Working with Governance, Risk and Compliance (GRC)

Version: 2023.4

Ivanti Neurons for ITSM Enterprise includes the following applications as part of the solution package:

Neurons for Facilities

Neurons for GRC

Neurons for HR

Security Operations Management

Neurons for PPM

Minimum platform version requirements

Existing Ivanti Neurons for ITSM 2023.4 or a new installation of Neurons for ITSM Enterprise.

Installation and Configuration

New Customers

When installing ITSM 2023.4 or later, all the applications (HR, Facilities, GRC, SOM, PPM) are installed too. Customers do not have to do anything with respect to installation.

Customers without Neurons for ITSM Enterprise licensing: The applications are disabled by default and will not be enabled.

Customers with Neurons for ITSM Enterprise licensing: The applications are disabled by default but Ivanti Professional Services Organization (PSO) will enable them for these customers.

Existing or On-premises Customers

Existing ITSM customers who were onboarded pre-2023.4 and wish to upgrade to Neurons for ITSM Enterprise will need to contact Ivanti Professional Services Organization (PSO) to do the install/upgrade. Cloud customers can opt in to automatic updates if desired.

On-prem customers will need to ask Ivanti Professional Services Organization (PSO) to install/upgrade.


Ivanti Neurons for GRC provides a centralized platform for your Governance, Risk, and Compliance (GRC) team to assess risk and manage compliance against numerous authoritative sources.


Ivanti Neurons for GRC provides the following benefits:

  • Analysis and mitigation of risks.

  • Streamlined audits, findings, reports, and processes for appropriate actions.

  • Rapid containment of any breaches and documentation of steps taken in a secure, need-to-know process.

See How Ivanti Neurons for GRC Works for more detailed information.

Neurons for GRC is associated with the GRC Manager and GRC Analyst roles, and the following primary business objects:

  • GRC Audit

  • GRC Authority Document

  • GRC Citation

  • GRC Compliance

  • GRC Control

  • GRC Control Indicator

  • GRC Evidence

  • GRC Exception

  • GRC Mitigation Plan

  • GRC Policy

  • GRC Supervisory Authority

  • GRC Risk

  • GRC Risk Assessment

  • GRC Risk Mitigation

  • GRC Threat Analysis

Important: Some content, such as pick list values, is locked to preserve system functions. Locked content is designated by a padlock icon in the Configuration console. You can duplicate locked content and then edit it.

What's New

Neurons for GRC offers several enhancements for 2023.4:

Apply an Attestation to a Control record. By applying an Attestation, you are documenting that a Control has been implemented, how it has been implemented, and why.

Apply a Control Indicator to a Control record. Apply a Control Indicator to ensure that a Control is compliant, and demonstrate/ensure it is reviewed on a regular basis.

When applying an Exception to an Audit or Policy record, the Exception Type and Audit/Policy fields on the Exception record are completed automatically. This new feature avoids erroneous entries in these fields.

When a Policy record's Status field is set to Cancelled or Retired, the Policy record is locked, and is no longer editable.

Neurons for GRC Roles

Two roles are available for Neurons for GRC:

GRC Manager

The GRC Manager has full access to all Neurons for GRC features. This includes full read/write access for all GRC business object records.

GRC Analyst

The GRC Analyst has restricted access to Neurons for GRC features. For the majority of features, the GRC Analyst has read access only, however is able to carry out analytical tasks against GRC business object records.