The complexity of managing an ever-changing risk and compliance landscape — particularly when internal risk management teams are relying on manual processes — demands that businesses embrace automation balanced with the realities of business operations.

Our Automated Regulatory Compliance (ArC) content service – fully integrated into ServiceNow – monitors industry-specific national and international regulatory amendments and privacy laws, including state sources for personal information protection, security breaches, data sharing, identity theft, and notification. This tailored compliance tracking is delivered through an expanding suite of ServiceNow certified apps, giving your teams positive confirmation that policies, baselines and controls are always compliant with the latest regulations. Requirements are updated quarterly.

The ArC Content Service is maintained by compliance experts in NIST, PCI DSS, Sarbanes Oxley, FFIEC, GLBA, FRB Reg A-YY, HIPAA, Privacy, FDA, NERC CIP, and more.

Sources: Authority Documents represent industry-specific laws, regulations and standards that are maintained and monitored within our ArC content library spanning 20 industries. Internal governance documents specific to your organization can be configured for onboarding into the ServiceNow platform.

Citations: Authority Documents within the ArC content library are decomposed by our compliance experts into verbatim line-item citations. Internal governance documents specific to your organization can be decomposed into citations that can be used within the ServiceNow platform.

Integrated Requirements: Each citation is strategically mapped to our library of 250+ Integrated Requirements composed of a Control Objective and Risk Statement. The 1:1 mappings enable a foundation for integrated risk and compliance management through granular visibility within the ServiceNow platform. Mappings can be configured across ITRM, ERM and ORM taxonomies.

Automated compliance tracking for faster time to value

The ArC apps help you avoid the on-going expense of monitoring, updating and operationalizing content changes within ServiceNow, realizing a faster time to value. The service employs a three-pronged compliance approach:

Updated Source Content Monitoring — provides industry-specific harmonized laws, regulations, and best-practices that are decomposed and mapped against our IT Risk and Compliance Management framework.

Source Change Notifications — delivers quarterly update notifications for sources that are maintained and monitored by our ArC Content Team via a summary e-newsletter.

Compliance Reporting — provides audience-specific reporting on a mandate-by-mandate basis, and presents your risk and compliance posture in the language and format that each regulator, examiner and auditor requires.​

Industry specific focus to suit your needs

ArC delivers harmonized laws and regulations along with risk, governance and control-related information for a growing list of industries.

Ready to see ArC in action? Watch our demo below to learn how we can streamline compliance through automation and harmonized content, delivering efficiency and confidence at scale.