ServiceNow

Job Summary: SME is responsible for designing, implementing, and governing the

organization’s Integrated Risk Management capabilities on the

ServiceNow platform. This role ensures that enterprise risks,

controls, compliance requirements, and issues are effectively

captured, assessed, mo nitored, and remediated using out - of - the -

box IRM applications. The SME works closely with security,

compliance, audit, and business stakeholders to define governance

frameworks, configure IRM modules, establish risk taxonomies, and

ensure adherence to regu latory and organizational standards. The

position also includes driving best practices, maintaining IRM data

quality, supporting audits, and enabling end - to - end visibility of risk

and compliance posture across the enterprise.

Key Responsibilities:

• Define, maintain, and enforce ServiceNow IRM governance
  
  

framework, policies, and standards.

• Design, configure, and implement core IRM modules: Risk
  
  

Management, Policy & Compliance, Control Management,

and Issue Management.

• Develop and maintain enterprise risk taxonomy, risk
  
  

statements, controls, and compliance requirements.

• Configure OOB assessment templates, control testing
  
  

workflows, indicators (KRIs), and automated evidence

collection.

• Ensure IRM processes align with regulatory standards (ISO,
  
  

SOC2, NIST), audit requirements, and internal governance

policies.

• Integrate risk, controls, and compliance items with relevant
  
  

CMDB classes and business services for end - to - end

traceability.

• Drive process improvements in risk identification,
  
  

assessment, mitigation, and monitoring.

• Collaborate with security, audit, compliance, privacy, and
  
  

business teams to capture IRM requirements and ensure

alignment.