CRUD access is governed by which ServiceNow feature?

CRUD access, which stands for Create, Read, Update, and Delete, is managed through Access Control Lists (ACLs) in ServiceNow. ACLs are used to define the security policies that control data access at a granular level, ensuring that users can only interact with records in ways that are aligned with their roles and permissions.

By employing ACLs, administrators can configure specific roles that define what actions a user can perform on a record, whether that is viewing it (Read), making changes (Update), adding new records (Create), or removing records (Delete). This feature is critical for maintaining data security and integrity within the ServiceNow platform.

While other options may handle different aspects of business processes, they do not specifically govern CRUD access in the same precise manner as ACLs do. For instance, business rules can dictate the logic and processes that run when records are modified, but they do not control access permissions. Similarly, the workflow engine manages the automation of processes but does not define user access levels. Data policies are primarily used for managing data quality and consistency rather than determining CRUD operations directly. Thus, Access Control Lists are indeed the essential feature for handling CRUD access in ServiceNow.