ACL Security Patterns for ServiceNow

Access Control Lists (ACLs) are the foundation of ServiceNow security. They control who can read, write, create, and delete records.

ACL Evaluation Order

ACLs are evaluated in this order (first match wins):

1. Table.field - Most specific (e.g., incident.assignment_group)
2. *Table.` - Table-level field wildcard
3. Table - Table-level record ACL
4. Parent table ACLs - If table extends another
5. * - Global wildcard (catch-all)

ACL Types