ITSM and app request workflows: what IAM teams need to know

TL;DR: App request handling and access approval should be treated as a governance problem, not just an ITSM tooling choice, according to Zluri. Zluri compares Zendesk, ServiceNow, and Jira on ticketing, knowledge management, automation, integration, and pricing, then argues that for IAM and NHI programmes, the key issue is whether request workflows can enforce identity, role, and compliance checks consistently.

NHIMG editorial — based on content published by Zluri: IT Teams Zendesk Vs ServiceNow Vs Jira: Which ITSM Platform To Choose?

By the numbers:

• Zendesk integrates with over 1,000 apps and services.

Questions worth separating out

Q: How should security teams govern app requests that are raised through ITSM tools?

A: Security teams should treat app requests as entitlement decisions, not just tickets.

Q: Why do self-service app stores create governance risk if they are not tightly controlled?

A: Self-service app stores can reduce friction, but they also make catalog design a policy issue.

Q: What breaks when approval workflow automation is allowed to grant access implicitly?

A: Automation breaks down when routing, approval, and entitlement issuance are treated as the same action.

Practitioner guidance

• Define the approval authority for every app request Document which requests can be routed by ITSM automation, which require manager review, and which need IAM or security approval before access is granted.
• Classify requestable apps by risk and lifecycle impact Use risk score, compliance requirement, and data sensitivity to decide which apps belong in self-service and which should remain gated by additional review.
• Separate ticket routing from entitlement issuance Make sure the system that receives the request is not automatically the system that grants the access, especially for high-impact SaaS and privileged tools.

What's in the full article

Zluri's full blog post covers the operational comparison and platform details this post intentionally leaves for the source:

• Side-by-side feature and pricing detail for Zendesk, ServiceNow, and Jira across ITSM, knowledge management, and automation
• Examples of how Zluri's employee app store handles ad hoc requests, approvals, and procurement handoff
• Practical walkthrough of audit reporting, request prioritisation, and multi-user access handling in the platform
• The vendor's own discussion of lifecycle governance and access control features for day-to-day IT operations

👉 Read Zluri's comparison of Zendesk, ServiceNow, Jira, and app request governance →

ITSM and app request workflows: what IAM teams need to know?

Explore further

View Full Forum →  |  NHI Foundation Course →