In ServiceNow, Access Controls (ACLs) determine the permissions required for users to access or modify data. For a user to pass an Access Control, the following conditions must be met:
Conditions configured in the Access Control must evaluate to true: Access Controls can have specific conditions set in the "Condition" field. These conditions are evaluated against the current record, and must return true for the Access Control to grant access.
The user has one of the roles specified in the Required roles related list: Access Controls can specify certain roles that a user must possess to gain access. If the user holds at least one of these roles, this criterion is satisfied.
Scripts configured in the Access Control must evaluate to true: Access Controls can include scripts that perform more granular checks. The script must execute without errors and return true for the user to pass the Access Control.
Option A is incorrect because Business Rules do not grant access; they are server-side scripts that execute based on record operations but do not control security permissions.
Option D is misleading. Each Access Control is evaluated independently. While multiple Access Controls can apply to a single operation, passing one does not inherently grant access unless it is the most specific match.
For more detailed information, refer to the official ServiceNow documentation on Access Controls:
servicenow.com
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit