A customer wants to restrict access to compliance and risk information on the instance. What can be implemented? (Select two)

The implementation of Access Control Lists (ACLs) is a fundamental way to restrict access to compliance and risk information in ServiceNow. ACLs define the rules that govern which users or groups can access specific records and fields within the database. By setting up detailed ACLs, an organization can ensure that only authorized personnel have visibility into sensitive compliance and risk data, thus upholding privacy and security standards.

When it comes to controlling access, ACLs provide a fine-grained level of detail, allowing for conditions that can include user role checks, specific attributes of records, or even more complex logical conditions. This capability enables organizations to enforce compliance regulations by ensuring that only designated users can view, edit, or create risk and compliance records.

In the context of the other options, although client scripts, display business rules, UI policies, and query business rules serve useful functions in the ServiceNow platform, they are not primarily designed for access control. Client scripts may manipulate field values or visibility on forms; display business rules can be used for frontend display configurations, UI policies modify form behavior (e.g., mandatory fields, read-only status) but do not inherently control access permissions. Query business rules allow for specific conditions to execute when retrieving records but do not restrict access to