News | Cerna Solutions


As the access to data increases, the risk of sensitive data exposure increases as well. A great strategy to prevent embarrassing data leaks is to limit access to that data as much as possible. Thankfully, ServiceNow includes excellent out-of-the-box security features that help safeguard the HR department’s reputation. Nevertheless, ServiceNow administrators should take a few extra steps to restrict access to sensitive data, thereby increasing security and privacy for employees.

Implement COE Security policies to limit the number of users who can access sensitive data in ServiceNow

Restrict access to sensitive employee data on the Now Platform

Our ServiceNow expert William Smith demonstrates how to easily create COE security policies to control access to HR case data. Centers of Excellence are tables that allow cases to be organized by HR departments, where security policy records can be created to restrict access to HR case information. User groups that are not included in the COE policy cannot access the cases. This feature is provided as a no code alternative to ACL rules, in that it is simpler to setup, configure, and manage.

| Read more: HR vs. IT - How to Use ServiceNow to End the Feud

Great for organizations with services spread across different teams

This feature is best utilized by larger organizations that have HR services spread across different teams. These teams could include service delivery, benefits, payroll, and more. To restrict access to the department data, create security policies for each team, and then also apply them to specific HR services (such as disciplinary and/or termination).

Centers of Excellence Security Policies
Released with Orlando version in January of 2020
View ServiceNow documentation

Easily ensure data security and privacy for employees

Adding COE security makes it simple to control access to your sensitive HR cases and ensures that only the proper groups can view cases that pertain to them. Implementing these security policies takes just a few clicks. When finished, there will be peace of mind knowing your organization’s HR cases are secure. Bonus, only minimal testing is needed! Watch the video to see how!

Technical Details  Documentation
COE security policies are managed through the hr_SecurityUtils().getCoeSecurityPolicy(caseGr, operation, userId). They are called from the hr_Case().canReadCase() and canEditCase(). These are setup in the read and write table ACLs respectively.

| Read more: 5 ways ServiceNow makes HR Easier

ServiceNow HR Security experts

Implementing COE security policies is just one of the many ways to ensure data security and mitigate the potential for harmful data leaks. No matter where you are on your ServiceNow journey, whether looking to implement the HR application, expand its features, or ensure its security, we can help you accomplish your goals faster. Cerna Solutions is a team of 100% US-based ServiceNow experts, with authoritative expertise in ServiceNow human resources and security. Visit our HR Offering webpage for more information about our HR expertise, or contact us for an HR security assessment.

Updated: 5 days ago

Understanding current maturity drives forward progress

Cerna Solution’s team of experts developed a maturity model that integrates risk, compliance, governance, and audit into one Integrated Risk Management (IRM) model. This model provides a map of typical organizational maturity as it relates to People, Process, and Technology:

People: Organizational goals are achieved with a clear delegation of roles and responsibilities.

Process: The way processes are defined and executed enables risk and compliance management.

Technology: Tools assist people by reinforcing processes and visualizing data.

Often organizations find that while mature in one area, they are behind in another. Understanding current maturity as it relates to each of the three facets above will help map out the next steps to drive forward progress.

Breaking down maturity into four levels and three dimensions

Integrated Risk Management can be broken down into four maturity levels as they relate to the three dimensions of People, Process, and Technology:

  1. Disjointed organizations often have duplicate efforts across frameworks, with no clearly defined responsibilities, processes, or tools (e.g. spreadsheets, Word, Access, etc.).

  2. Reactive organizations prioritize their time in reaction to changing priorities and events. They have basic delegation of responsibility, with documented processes that are enforced by a centralized tool.

  3. Proactive organizations are anticipating issues before they happen, monitoring control compliance, with comprehensive delegation of responsibilities and secure, central, data storage.

  4. Managed organizations have identified roles and responsibilities that align with organizational accountability. They have automated monitoring and lifecycles in an intuitive, single view of integrated risk that includes real-time governance, compliance, and audit information.

| Read more: Mitigating Vendor Risks with ServiceNow

See what’s next in the maturity journey

While understanding the current state of risk maturity is the first step, mapping out the next steps of the maturity journey can be daunting and confusing. This is why Cerna Solutions is standing by to provide the expertise and tools to expedite the IRM maturity journey. Cerna Solutions is a team of 100% US-based ServiceNow experts that possess deep knowledge of how to properly integrate people and process with industry-leading technologies. Contact us for an IRM maturity assessment.

Updated: 6 days ago

We’re all in this together

In this unprecedented time of isolation, Cerna is proud to produce the free Cerna at Home series to benefit community wellness. Experts from our community will be teaching digital classes to engage the mind and body in stress-relieving activities. Join us from the safety of your home as we take a digital spin on three wellness favorites.

Part 1: Digital Yoga

Fri, Jul 31, 2020 1:00 PM - 2:00 PM EDT

Nadchielly Sain will guide participants along a virtual revitalization of body and mind with a vinyasa flow. Strengthen the physique and calm the psyche with this class that is perfect for all levels of experience, whether beginner or an expert yogi or yogini.

Register for Digital Yoga

Part 2: Cooperative Cooking

Thu, Aug 27, 2020 8:00 PM - 9:15 PM EDT

Join Chef Dorian for a menu that celebrates the freshness of the season and focuses on one of his favorite cuisines! Learn how to cook from the comfort of your home during a live stream interactive class, and follow along with his easy step-by-step instructions and fun teaching method. Classes are approximately one hour and will take you through a complete meal from preparation to presentation. After the class, there will be a 15 minute Q&A session to answer questions about the meal or other cooking questions that you may have.

Menu: Seared Salmon with Vegetable-Grain Stir Fry + Sauce

Register for Cooperative Cooking

Part 3: Plug into Bliss

September, TBA

She is an international DJ, meditation expert, and sound healer. Her name is Angelique Bianca, and she will be guiding our community along a three-part journey to “Plug into Bliss”. First, nasal breathing exercises calm the body. Then, guided meditation soothes the mind. With body and mind in blissful solidarity, the journey crescendos into an all-encompassing sound bath. This unique, sensual experience bathes the mind in sound healing, guiding listeners into a deep and rejuvenating meditative state.

Register for Plug into Bliss

How to Attend

At Cerna, we believe that community wellness impacts everyone. That is why the CERNA AT HOME series is free to attend for all members of our community -- and yours. Currently, we are planning to host an event during each of the three upcoming months, starting with the Digital Yoga class in July. Once you register for an event, you will subscribe to future notifications regarding the event, including soon to be announced days and times for the Cooperative Cooking and Plug into Bliss digital experiences. Registrants will also receive a reminder before the event, along with a link delivered by email that will enable connection to the event. We will continue to update this page and the corresponding event pages with more information as it comes available.

Please email any questions to

About Cerna

Two companies make up the Cerna Family. CernaLabs and Cerna Solutions are based out of our home office in Carlsbad, CA. However, the reach of our community extends across the country as we employ a unique team of experts of which 90% are remote.

CernaLabs is the team behind CapIO, the first automated testing platform for ServiceNow. Cerna Solutions is our consulting arm, made up of 100% US-based ServiceNow experts, whose sole mission is to help organizations gain more value out of their ServiceNow investment.

Share Cerna at Home

We invite you to share the following image with your friends and family – and their friends and family! These classes are free and open to your community. This page can be accessed via the short link: See you at home!

Start Now

Security & Risk Solutions
IT Solutions
Business Solutions
HR Solutions
Customer Solutions
CS 2020 LOGO - solutions tagline (white)


Phone:  +1 844 804 6111 (US)

               +44 (20) 33254077 (UK)

  • White LinkedIn Icon
  • White YouTube Icon
  • White Twitter Icon
ServiceNow Services

© 2020 Cerna Solutions, Inc. All Rights Reserved. 1850 Diamond St. Suite 101, San Marcos, CA, 92078