What Instance Scan checks
Instance Scan runs a set of checks against your instance configuration and custom code. Categories include: Performance (slow queries, large table scans), Security (ACL gaps, exposed fields), Upgradability (changes that break on upgrade), Best Practices (coding patterns).
Running an Instance Scan
Navigate to System Diagnostics > Instance Scan. You can run all checks or select specific suites. Larger instances take longer — expect 15-60 minutes for a full scan on a well-populated instance.
Reading the results
Results are categorised by Severity (Critical, High, Medium, Low) and Type. Each finding links to the specific record causing the issue — click it to navigate directly to the offending Business Rule, Script Include, or configuration item.
Critical findings to prioritise
Security findings: ACLs that allow wider access than intended, exposed sensitive fields, missing CRUD restrictions.
Performance findings: GlideRecord queries with no conditions on large tables, Business Rules with expensive logic running on every save, Script Includes that load unnecessary data.
Upgradeability findings
ServiceNow flags customisations that modify base system records (rather than extending via scoped apps). These changes risk being overwritten on upgrades. Instance Scan identifies them so you can plan ahead.
Scheduling regular scans
Set up a scheduled Instance Scan to run monthly. Configure it to email results to your admin team. Treat it like a code review — a fresh set of eyes on your instance health every month catches problems before they become incidents.
Not everything is critical
Instance Scan is opinionated. Some findings are genuine problems; others are acceptable tradeoffs. Review each finding in context before treating it as a must-fix.