ServiceNow, Inc. (NOW) Earnings Call Transcript & Summary

All right, everyone. We're going to go ahead and get started. Hello, everyone. Welcome to our first Quarterly Risk and ESG road map presentation of 2024. My name is Brittany Pettit, and I'll be your host today. And first and foremost, I hope that everyone is doing really well and that your year is off to a great start. Today, I'm joined by my colleagues in Outbound Product management, and we're going to present the upcoming features and recently released features in our Washington D.C. release as well as cover the road map. Our product success team is also here standing by to assist with any questions that come in during the webinar. We are delighted to have you all with us today. And there is a rather large crowd attending to learn how to be successful with the Risk and ESG products directly from the team that built it. We're going to be together for about an hour and 30 minutes or so. I will start with an agenda and a couple of important housekeeping announcements before handing the floor over to Scott. We're going to start with a really exciting update from our most recent analyst evaluation, and then we'll get into a deep dive into the capabilities being released in Washington, D.C. across the risk portfolio. We will then finish with a consolidated view of the product road map and upcoming community events planned for later this year. And as usual, there will be polling questions sprinkled throughout the session, adding in the prioritization of -- or aiding in the prioritization of your road maps. So please aim to participate in the polling questions. Your feedback is always greatly appreciated. Finally, we will address some of your questions for another 10 minutes or so time allowing. So of course, most importantly, this whole presentation is confidential and shared only with you today. So please make sure that there is no copying, no recording and no sharing of anything that you'll see in here today. This is the condition under which we can share great information with you before anyone else. So please help us to keep all of the secret so that we can continue holding these calls. If you're not able to abide by these conditions for any reason, please reach out to your ServiceNow account team, so they can find a solution that's more suitable for you than this call today. And if you require a dedicated presentation for your organization for any reason, let us know that in the feedback survey, and we'll get back to you. Also, the content of this presentation is governed by the usual safe harbor notice that applies to all forward-looking statements, and you can find all these conditions in detail in the private forum. So obviously, we would love this call to be a dialogue. And for this, we have our pools today to get to know you a little bit better right at the beginning and also a feedback survey at the end of the call. And the feedback survey is a critical way for us to know how we can better serve you, develop product features that you need and request more information. In the survey that we send out, you'll have the opportunity to request an attendance certificate as well. The survey form should pop up in your browser at the end of the call. If you can't complete the survey today, we'll also make sure that you receive reminders via e-mail too. And for your questions during the call, please use the Q&A button. I got a note saying that the chat was disabled, so it shouldn't be an issue. But just to let you know that we are taking questions through the Q&A. The team is ready to provide answers on the fly, and we will summarize your questions at the end of the call if we don't answer them live as well. And all questions that, for whatever reason, are unanswered at the end of the call will be addressed after the call in a private forum too. And also, the community forums are a place where we are constantly checking for feedback and ideas. The private Forum is your one-stop shop to get the critical information that you need. So make sure that you joined in community, subscribe, get alerts, bookmark the page in your browser so that it's easy to find in the future, all that good stuff. And due to the confidential nature of some of our content, we can't promise that a recording of this presentation will be posted there. But you'll find lots of other great content posted in the private forum. There is also an idea portal on the Now community as well that allows for voting and prioritization. The product managers do check this regularly and provide updates. And then, of course, the not -- last but not least, of these options is your account executive who is always more than ready to listen to you. So with no further ado, a quick poll question, our first poll question. This one is just to get a sense of who we've got in the audience today. So let us know what best describes your involvement with the Risk and/or ESG products in our portfolio? And again, this just helps you calibrate, make sure that the content that we're presenting you during these calls is oriented to the right folks who are listening, make sure that it's useful for you in your roles, your personas. So this really does help us get a good distribution understanding of the folks who are on our call today. So thank you so much for responding and allowing us know who we've got. And thank you all for your participation. As always, we really do appreciate when you chime in on these poll questions. I'd love to see those numbers being so high. Right, a couple more seconds. And it looks like we've got a good distribution. I'm going to go ahead and end it. Folks in the audience. So a good portion are implementing Risk and/or ESG, so very much in the weeds. A few folks who use Risk and ESG or their team uses Risk and ESG in their product daily and other folks who themselves use the product daily or are the manager for the whole ServiceNow platform in the organization. Thank you all so much for participating. And we know that you're all going to find useful and relevant information about our Washington D.C. release and upcoming road maps as well. All right. So with no further ado, I'm going to go ahead and turn it over to Scott. Scott, the floor is yours.

Awesome. Thank you, Brittany. And I -- my part of this is very short today, so we will get right to it. But some of you may or may not have seen this, but there was recently the release of the Forrester Governance Risk and Compliance platforms Wave that came out at the end of last year in early December. And I am so pleased to announce that we are a clear leader when it looks at market presence. They have us clear out as the strongest contender here furthest to the right. And really, when it comes to the current offering, very marginal differences between us and the other players in this space. So listing us as a clear leader. I want to thank most of those that are of interest today are part of my team, and they worked diligently to make this all happen. So I want to thank them. But we are excited that we are also recognized by the analysts as being a clear leader in this space when it comes to the GRC market. Now I will tell you, there is a third-party risk management one that we responded to in late Q4 that should be out sometime later this month, and there's a sustainable IT platforms wave that should be coming out at the end of Q1, which we have also responded to, and I'm really looking forward to the fact that what we bring to the table plays as a leader in all of these spaces. We haven't seen the results of the last two yet, but it's a testament to what we can do with the ServiceNow platform. Now the team, if you go ahead and advance Brittany, did take a lot of time. I mean, remove the names off the top for the sake of -- I don't like to -- we don't like to never talk bad about anyone, but when as a participant in this week, a list of scores for every single category across every single one of the contenders in the space that were included in the report. And when we plot them, thank you [ Saurabh ] for going through the hard work of plotting every single one of these scores across every single category, whether it's the current offering or the overall strategy and road map. One of the things that you'll see here is we very much in support of that metric, like have a clear position as the leader here with the most green, no red across the board against all of our competitors in this space. And one of the things and this was just very eye opening to me and seeing it in this format as opposed to just a big spreadsheet of a bunch of numbers, which is hard to comprehend. This just shows what Forrester has said about us. And more importantly, I want to point out, and it's the purpose of this call is when it looks at one, they talked about us being powered with the CMDB, leading risk management capabilities powered by AI. We talked about with them about some of the things that we were doing in this space, and we scored very high in those markets, but also that when it comes to the space, Forrester really called out the fact that we've got one of the strongest strategies in road maps in the space. And you can look at that across the board. And really, we're the only one that both from an innovation and road map scored in a perfect score in both of those categories across the board. And it's a testament of what we're going to get into today as we look at what our innovation plan is and what we're doing from a road map perspective. Forrester says we've got one of the strongest road maps and strategies going forward of anyone in this space based upon that report that came out in Q4. And I'm excited for the team to get into the rest of this with you today. So one last slide, if you move forward, what you will see is a part of this is it's not just -- when we look at where we're at from a third-party risk management platforms, the last one, and that one has been refreshed or the IT Risk from Gartner, which they have -- the IT vendor risk and the IT risk one, which we were a leader in from Gartner. Gartner is still trying to figure out what they want to do because if you're a Gartner fan, right? And you say, "Well, I only look at the MQs". They have sunset those two magic quadrants and the last ones we were listed as a leader. We're hoping that they do something this year to revive those particular things. But really by Gartner and Forrester across the board seen as a leader in this space. And I just want to all of you, our customers and partners that are on the phone as well. Thank you for helping us build this great community in this great ecosystem, and we are looking forward to the amazing things going forward as we partner with you our partners and our customers and going forward with this. So with that, I will finish and let the team move on with showing you and backing up what I just said from a road map perspective.

Perfect. Thanks, Scott. Super exciting stuff. All right. So with that, we're going to go ahead and get into what's new in the Washington, D.C. release. Either it's early [ GA ] or it's already out. We're going to cover for you all of the key things to know in all of our different road maps. And I'll read these out in order, just so that you have an understanding of sort of what's coming down the pike if your ears pick up at any of these. And make sure that you tune in your -- I saw a question in the chat, more than willing to take off-line notes about any of these. So make sure that you're tuning in and paying good attention for those critical items that catch your eye. So ESG management is where we'll start, and we'll cover policy and compliance than regulatory change, compliance caseCAM covered by [ Pradeep ], which is Continuous Authorization and Monitoring. Andy is going to cover audit, then we've got [ Pradeep ] again for ARA, Advanced Risk Management. Then we've got third-party risk management with Andy, privacy with Shannon, and then Shamile is going to bring us home with BCM, Business Continuity Management before we get into the road maps. So with that, I'll go ahead and we'll dive into what's new in Washington, D.C. release for ESG management. So this was a big, big release for ESGM. A lot of exciting stuff to cover. I'll just cover a couple of highlights and then walk through one of our key features in a little bit more detail, and this will be the same format for each one of the road maps. And just so that you're aware, too, for Q1 and Q3, we do cover a lot of what's coming in Washington, D.C. because this is when our big family releases come out. And Q2 and Q4 is when we'll be covering the road maps for each of these products in a lot more detail as well. Like I said, we'll cover the road map at the end at a high level, but really today is to give you an introduction to what's new and key functionality within each of these different products. So within ESGM for Washington, D.C. release, we've got a great narrative disclosure document approval workflow that is now part of the product. So it's really building on our Office 365 integration, allowing our customers to introduce governance around the ESG disclosure writing process. So this is super, super exciting. Our customers have been asking for this, and this is really allowing us to close the loop and showing, demonstrating that we've got the entire end-to-end stack of capabilities necessary to determine what KPIs or what data you need to collect from an ESG standpoint, set up your ESG and sustainability structure to be able to structure your initiatives, your goals, your programs, collect all of that data to monitor how you're tracking against your goals and objectives for those programs, prepare the disclosure in Office 365, pulling in all the data that you need to include in your -- whether it's an annual Global Impact Report or it's a framework aligned disclosure. And now we've got that final piece of the approvals around that document itself, that you can track and manage within ServiceNow. So the entire process end-to-end fully audible prepared for assurance. So it's very, very exciting, and I'll talk a little bit more about that in just a second. We also have -- the Washington, D.C. release includes an update that you can see on the screen, which is an enhancement of our sustainable IT dashboard. So sustainable IT 2.0 is our iteration on sustainable IT 1.0, of course. And for this particular enhancement, we've introduced this map view, this visual localization view of all of your different IT assets with visual indicators letting you know how they're performing from an environmental impact standpoint. What's really nice about this is that this is configurable. So you have the ability to determine what you're actually showing on this map. So if you wanted to extend this, if you wanted to include different types of assets, you have a lot of control over how this is viewed. So both Forrester sustainably professional and for an IT professional, having the shared view gives you that sort of one single pane of glass insight into what's going on in the organization from your IT environmental footprint standpoint. A couple of other updates to mention, the formula builder for calculated metric definitions got a little bit of an enhancement and now provides a lot of contextual guidance in terms of [ how you create ] and write those formulas and supports more complex formula rating as well directly in line within the formula itself. And then finally, also introduced ESG risk assessments. So this allows you to do quantitative and qualitative risk analysis on both entities and material topics. So being able to track things like climate risk on your different entities, business units, assets, infrastructure, et cetera, as well as risk associated with your material topics. So that's a quick high-level look at all of the different features for Washington D.C. And on this slide, just to give you a little bit of a deeper dive into the disclosure governance, that final last leg in the disclosure process. This is really where we have the ability to leverage the Microsoft 365 integration that we already have for report writing and wrap this governance process around it. So what this allows you to do is to create templates, store templates. So for your global impact report, for example, you might have a standardized template that you start with and then use that as a baseline, pulling in your different metric definitions or metrics and narrative writing that you might iterate on its year-over-year, but allows you to kind of start from a baseline. And you also have the ability to, of course, collaborate with all of the other team members and individuals within the document itself as you're writing it, but then upload that finalized version to ServiceNow, and that's going to be your go-forward version that can go through the approval process. And the best part about this is that, that finalized version once it's in the system is actually tracking a list of all of the different metrics that you referenced from the ServiceNow platform. So if you embedded 200 different metrics or data points that were already approved from within ServiceNow because you collected them or you calculated them within the platform, that list of 200 metrics is also going to be attached to this particular document for approval. So any time you go in reference to this document, you'll be able to see the list of those metrics that were also included in this approval process. You can see in that left-hand panel there, the drop-down for metrics, would show you any metrics that were included in that process. So it's a big enhancement on top of our Microsoft 365, definitely worth checking out if you have the opportunity to go and play around in the system. And with that, I will wrap up with ESGM and turn it over to Andy for policy and compliance.

Excellent. Thanks, Brittany. Hi, everyone. This is Andy coming to you from EMEA. So today, I'll be taking you through our new enhancements for the policy compliance product in Washington. So as you can see on the screen, from the screen shot, we've expanded our policy offering capability to also include Google Drive. So this is for any of our clients who are using the Google suite of products. It's exactly the same functionality that we previously had for policy offering. But that was when we first introduced it was on Office 365 and Microsoft products, but we've expanded that now out to Google suite of products as well. We've also included a continuous monitoring of CIS controls and the common controls as well from the Cloud Security Alliance and their Cloud Control Monitoring Controls. They're an accelerator that we have that you may have seen with other technology control accelerators that we've released. They contain 67 automated indicators, both scripted and base it to go and collect those information for continuous control monitoring and you can also see how those common controls feed into other regulations like NIST, CSF, PCI and ISO as well. We've also expanded the policy approvals to use the approval configurator. I may -- again have seen this approval configurate already in risk or in BCM. But here, you can create dynamic rules for different types of policies, so you may want to approve a policy different, like an IT policy, different to an HR policy, for example, you could setup those rules now for policy approvals with the approval configurator. We also have some indicator enhancements suite. I'll go for it in the next slide in a little bit more detail and also an enhanced control at a station using the new assessment engine. But let's dig down into the indicator enhancements. So the feature for the indicator enhancement that I've come out in Washington are really a case of we listen to you and we've built it into the product. So feedback was that we need some better performance from our indicators. So to cut out effectively some of the technical jargon, what we've done is we've taken the rules for the logic, and we've included it in the script. So now our clients can really expand their use of indicators, and you can actually see a number here in terms of 0.5 million indicators can now be run in 6 hours, which previously used to take a day. So we're trying to help our clients to expand their use of continuous control monitoring with indicators to pull that information in to get a control picture across the whole of their enterprise. We're also included in taking a percentage sample from sampling of controls or instead of previously you would select account, you can now say, yes, go and scan all these sets of tables and bring me back, for example, 50% of those data points. And also, with our indicated performance improvements. We've also added the ability to put a due date duration in days. And this is for any of our clients who are using manual indicator tasks to remind people to go in and actually fill in the indicator data. And we set those up with reminders as well in terms of coming up to the due date and also pass that due date as well. And that concludes the features for Policy & Compliance. So with that, I'll hand over to Shannon, I believe, for Reg Change.

Awesome. Thanks, Andy. Hi, everyone. I am going to walk through regulatory change and what we've updated in the Washington D.C. release. So two major updates for this application. The first being, if you're not leaning or even if you are leaning on our content providers, there might be instances within your organization where a manual alert is necessary to be documented on the platform and then fed for the analysis of updated control language, updated policy language. So we've opened up that UI action, if you will, to allow for ad hoc manual inputs around any types of regulatory changes that you're seeing, hearing or monitoring for your organization. The second enhancement in a very similar nature, if you're not again leaning on those content providers, but you do have your regulatory data pulled from a publicly available domain and housed in an Excel, you can now bulk upload those regulatory alerts. And so if you're familiar with any of our import capabilities. The platform and product will provide you with the excel template once you populate that template and upload it, you'll then have all of those regulatory alerts included in regulatory change management and then you're ready to proceed with the process of analysts around the regulatory change and any impacts that regulatory change brings to your organization and your data to be updated. So that is what we released in regulatory change as part of Washington, D.C. The next product, Compliance Case Management. So this is one of our newer additions to the IRM bundle. And we've enhanced this quite a bit with some really cool capabilities, one being one click export of cases or requests into a PDF, and you'll actually see this in a demo later in our presentation, but it allows you to very quickly pull the data that's been captured, the analysis that's been documented into a PDF of your choosing as the template can be configured very easily. And then you can send and report out on this given case in an offline manner. If it's a stakeholder or a regulator that does not have access to your production instance. With the addition of the reporting, we've also built out the ability to draft and send e-mails straight from the platform. So while you were performing the various steps within the Compliance Case Management workflow, if there's ever an avenue in which you do need to communicate alert to an individual that again does not have access to the current environment. You can draft that e-mail right in the platform and send it to the necessary individual. The last part of that is we do have e-mail templates being shipped out of the box. And so you can adopt those templates, tweak any language specific to your organization specific to that case but it brings in that efficiency and quickness within your working style. One last enhancement within compliance case is the enhanced user experience to be able to add multiple impacted areas or related areas. So if this compliance case is unique to a specific asset to a specific department, really of your entity base, you can define more than one impacted area or more than one potentially dependent entity for related areas. So opening up the architecture a bit, allowing for granular insight into the compliance case that's being evaluated to ensure all the data and all the attributes have been defined and associated to this given case. So with that, I will move it over to [ Pradeep ] to walk through Continuous Authorization and Monitoring.

All right. Thanks, Shannon. Well, I'll cover the Continuous Authorization and Monitoring where we have introduced a lot of new features to further strengthen the capabilities around list-based risk assessment framework. We have introduced control requirements, which are based on NIST 800-53 risk management framework, where these control requirements are even granular in nature and they can be applied to the control objective level. These control requirements can then be tested and can lead to noncompliance of a control. Also now that control requirements are introduced, we can also make a control as hybrid, which is what we are going to discuss in detail in the next slide. But before we do that, with Washington, we are releasing our capability to test the control effectiveness based on the individual assessment of assessment processor, which is again a new addition. These assessment processors can then further be marked as effective/ineffective or not applicable. We are shipping the content for 800-53 alpha that is assessment processors out of the box. We have introduced implementation statement and description details at control objective and control level to take the risk-based decisions there. Moving on to the next slide. All right. So covering the hybrid controls in detail, this is something new that we have released in Washington. Let's first understand what a hybrid control is. Now for a control to be hybrid, it should have at least two control requirements, out of which there should be at least one self-attested and other at least one should be inherited type of control requirement. The control requirement results as you see here can be inherited from common control providers leading to the compliance result of the controls. So we are using the common control provider structure here to get a compliance status. Now I will hand it over to Andrew for Audit Management Release Capabilities.

Excellent. Thanks, Pradeep. So I'll take you through the audit management features now for Washington. So this is a feature that I think a lot of people appreciate. So what we've looked to do for Washington and audit management is to better an integration that we already have with Office 365, and this is for work paper management. Now clients will be able to create work papers, link them directly to the Office 365 files, and then they can take advantage of the Office 365 capability that already is there to collaborate in terms of add comments, up descriptions, for example, and do all that inside the documents. Now once the documents are linked, you can see here in the screenshot, you can see you can link them as cloud files. When you select the link, you'll automatically open up the document in Office 365. But you can also add some more permissions on that as well. So you can have the ability to control read and write access to those cloud files. And you can actually include those as well in the workflows. For example, if we are going from end of this phase on employee engagement to say final reporting, some of the documents earlier on in the stage is we don't want people to update or access it anymore. We can make them read only from that stage of the workflow, for example. And so that is where you can mark them as read only. But you can also mark them as confidential. And that means that they will only be accessed through that particular order engagement. But if they're not marked then as confidential, effectively they go into a bank of work papers that you've uploaded, and you can then use those across the platform. So you may be wanting to pull in a file from one order engagement to another order engagement, such as maybe an audit plan, for example, you can collaborate across the different order engagements and link those cloud files to each other. And so with that, I'll hand over to Pradeep to go through the next functionality in Advanced Risk.

All right. For Operational Risk Advanced Risk Management, we have multiple themes. We have worked on user experience. So in terms of user experience, we heard the feedback from the customer about a lot of clicks required to complete an advanced risk assessment and have released the AutoSave feature which will give real-time view during the assessment itself. We have also focused on reducing the scroll on ARA form by having rendering choice to be horizontal instead of vertical if there are a lot of choices that are available to select from, it will be rendered horizontally or maybe you can have a drop down option in order to avoid the space there. We have also worked on error handling in case if there is a response, not answered, system automatically will scroll and highlight the response, which is unanswered. Also releasing the feature of sidebar chat option on issues and email form for better collaboration, which can further be integrated with teams. Now in terms of enhancing the solution for second line, thereby enhancing the efficiencies, we are enabling them to create the management level reporting using O365 integration, which we are going to demo in the next slide. Again, for the second line, we heard the customer feedback about the need to configure review workflow. So we have introduced a parallel review and challenge workflow out of the works. We are second line of defense, although not actively involved in the workflow, can provide feedback concerns to the first line right in the record and can also monitor the action taken by the first line. There are some improvement in the core capabilities as well, there are multiple objects can be tagged to one. So this was another feedback from the customers that you have to create as many as RAM, as many as objects. Now you can add a single RAM if applicable to multiple objects as well in case of object-based risk assessment. And same is otherwise as well where you can tag multiple RAMs to a single object. There's a bulk reassignment or bulk approval of ARA task feature that has been getting released where, if there is a restructuring in the organization or if someone is resigning, you don't have to look for the risk admin to reassign all those tasks, in one way, you can do it from the front user experience itself. And then there was a control generation issue, which was there in the new experience, which is fixed with this release. Now moving to the next slide for the demo on O365 integration. The feature that I'm going to demo is management reporting using MS Word. With this particular feature, you can now generate executive reports MS Word, using the data from ServiceNow platform. This to improve the efficiency for the second-line users where generally requirement is to prepare reports for Board members or senior management on monthly, quarterly or semi-annually basis to provide updates on risk profile based on the information available in ServiceNow platform. Currently, these reports are created manually which is time-consuming and a lot of collaboration effort is required, which is also error prone and can be outdated as well. Therefore, there is a need for a more efficient solution that allows automated creation of executive reports based on the latest ServiceNow data, empowering the second-line users to create and update their reports without relying on IT or a system administrator. They can generate these reports on a recurring basis and at the same time, can update using a single click, thereby fetching the data from the platform. All these reports can be created by end users and thereby reducing the dependency on IT. Also all the report building features that we are going to see are sitting on top of ACL controls built within the solution and access controls implemented at platform level. Now let's have a look at the demo. So there is a level of admin setup that are required for you to enable the add-in for generating the management reporting in your local Word set up or maybe if you need it for your enterprise wide, you can add the add-in for your enterprise-wide Office 365 set up. Now once you have the adding out there, if you go to the Insert, you'll see this new ServiceNow reporting [ dollar ] per add-in, which if you click on, you'll see these two links here. One is Insert link the other one is managed link. The Insert link is to add or insert the data from ServiceNow platform into the Word, whereas managed link is to refresh the data from the platform. So if there is any change into the data in the platform level, you can have all those data points refreshed in the Microsoft Word using this managed link. So let's first look at the Insert link first. So in the Insert link, you have three options: data, table and chart. This is to import different kinds of data. The chart is, obviously, if you have any visualization in the platform, which you won't be import as is into your Word file, you can use the chart. So let's say, your domain is risk and the reporting item, which is the visualization that you have already created in the platform, which you want to import. So any of the report that you have created in the platform, let's say, events by state. You click on that, you have your cursor in place where you want to insert that and click on Add. The moment you click on Add, what it will do is it will fetch that particular reporting item from the platform and will give you a visualization in the Word file. Now having it in the Word, you can work on it. You can use all the Microsoft Word-related features, like if you want to change the color or if you want to change the visualization here you can use different options here. And whenever required, you can save it, you can add the headers, footers, you can add other headings. And whenever required, you can go on to the managed links. And if you see here, it will now show you the charts or the data that you have added from the platform, you select that and it will click on refresh. Refreshing that will fetch the latest data from the platform, and we'll update it here. So that is on charts. The other options available here, is table. Table is the list view that is there in the platform if you want to import any of the list you obviously have to store it as a report. And let's say your risk register is one of the list view that you want to import it here, again, select your item of choice that you want to import, place the cursor where you want to and click on Add, it will fetch all your records in that particular list view. Again, you can work on this particular report here onwards using all the features that are related to Microsoft Word, you can change the alignments, you can remove the columns, which were not required, you can change other parameters say, you can add the footer, heading anything. That is required. So that is on table and the third one here is data. So let's say, you don't want to import a report into the Microsoft Word, but you want to import certain data points. So here also, let's say, from the risk records, you want to import the risk name, risk description and other details, so you can do that. So you have the placeholders here. And once you select your domain, and in domain risk, let's say, you want to import it from the risk records only. So that's where you select the risk. Now you have to give a risk number for the risk record where you want to, let's say, [ RK-00010002 ]. And from there, you can find -- okay, you want to insert the name, place the cursor where you want to have it and click on Add that will insert the name. Now, let's say, the next [ field ] is description, you placed the cursor on the respective place and select the description from here and click on Add that will add the description of the risk. Now it may seem a very simple feature, but think about the cases where there are changes being getting made to these descriptions or name, and you don't want to go into the platform to look at all those changes. You can directly fetch all the details from the platform into the Word. So that is the feature that I wanted to explain in this particular demo. All right. So with this, I'll hand it over to Andrew for Audit Management. What's new?

Excellent. Thanks [ Pradeep ] just a correction, I'll be doing Third-party Risk Management in this case. So for TPRM, what we've released is a couple of new features with regards to the assessments. One of these actually came out in November, if any of you are keen and keep an eye on the company store. So one of them is that we can now allow for third-party risk assessment any previously collected information in an assessment can then be pulled through into the new one and visible in the active assessment. So if a third party has gone through the vendor portal, they've [ added ] an assessment for the first time. The next time they go to an assessment, you can select and you can select which particular questionnaire, you want to do it, you can tell them to pull through the previous responses onto that new active assessment. So trying to improve your vendors experience when they come into the vendor portal. If they filled out a 100 questions already, they just want to remain slightly that can pull that through previous responses. Another one that we've released for TPRM as well is the ability to do event-driven rules to issue assessments for enhanced due diligence and assessments can also be issued in bulk to send out where you can create rules to narrow down potentially your thousands of third parties you have to a specific audience and send them assessments. So we actually go through that in more detail on the demo on the next slide as well. So if we move over to the demo, we'll see that. Okay. So let's go through the demonstration of our ongoing due diligence management, which is our new functionality in the Washington release of third-party risk management. And this particular functionality focuses on event-driven management based on rules to enable our clients to better gain efficiencies from managing the hundreds, thousands, tens of thousands of third parties. And the way this works is that effectively, if you want to send out a new due diligence assessment, whether that be an internal risk assessment and external risk assessment to your third parties, you're able to narrow down all of those data points from those third parties through a set of rules to send them out those assessments to gain information potentially on new regulations that are coming out. Potentially, there's been an issue out in the market. So if you all cast our minds back, for example, to the Log4j incident, we're able to scan through our third parties, determine, say, which ones are using that technology and quickly send them an assessment that which could be a recurring assessment or could be a one-off bulk assessment as well. And with that, let's jump into the demonstration itself. Okay. So now I am logged in as an administrator, and I'm on the vendor management workspace in the third-party risk management product. And now if I navigate over to left-hand side over to the list view. And here on the list view on the left-hand side, you'll see some new points here for event-driven management rules, which contain all of the active rules, inactive rules and I can view all the rules together. Here, we can see the details of the rules, the categories that we have associated to them, how often they're going to be running so you can see the frequency in terms of daily annual and also the run time. So potentially, if we're going to do this on a recurring basis. For example, if the contract renewal, the first one you can see here is up after 3 months, we want to reassess that engagement for a contract renewal, and that can be running daily. So the rule will be running daily to check for new third parties that meet that criteria. And if so, it will send them out that assessment to complete. You can also see when it was last successfully run and also the next schedule run day as well. But for today, let's go through and we'll create a new rule together so you can see the full functionality. Okay. So now let's fill in some details. So we're going to create our new event-driven management rule. So let's just give it a quicker name. So let's imagine that we've got third parties that we know we have in the EU. And if you are all aware of the news at the moment, you'll see that we have a new EU AI act. So let's put that in. So EU AI act rule. We'll also give it a business justification. So to assess third parties in Europe with AI Act. And then we can give it a technical description as well. So all third parties in European countries who are active. Right, and now let's go through and look at the scope. So the category of this will be an external assessment, but you can see other options here such as reassessing the engagement, reassessing engagement for contract renewal. So if you want to do a recurring one, for example, as the one I mentioned before, we could also off board third parties in engagements with due diligence or no due diligence as well. But for this one, we're going to do an external assessment. And then this applies to either our third party or engagement. So in this instance, we're going to apply it to our third parties. And then we're able to choose our assessment template. So these coming from the assessment templates that we've already got created. So you can see we've got numerous ones here. And from this one, I'm going to do the AI assessment. We're now coming to the run options. So for the run options, we can see here, again, we've got our recurring, so we can set that up on a regular schedule that it can go through necessities these third parties. So just to show you that as an example, we can set it then for a frequency. So how often do we want the rule to run? So it could be daily, weekly, monthly, quarterly, semi-annually or annually. And then we can give it a start date or an end date as well, if you want to only run it between certain time periods. We could also do a onetime assessment, so you can run it once on a certain time. And again, we can see what date we can run it on or we can just do it on demand. So when we finished it today, we can say, yes, run and I'll then run against a certain set of criterias, which we'll come on to shortly. Here, you can see those filter criteria, so I can set these conditions here. And again, these are the rules for the filters that are going to filter down all our data points against our third parties to the subset of third parties that we want to send this EU AI Act to. So I'm just going to keep it really simple for today. I'm going to say that the status of the third party is active. So status is active. And the, let's say, the country is Germany, Switzerland for now. Okay? Obviously, you can add more conditions, more to filters to really narrow those down to get the specific audience of third parties that you want to send these assessments too. So let's set that for now. So here, you can see as a bit of a control that we put in place that you can actually see the matching results for these. So here you can see two matching results. I can select that and I can see the two third parties that we have for this instance, is Logitech and SAP. So this is, again, just a control that if you wanted to double check that you have added in the right filters to narrow down those number of third parties, you can quickly check that here as well. Let me go ahead and save that rule then for now. So here, you can see more details, such as the activity log, the attachments, but also a new tab here for event-driven management history. And here is where you'll be able to see how the rules have run over history as we go through and run them. And you can see this here, we can run it now here on the top. But for now, I'm just going to leave it and save and exit this record. Let's go through and show you an example of a successful run [ log ], let's go into this onetime questionnaire run here that I have. I open up here, you can see the details for an external assessment, IT vendor. Again, this is going to run once. And underneath this tab here, we can see the details of the history, how it was run and if we jump into here for more details, we can also see details of it in terms of success, when it was run. We can also see any due diligence requests or any assessments that we've sent out. And you can see here, we've set out the free assessments to Cloud MSB, Best Accounting Associates and [indiscernible] energy. So they've been submitted to the third party for them to submit their answers to through the vendor portal. Thank you very much. If you have any further questions, please feel free to contact us at ServiceNow and also review the release notes for more details. Thank you very much. Excellent. Okay. So we'll move on to the next one, which is our second poll question of today. So this is looking for new TPRM deployment. So how would your company seek to deploy the new TPRM enhancements, allowing rule-based event management? So you can see here, you could send it out for IRQs or internal assessments. You may be wanting to send out due diligence assessments externally to third parties, you may also want to send out recurring due diligence assessments internally and externally, you may want to do all of the above or potentially not applicable to you in terms of if you're not a TPRM customer. But yes, please go ahead and fill in those results now, and we'll see somebody has come back. Okay. So I think there's a few questions in terms of -- that was actually asked in the Q&A in terms of how you can send out these assessments. So you can see here, you can send out IRQs, or internal questionnaire or you can also send out both due diligence assessments externally as well to third parties. And also if you wanted to, you can do recurring due diligence that are internally and externally. So basically taking advantage of all of the capabilities within the TPRM. Apologies, I've just seen the Q&A. A couple of people aren't seeing the poll. I don't know if we can relaunch that, apologies everyone. You should now see the poll, apologies. You should be able to see the poll again. I will quickly cover off and we'll spend a little bit less time on it just in terms of trying to get through today. How would your company seek to deploy the new TPRM enhancements, allowing rule-based event management. Firstly, send out IRQs or internal questionnaires. Second one is to book due diligence assessments externally to third parties. Third one is to send out recurring due diligence assessments internally and externally to taking advantage of them, all of the above or not applicable. So if you can get your answers in as quick as you can, we'll move on to the next one. Okay. I think we'll end that there. Apologies for that slight technical hiccup. Interesting spread of data, we'll definitely feed that back into the inbound team. Thank you very much for your participation. And with that, I will hand over to Shannon for Privacy.

Great. Thanks, Andy. All right. So privacy, some really great enhancements within the Washington, D.C. release. So first and foremost, you probably have heard us talk about privacy case management. It was in innovation lab up until the Washington, D.C. release. So we are going GA with privacy case management, very similar workflow as compliance case management, but ultimately, the opportunity and process to manage any impactful event at the organization, which in turn could lead to a data breach. And what we've overlaid with this enhancement, you'll see it actually in a demo on the next slide is a really powerful integration with RadarFirst. And so RadarFirst is able to scan and understand what has been documented from a potential data breach assessment that's native to the privacy case workflow and can be completed by the initiator of the privacy case or it can be completed before a privacy case has even been defined and triage into a privacy case. But RadarFirst can scan the output of that assessment and provide real-time guidance on if there is a need to report out to any of the different regulatory bodies across the globe. And so we'll dive into that in the demo on the next slide. But before getting there, you'll also see the one-click PDF generation, to be able to report out on the privacy cases externally outside of the platform as well as the one-click e-mail generation. And then last but not least, highly anticipated and in innovation lab for Washington, D.C. But our workflow for personal data rights request or more commonly known as DSAR. So we have built out the first version of PDR as we're referring to it, and it allows the organization to understand if and when there is a request by an external entity, say, a customer an ex-employee or even an internal employee to understand what data of mine do you have, right? What sensitive data do you house? And then potentially, how is it used? Or does it need to be corrected? Or I have the right to request for it to be deleted. So this workflow native within the privacy management product will allow a collaboration across the broader organization, maybe it's HR, maybe it's security, maybe it's legal, to cultivate the inventory of personally identifiable data for that given subject and respond to their request, either stating this is how we use the data or implementing a change to given data or even proving the deletion of that data if that subject requested the team to do so. So highly anticipated, very much strengthening our privacy product and super excited to see how it's used amongst our customer base. So next, we will pop over and actually get a demo of privacy case management with the RadarFirst integration. All right. Let's go ahead and jump into a demonstration of the privacy case management workflow, which will be going [ GA ] as part of our Washington, D.C. release. We're going to start on the employee center as part of the differentiating factor of the goal of privacy case management is to allow the business to feed the privacy team with information around situations or impactful events, which in turn could lead to a breach of sensitive data or even the necessary action of reporting to the various privacy regulators. So as part of the employee center now within the risk and compliance landing page, you'll be prompted with a new widget, which will allow you or anyone in the organization to report a privacy case. So when we click into the privacy case form, you're prompted with the various field attributes, metadata that needs to be captured for the privacy team to start their initial investigation and analysis of the given situation. And so this form, of course, can be modified to meet your organizational requirements. But once it's completed and filled out and for the sake of time today, I won't fill out the whole form, but the end user of the first line can submit this form, and it will be routed to the privacy management team. So we'll now click into our instance and we've arrived at our privacy workspace. And part of privacy case management is a dedicated home page or landing page, all around the management and monitoring of your privacy cases. So you're able to see overview visualizations, trend visualizations and even tracking of any actions associated to those privacy cases like issues. So when we drill into a privacy case, I'm going to select one that's currently in flight. To give us a look and feel of the form, the workflow and the actions or activities that are associated to this privacy case. So as you can see, and you're probably becoming very familiar with the Workspace UI, the overview-related list will give you insight into the workflow, which is very similar to the compliance case management workflow if you've adopted that within your organization. We are also prompted with the status and the privacy team can set any milestones or the schedule around resolving this privacy case and then track any of the actions associated. Now part of what was released in Washington, D.C. is the native breach assessment. So we are shipping out of the box an assessment that can be completed either before a privacy case and triaged into a privacy case or during a privacy case. But the real power behind completing the breach assessment is seen through our end product integration with RadarFirst. And so RadarFirst will be able to scan the data documented within the privacy breach assessment and give real-time guidance around if it is necessary to report to the various regulators in different locations or geos across the globe. And so this information will be fed in association or accordance to the breach assessment for this privacy case, or the privacy team can actually pop over into their RadarFirst profile and view the assessment from this visualization. And so as you can see, RadarFirst divides up the recommended guidance in action by the location in which individuals or assets have been defined and then gives you the overall regulation, which you're potentially out of compliance with and, therefore, need to report out to the given regulatory body of that location. So very powerful insights and automation and good detail into the different laws, protecting sensitive data for different countries and locations across the globe. Now if we click back into this privacy case, the last thing -- a couple more things, excuse me, I'll call out, and really the power behind this workflow is seen through the action task. So part of privacy case is to really understand how the broader organization would handle this case. So you're able to use these action tasks to gain insight and knowledge from different business units or departments like HR, like legal, like security to understand more about how this case came to fruition. And if this case or situation did, in fact, lead to exposure of unauthorized shareable data. Last couple of things. As you know, all of this information can be associated to different regulations, the impacted areas across the organization, any related or dependent areas across the organization causes consequences and then any issues that were part of this case, led to this case or that were discovered as part of this privacy case. And so as you're working through the privacy case, when you go to report, there might be a couple of different nuances to allow you to report out in a timely manner. So first, being the one-click export to PDF in which you are able to define the PDF template with all the different attributes necessary to report this case in an offline manner. So when you click export the PDF will generate and will be automatically associated, as you can see here in the attachments to the case. So this allows for quick off-line reporting. And another avenue of off-line reporting can be through e-mail creation right in the platform. And so as you can see, you're prompted with an e-mail form, but we also will ship templates, the details and data in which are typically necessary to report out to different regulators, stakeholders or even just part of the ongoing communication with the individual who submitted this privacy case if they don't have access to the platform. So you can simply insert that privacy case e-mail template, update the necessary details, define who this needs to be sent to and send the e-mail right from the platform. So privacy case management, really collaborative, very efficient and allows the privacy team to intake a lot of data and act in a timely manner. So thank you so much for watching this demo, and we're super excited about privacy case, going GA as part of Washington. All right. And so with that last product update for BCM, I'll hand it over to [ Shamile ].

Thank you, Shannon. So while we're not allowed to play favorites in our product portfolio, but we definitely left the most differentiated release for the last. Some of the ServiceNow customers who are using the BCM application will know that in Business Continuity Management you were able to create business continuity and resilience plans that were based on a certain set of facts, say, for example, the location of your office or the number of employees within your source data. The problem which our customers told us was that if there were any updates in the underlying fact pattern or the source data, they were required to manually go back and evaluate how the plan needs to be changed because the plan was really static in nature. In order to avoid such a manual intervention, our product now will send out a notification to you as a planned owner if there were any changes in the source data. With this enhancement, you're now able to review whether or not you want to accept the changes made to the business continuity plan or the business impact analysis and you can accept or discard the changes as you may deem fit. We learned from our customers that this will help them keep the business impact analysis plans up to date by using a proactive approach. One of the other updates that we have is on operational resilience from a licensing standpoint. It marks some licensing flexibility for you as a customer using operational resilience application. We understand that operation resilience teams can be a part of risk management or the business continuity teams. As a result, we have now made the operational resilience application available to you as a BCM professional user. Operational resilience resultantly will be available to you under IRMPro, IRM Enterprise or BCM Pro. This will really allow you to rationalize your license usage with ServiceNow. Now that's the end of all our releases for Washington DC, and I will now hand it over back to Shannon and Pradeep to talk us through the road map.

Awesome. Thanks, Shamile. Okay. A lot of information around what we just released as part of Washington, D.C. But we're not done yet. We still have quite a large road map to cover. And as Brittany mentioned, right? The Q1, Q3 road map webinar is always going to be the ability to dive deeper into the family release capabilities where Q2 and Q4, we go through each and every product road maps. So this isn't all the information we're going to talk about. But as Scott started us with our current evaluation from Forrester, there is so much investment and time and strategy that has gone into this product portfolio. For those of you who have been in this space using this product for quite some time, you have seen a lot of the growth and investment that we've put in. And so the road map is of no exception. And so when we think about our road map, we think about this large product portfolio that we've produced to the market. We really aim to create themes across the capabilities in which we released. And so one of the themes is it's no secret. We grew up in the IT risk and compliance space. And so with ESG as well, there is a level of foundational architecture, foundational data that across all of our products with the foundations we're aiming to simplify, simplify what's been there for quite some time, bring in automation, bring in artificial intelligence and really make sure that those processes that are running quite smoothly become even that much more efficient for your organization. The second theme we see is expanding, expanding our products, expanding our use cases that we're tackling as the world we live and work in is ever changing. And so as we push to maintain being a critical component of your organization. We need to make sure that we're tackling the critical obstacles, risk, ESG program additions that you all are adopting. And so we want to make sure that we're continuously expanding into all the avenues of the organization with our product portfolio. And lastly, is never forgetting our core, never forgetting our entity enhancements, our workflow enhancements and making sure that those components, the backbone of the entire product portfolio is still meeting your needs. So I'm going to walk through Xanadu very quickly call out some of the big rocks and then I'll pass it over to Pradeep and then Andy to go through the other releases. So as you saw and Pradeep called out, big investments in CAM, Continuous Authorization and Monitoring. And so we're continuing that investment enhancement in CAM. We have not forgotten about CAM, it needs to be pushed over into the new workspace user experience. So we will be migrating all of the CAM forms over into the workspace view on UI Builder. And then another avenue of simplifying the day-to-day work of our given domains is releasing content as part of ESGM, so releasing prepackaged emission factors so that you're able to very quickly get up and running to find what emission factors you need to be monitoring and use the data that we're providing to actually run and collect that data as part of your ESGM program. Some of the expanded use cases we're going to look at within TPRM, we are geared up and getting ready to start leaning on intelligence and content providers all around sanctioned screenings. So we did a little back-end work that wasn't called out in Washington, but we got the architecture prepped. To be able to feed your TPRM application, specifically those third-party forms or records with any sanctioned screening reports that you deem necessary to be able to have that holistic view and current state of the third parties that you're engaged with. I mentioned personal data rights or DSAR again, innovation lab in Washington with the hope of going GA later this year. And so this workflow, as I stated, incredibly collaborative, but really aiming to allow all individuals interacting with your organization the right to understand what data they currently have stored as well as how it's used. So super exciting to get PDR out the door. And then last one, XBRL tagging over in ESGM. This came from a straight pull in last year's webinar around what you all need to ensure your ESG program is operating and working effectively on the ServiceNow platform and XBRL tagging was voted as a priority across majority of the attendees. So we heard you. We've got it slated, I'm gearing up for Xanadu later this year. And then lastly, across the core capabilities, you've heard us talk briefly about a new assessment engine, we're referring to that as the smart assessment engine, but ultimately, we're enhancing and consolidating a lot of the various assessments that go on across our product and making it so much simpler and easier to define those various assessment templates. So if you need checklist-based experiences for your attestations or your control testing, this new assessment engine will allow that. So much more availability in widgets in which an assessment is completed, but then also managing any and all assessments that we ship out of the box on one unified assessment engine. Last one, as artificial intelligence is quite the hot topic these days leaning into AI to help with those regulatory changes. So actually recommending a mapping of the regulatory changes, of course, already to your control, but then broader to other citations you might be tracking in accordance to this regulation to ensure that any changes you make, any updates you make to your policy language control language, you're prompted with what the other impacts might be based on the data that you housed. So I'll pause there. I know we all probably wish we could spend another two hours going into this entire road map, but we'll keep you geared up and ready to go for Q2. And I'll hand it over to Pradeep to go through some Yokohama updates.

Sure, Shannon. So going as per the themes that Shannon mentioned to simplify a risk in ESG management, again, investing in the CAM space, we are looking to integrate it with eMASS to support the DoD's reporting requirements and in order to import the data directly into the OSCAL formats. From the ARA perspective, this is one of the questions as well in Q&A section. So this is where we are targeting the bulk assessment mode for advanced risk assessments and using the AI for document intelligence. So if there are the documents in standard format assessing or reading those and getting the data populated out of those documents intelligently. This is what we are targeting. From the expand risk side, we are looking to have AI governance to look at the risks that are caused by AI and what call controls we can have in order to mitigate those risks. From the ESG front, looking at the materiality assessment from the internal as well as external stakeholders side and having a workflow around it. And then strengthening the core capabilities, again AI is the common theme there. We are looking at de-duplication of controls, automatic mapping of regulations to policies, controls, risk and then there can be any less possibilities there. With that, I'll hand it over to Andrew for Zurich updates .

Thanks, Pradeep. I'll take you all through the Zurich updates. Just to set your expectations in terms of Zurich as well. As you can see, we're going into 2025 for these releases, these bullet points that I'll read out to you now. These are kind of just our general ideas and what we're looking for in the product. But obviously, it's subject to change, but please feel free to reach out to us and reach and we'll actually go through it in a minute for our community for our multiple different customer programs where you can feed back information in regards to what you want to see in the product coming forward. So with Zurich and how we're looking to simplify the user experience and put simplify risk in ESG management, we're looking to introduce some nice visualization. Firstly, you can see that service mapping for BCM and operational resilience. So you're able to see similar, if any of you know the CMDB tree visualization, how it all feeds together. We're looking at seeing how we can introduce that for BCM and operational resilience. So the service that we provide is underpinned by these processes, which is underpinned by these assets. but then adding more contextual information to say, this is where -- for this asset, it has a high risk or a failed control, how does that feed up all the way through our operational resilience and business continuity aspects to see where we need to further invest our money to improve our resilience. And also a nice data flow from a data privacy perspective to show how data flows across a geographical map. So for example, if you had customer data that is held in the U.K., but it's actually utilized and used in the U.S. What data privacy laws do you need to make sure you're adhering to how are you transferring that data across those different geographical regions and how you need to add in those controls and how you're going to make sure you're compliant with those regulations. In terms of expanding our current use cases, you can see we're looking at how we can model risk management as well. So this is to be using algorithms models, AI models to predict risk, for example, what if analysis and also how we can potentially feed that into our ITSM product for change management. So if this change were to occur, what's the risk of that to the business as well. In addition to that, we're also looking at opportunity risk management, which is an interesting use case. So again, I'd love to hear your guys' feedback from that for our different feedback means. But in terms of how you're going to assess the upside of a risk. Typically, when you think about risk management with the negative impacts but actually, what's the risk of expanding into a new market, potential downside is this, but the potential upside and opportunity is this? So how do they counterweight each of them balance out? And then finally, in terms of strengthening our core capabilities, you'll see numerous different great features here. So like expanding out our use of policy offering using other technologies, how we can manage cloud or documents using Google Drive and Box. So you saw today how we're doing it with Office 365, how we can expand that out to other software suites as well, increasing our use of AI, and that is constant across all of the platforms. But here is an interesting one in terms of risk harmonization, how we can enter details for a risk event and then how they suggest to us what risk has actually materialized in that risk event and suggest to us to link those two data points together. You can also see here again, some efficient workplace management in terms of how you can create greater efficiencies in your workplaces from an ESG perspective, cutting down on those carbon emissions and how you can save all your energy and then effectively save money in the end from all your different workplaces. So with that, we'll move on to the next slide, which is another poll, I believe, as well, and this is regarding the road map as well. So in terms of this poll, or launch that now. So which of the following items on the road map will help you create the most impact in your risk in ESG journey? So this is a prioritization question. So multiple choice, please select as many as you like. You can hopefully see the poll up on the screen now. Yes. Excellent. We're getting some responses in. So I can see the options that we have here is in terms of risk, new GRC assessment capability for control, attestation and risk identification. So that's the new Smart Assessment engine. If we're talking about risk, again, we're looking at AI governance. So that AI governance is with regards to AI risk and governing AI models in your technology stacks. Another one for AI is de-duplication of controls, automated mapping of regulations, policies and controls, risks and others. So effectively, all the data points that we have in the system, how we can link them together, create efficiencies and actually clean the data up. Service Mapping visualization and BCM and operational resilience I just covered off. Some enhancements related to new user experience and third-party in privacy, in particular, they are actually related to assessments of third-party risk assessments and privacy assessments. And then finally, in the ESG point here for emission factors and framework through content apps, okay? So I think we'll give everyone a few more seconds to answer that. I think we've got over half people responded. Excellent. Okay. So again, interesting spread here, quite a few priorities here in terms of what we'll be looking at in the road map. So yes, thank you very much for your responses there. I think we can end the poll. Excellent. That's great. And so with that, thank you very much for your participation. I'll hand over to Shamile to go for our community.

All right. So one of our core values over here at ServiceNow is to [ wow ] our customers, and over here we have really curated a desirable experience. For you as a customer, for the ServiceNow risk and ESG products so that you could really choose your own adventure and decide how you're going to collaborate, engage and share with us. In terms of events, what I want to call out is that ServiceNow has a ServiceNow customer conference and Shannon, if you can click on to that. That's the customer conference, which is called Knowledge. That generally happens in Las Vegas, and this year, it's going to happen between May 7 and 9th. But even -- this is your opportunity to join about 20,000 other people to talk about all of ServiceNow's products, and this is not just Risk and ESG products. Going back may also have something called as an Accelerate Conference, which is a ServiceNow Risk and ESG practices conference. I know a lot of you on this call were present for the Accelerate event which happened last year in October 2023. This year, Accelerate is going to happen between October 22 and October 24 at Santa Clara. If -- this is really an opportunity for you to get together with other Risk and ESG practitioners to share best practices. The [ 30 win ] that you can really leverage on is ServiceNow user groups. These are really small meet ups which are planned by our sales executive teams to bring together users from each product across Americas at the moment. Please reach out to your sales account team in order to be added to the next user group to meet up. In terms of programming, what we have is a series of webinars and one of those webinars is the presentation that we're having right now is the road map presentation. But apart from that, we also have a series of how to see sessions. This is run by our product experts also the product success team, which is answering all the Q&A for you today. They will walk you through several functionalities and how can you really best leverage and best use the ServiceNow product portfolio that you have purchased. Going back, in terms of programming, we have two other programs called the Product Advisory Council and the design partner program. The product advisory council really allows you to partner with our inbound product management team and have the ability to shape the product strategy and the product road map. You get a sneak peek of the prerelease functionalities and you could also work with them to really provide your inputs based on your understanding of the market and the developments. Going back, the design partner program on the other hand, allows you to partner again with our inbound product management teams to influence, review and test a particular feature in development. So these are the two options that you have in which you can work with our inbound product management teams to really influence the release functionalities. Finally, in terms of community, we find that the customers benefit from being able to meet and discuss Risk and ESG goals and to that end, we have invested highly in a community for our customers. As a customer, you are able to collaborate online on our online community. This is where you will be able to find prerecorded demos, tutorials, questions, crowd-sourced answers or any relevant announcement from us. This is the community about which Brittany spoke at the beginning of the call, and this is an online community and which is available to you on demand basis. Going back on the same online community, you will find something called as an Idea portal. This is where you, as a customer, can post ideas and request for enhancements and our inbound product management teams review this periodically and take into consideration as they are developing the road map for our products. Finally, I did mention Accelerate, but I cannot talk about community without talking about Accelerate. Accelerate is the event is the Risk and ESG practitioners conference where you can really share your passion about Risk and ESG. So join us in Santa Clara in October 22 to October 24, to talk about Risk and ESG. So this is really the entire experience that we've curated for you. And the last question that we have today for you is that would you be interested in attending Accelerate 2024 in October? We know that some of you did attend Accelerate 2023, so we would love to have you back. This is just for us to get an idea and gauge interest, so we can plan the best experience for you over the next coming months. All right. We have a few re-attendees, but we have a lot of people showing interest to come back. So we look forward to seeing you. With that, we can end the poll and share results. Thank you. And with that, I think I'm going to hand it over back to Brittany to wrap this up.

Thanks so much, Shamile, and thanks, everyone, for covering all of the functionality and all of the road maps. Really appreciate it. We do have about four minutes left to cover some Q&A from the team. So let me start off with [ Jagan ]. Are there any questions that you would like the team to answer [ a lot ]?

I think people really like the Office 365, more ask on creating the same features in PPT and other areas. That's one question, if anybody can answer. I think we have plans to release that in the future for sure.

Yes. Jagan, I'll chime in. Yes, the -- with the Office 365 suite, starting with Word, but evaluating the support for that plug in across the different Office 365 applications.

And the second question is copying assessment, we have it available as part of vendor risk assessment. People are asking for tiering, and I can give that answer for others. So this is planned in the future road map where we released something called smart assessments. So all the questionnaire will have ability to copy the previous assessment results. Can anyone want to add anything there?

Not from my end, you got it.

Those are the main ones Brittany. Others are all answered and we'll keep in touch.

Fantastic. Thank you, Jagan, and thanks to everybody who is tackling those questions coming in the Q&A, we totally appreciate it. All right. And with that, thank you so much to, of course, the presenters, but especially thank you so much to everybody who joined our call today. We'll let you know, too. We do want to continue the conversation. This is not it. So please, just as a quick reminder, the feedback survey for today's call is going to pop up on your screen in your browser right after this call is over, and you will be receiving e-mail reminders as well. Please take 2 minutes to fill that out for us. We do take that feedback into consideration as hopefully, you saw evidence of on today's call as well. Also make sure that you sign into community and subscribe to the private forum. You can check the full Q&A there, engage with us. We'll be on there and learn more about other events that are going to be upcoming as well like Accelerate. So once again, just a quick reminder to cap all this off, please make sure that you keep this information confidential so that we can assume meet again next quarter to share more great product information. And for now, that's all everyone. Thank you so much for attending. Stay safe, and we will see you in the forum.