If you read our "What Is ServiceNow" overview, you already know the core idea: one platform, one data model, reshaped into dozens of different products for different departments. This article is the inventory — every major product, organized by who actually buys and uses it, with the specific thing each one does.
ServiceNow groups its catalog into workflow families: Technology, Customer and Industry, Employee, Creator, and Security. We'll use a more practical grouping — by department, since that's how companies actually decide what to buy. One thing worth understanding before the list: every product below shares the same underlying tables, the same permission model, and the same scripting APIs. A developer who knows GlideRecord and Business Rules for ITSM can pick up HRSD or CSM configuration far faster than someone learning ServiceNow from scratch, because the platform mechanics don't change — only the specific tables and business processes layered on top do.
IT Workflows — Where ServiceNow Started
ITSM (IT Service Management) is the original product and still the most widely deployed. We cover it in full depth in our dedicated ITSM guide. It covers incident management (something's broken, fix it), problem management (why does this keep breaking), change management (controlled process for making changes to production systems), service catalog (a menu of things employees can request), and knowledge management (a searchable knowledge base for self-service). If a company says "we use ServiceNow" without further detail, this is almost always at least part of what they mean. ITSM is also the module most ServiceNow developers learn first, and most certification paths — including the CSA — assume ITSM as the baseline context for every example.
ITOM (IT Operations Management) — covered in depth in our dedicated ITOM guide — handles the technical side of keeping infrastructure running: monitoring servers and applications, detecting outages before they become incidents, and — most importantly — discovering and mapping what infrastructure actually exists. ServiceNow Discovery, a sub-component of ITOM, automatically scans a company's network and populates the CMDB with what it finds, which is the only realistic way to keep an accurate infrastructure map at enterprise scale. Event Management, another ITOM sub-product, correlates alerts from monitoring tools to reduce alert noise — turning 500 individual alerts about a single failing server into one actionable incident instead of 500 separate tickets.
CMDB (Configuration Management Database) deserves its own mention even though it's technically part of ITOM, because almost every other module depends on it. The CMDB is a live, relationship-mapped record of every piece of technology a company owns — servers, applications, network devices — and how they connect to and depend on each other. When an incident comes in, the CMDB is what lets ServiceNow show "this server is down, and here are the 14 applications and 3,000 users that depend on it." A poorly maintained CMDB is one of the most common reasons ServiceNow implementations underperform — the workflow logic is only as good as the data feeding it.
ITAM (IT Asset Management) — see our dedicated ITAM guide — tracks the lifecycle and cost side of technology: what hardware and software a company owns, what it's worth, when licenses expire, and when equipment needs replacing. This is where finance and procurement teams interact with ServiceNow even if they never touch an incident record. Software Asset Management, a sub-component, specifically tracks license compliance — whether a company is paying for more (or fewer) licenses than it's actually using, which can represent real money at enterprise scale.
ITBM (IT Business Management), often folded into SPM discussions, handles demand management — capturing and prioritizing requests for new IT work before they become formal projects.
Strategy and Portfolio
SPM (Strategic Portfolio Management) — fully covered in our dedicated SPM guide — formerly known as PPM (Project Portfolio Management), is how larger organizations plan and track initiatives at a portfolio level — which projects are funded, how resources are allocated across them, and whether the work being done actually maps to stated business strategy. It includes demand management, resource management, financial planning, and scenario planning for "what if we funded this instead of that" analysis. SPM supports waterfall, agile, and hybrid project methodologies natively, which is part of why it competes directly with dedicated tools like Planview rather than just being an internal ServiceNow feature.
APM (Application Portfolio Management), sometimes called Digital Portfolio Management, gives application owners a single view of every application a company runs — its health, its cost, its risk, and whether it should be kept, replaced, or retired. This is the tool behind "application rationalization" projects, where a company tries to reduce from 400 internal applications to something more manageable. It draws directly from CMDB data, which is another example of how the platform's shared data model makes modules reinforce each other rather than operating as silos.
Employee-Facing Workflows
HRSD (HR Service Delivery) — see our dedicated HRSD guide for the full picture — applies the same case-management pattern from ITSM to HR: employee onboarding and offboarding, HR case tracking, employee document management, and a self-service portal for things like benefits questions or address changes. Many large companies' internal "HR portal" is ServiceNow HRSD with custom branding. Lifecycle Events, a sub-feature, automates the dozens of cross-departmental tasks — IT provisioning, facilities, payroll setup — that need to happen whenever someone joins, transfers, or leaves a company.
Workplace Service Delivery handles facilities-related requests — booking a conference room, reporting a building maintenance issue, managing office space. Less universally deployed than HRSD, but common at companies with large physical offices, and increasingly relevant for hybrid-work seat booking and space utilization tracking.
Legal Service Delivery does the same thing for internal legal departments — contract requests, legal case intake, matter management.
Customer-Facing Workflows
CSM (Customer Service Management) — fully explored in our dedicated CSM guide — is ITSM's pattern turned outward: instead of employees submitting IT tickets, customers submit support cases. It includes case routing, a customer-facing knowledge base, and increasingly, AI-assisted resolution before a case ever reaches a human agent. CSM also commonly integrates with CRM platforms like Salesforce, since the customer record itself often lives outside ServiceNow even when the case management happens inside it.
FSM (Field Service Management) — fully explored in our dedicated FSM guide — handles the logistics of sending technicians to physical locations — scheduling, dispatch, route optimization, parts inventory, and mobile tools for the technician on site. Common in telecommunications, utilities, and equipment manufacturing, where "customer service" means sending someone to fix something in the physical world, not just answering a chat. FSM's scheduling engine accounts for technician skills, parts availability, and travel time simultaneously, which is a genuinely hard optimization problem most companies underestimate before they try to build it themselves.
Security and Risk
SecOps (Security Operations) — see our dedicated SecOps guide — connects security tooling — vulnerability scanners, threat intelligence feeds, SIEM platforms — into ServiceNow's workflow engine, so a detected security threat becomes a tracked, assigned, prioritized case instead of an alert lost in a dashboard nobody watches. It includes Security Incident Response and Vulnerability Response as its two core sub-products, and both lean heavily on the same CMDB data used elsewhere — knowing which systems are affected by a vulnerability requires knowing what's actually running on them.
GRC (Governance, Risk, and Compliance) — see our dedicated GRC guide — manages audits, regulatory compliance tracking, policy management, and enterprise risk registers. This is the product behind a company being able to say "yes, we can prove we did the required SOC 2 control checks" without that proof living in a folder of spreadsheets nobody trusts. GRC's value compounds with company size — a small company can track compliance in a spreadsheet, but a company undergoing dozens of simultaneous audits across different regulatory frameworks genuinely needs the structure GRC provides.
Build and Development Workflows
App Engine — covered in depth in our dedicated App Engine guide — is ServiceNow's platform for building custom applications — the underlying capability that lets a company create something nobody else has built software for, using the same data model, security model, and workflow engine as every other module. This is closely related to the scoped applications that custom development typically lives inside, which keep custom code isolated from the core platform and from other custom apps.
DevOps connects ServiceNow's change management process to actual software delivery pipelines — CI/CD tools, source control, deployment automation — so that software releases get the same governance and audit trail as any other change, without forcing engineering teams to manually file change requests for every deploy. This product exists specifically to bridge the gap between traditional ITIL change control and modern continuous deployment practices, which historically didn't play well together.
Creator Workflows is ServiceNow's broader marketing term for the App Engine ecosystem plus the supporting tools — Flow Designer, Integration Hub, and the visual builder layer — that let both professional developers and "citizen developers" build on the platform.
The AI Layer — Now Assist and Otto
Cutting across every module above is ServiceNow's AI layer. Now Assist provides generative AI features embedded into specific workflows — summarizing incidents, drafting knowledge articles, suggesting resolutions. As of Knowledge 2026, ServiceNow has begun positioning Otto as the next evolution of this layer, intended to unify Now Assist with acquired AI capabilities (including Moveworks) into a single agentic AI platform that can autonomously complete entire workflows, not just assist with steps inside them. This is sold as an add-on layer across modules rather than a standalone product most companies buy in isolation — the pricing and packaging here continues to evolve faster than almost anything else in the portfolio.
Industry-Specific Solutions
Beyond the horizontal products above, ServiceNow sells configured industry solutions for telecommunications (Telecommunications Service Management), financial services, healthcare and life sciences, government (including specific solutions for public sector compliance requirements), and manufacturing. These are typically the horizontal products (ITSM, CSM, FSM) pre-configured with industry-specific data models and workflows, sold as a faster starting point than building the same configuration from scratch. A telecom company, for instance, gets CSM pre-built with concepts like service outages affecting specific network segments, rather than configuring that structure from a blank ITSM instance.
How Companies Actually Decide What to Buy
Almost no company buys ServiceNow's full catalog. The typical pattern is: start with ITSM because IT has the most obvious, painful, ticket-tracking problem. Once the platform proves itself and the internal team understands how to configure it, expansion follows wherever the next-most-painful manual process lives — usually HR or customer service next, then security or asset management as the company scales further. Each expansion is also, in practice, a renewal negotiation — ServiceNow's sales motion is built around land-and-expand, starting small and growing the contract module by module over years.
This expansion pattern is also why ServiceNow professionals who know multiple modules — not just ITSM — tend to be more valuable as companies grow their footprint. The underlying skills (GlideRecord, Business Rules, ACLs, Flow Designer) transfer across every module, but knowing the specific data model and common configuration patterns of HRSD or CSM on top of ITSM makes someone useful across a company's entire expansion roadmap rather than just its starting point.
The Honest Summary
ServiceNow's "100+ products" framing sounds like marketing inflation, but it's mostly accurate — it's just that the vast majority of those 100+ are narrow configurations or add-ons layered on top of about a dozen products that actually matter for most companies: ITSM, ITOM, the CMDB underneath it, ITAM, SPM, HRSD, CSM, FSM, SecOps, GRC, and App Engine. Understanding those dozen gives you a working map of nearly every ServiceNow deployment you'll ever encounter, whether you're evaluating the platform as a buyer or building a career on it as a developer.
NowSpectrum Resource
ServiceNow CMDB Mastery Guide
CI classes, Discovery architecture, relationships, health scoring, and governance — the foundational data layer every other module depends on.
Get the Guide →