Allow non ITIL users to see dashboard reports on Incident recordsIssue There is a need for a PA Dashboard that displays data from reports against sc_req_item, sc_request, and incident. There is also a requirement to have the data visible to user without the ITIL role (perhaps executives and directors with very few roles in the platform). You considered various ACL methods of allowing access to the required tables, but that seems to be a hassle. After reviewing the Performance Analytics documentation, it becomes clear the pa_viewer role would be an ideal choice for allowing access to the Dashboard report widgets. More can be read about the use of the pa_viewer role at the following link: https://docs.servicenow.com/csh?topicname=r_PARoles.html&version=latest So, with the idea to have the pa_viewer role defined for a limited number of users who have very few (or no other roles) granted to them, you create 3 reports as follows: sc_req_itemsc_requestincident On these reports, you share each of them with the role pa_viewer as shown: Next, you create a test user with ONLY the pa_viewer role as shown: After sharing the reports and creating the new test user, you add the 3 example reports to a new PA Dashboard but then find that while sc_request and sc_req_item reports are visible, the report widget for incident records will not display. ReleaseAll current releases.CauseThere is an Out of Box before query Business Rule on the incident table (named incident_query) which is used to prevent users without the ITIL role from having access to incident records.ResolutionWhile not something typically suggested, the OOB Business Rule incident_query *could* be modified as follows to allow the pa_viewer role access to incident records. Line 6 of the BR can be modified as follows: ~~~snip~~~if ((GlidePluginManager.isActive('com.snc.spm') && gs.hasRole('service_view')) || gs.hasRole("pa_viewer"))~~~/snip~~~ The OOB version is shown here: The following shows the proposed modification: After the above BR modification, the PA Dashboard now displays all 3 reports proberly to the test user who has ONLY the pa_viewer role granted. Related LinksWhile the OOB business rule was modified, the user to whom was granted ONLY the pa_viewer role can only see his/her own incident records and can NOT view all incident records in the incident table list. Be aware that with the OOB BR modified, future upgrades will skip this file and as the administrator, you will need to compare and make changes as necessary to resolve the conflict on upgrade.