and does not require manual reconstruction. An audit cycle opens and the configuration is already compliant.

What happens if you do not address this

Every ITSM configuration built without auditability in mind is a future retrofit project. Each retrofit runs in production, creates a period of partial compliance, and requires regression testing on workflows that were already signed off. The cost of a post-audit retrofit is typically three to five times the cost of building for compliance from the start.

Who it is for

You are a ServiceNow Developer focused on ITSM. You configure incident, change, problem, and service catalog modules. You work with Flow Designer, Business Rules, and scripted REST APIs. Your stakeholders now include compliance and audit functions who need your ITSM data to feed into GRC reviews. You want to build configurations that satisfy those requirements without having to redo production workflows every time an audit cycle opens.

Who this is NOT for. Developers building non-ITSM ServiceNow modules (HR, CSM, SecOps) who have no compliance audit exposure. Architects who are not responsible for hands-on ITSM configuration.

How it arrives

Text-based course in the Art of Service learning environment, plus downloadable templates and worked examples for every module, plus the hand-built implementation playbook delivered alongside course access.

Time investment. Each module is designed to be completed in one focused session of 45-60 minutes. The full course is 12 modules. The implementation playbook is structured for use alongside the course, not after it.

Why $199 is the right number

ServiceNow documentation covers configuration mechanics but not compliance requirements. ITIL 4 certification covers process theory but not platform configuration. This course covers the specific intersection: how to configure ServiceNow ITSM to satisfy ISO 20000 and SOC 2 Change Management audit requirements, with artefacts you can ship in your own instance.

FAQ

Does this require admin access to a ServiceNow instance?
The course is designed for developers who have admin or developer access in a ServiceNow instance. The configuration artefacts require table-level access to change, incident, CMDB, and catalog tables. The implementation playbook is tailored to your specific access level and instance configuration.
Which ServiceNow release is this for?
The course covers configuration patterns applicable to current ServiceNow releases. The core ITSM modules (change, incident, problem, CMDB, service catalog) have been architecturally stable across releases. The implementation playbook is tailored to your current release.
Does this cover ITIL 4 or ISO 20000 certification prep?
No. This is a configuration skills course for ServiceNow developers, not a process or certification prep course. It teaches how to build ITSM configurations that satisfy the audit evidence requirements of those frameworks, not how to pass the frameworks' certifications.

30-day money-back guarantee. If after a week of working through the materials this is not what you needed, reply to the receipt email and a full refund is processed. No questions, no forms.

Within 24 hours your account in the learning environment is provisioned and the tailored implementation playbook is delivered alongside it.

!