Limited time: Get 2 months free with annual plan — Claim offer →
Certifications Tools Flashcards Career Paths Exam Guides Blog Pricing
Start for free
Exam GuidesServiceNowCSA
ServiceNowAssociate Level2026 Updated

ServiceNow Certified System Administrator

Updated May 1, 202612 min readWritten by Certsqill experts
Quick facts — CSA
Exam cost
$150 USD
Questions
60 questions
Time limit
90 minutes
Passing score
70%
Valid for
2 years
Testing
Pearson VUE

Who this exam is for

The ServiceNow Certified System Administrator certification is designed for professionals who work with or want to work with ServiceNow technologies in a professional capacity. It is taken by cloud engineers, DevOps practitioners, IT administrators, and technical professionals looking to validate their expertise.

You do not need extensive prior experience to attempt it, but you will benefit from hands-on familiarity with the subject matter. The exam tests applied knowledge and architectural judgment, not just memorization. If you can reason about trade-offs and real-world scenarios, structured practice will handle the rest.

Domain breakdown

The CSA exam is built around official domains, each with a fixed percentage of the question pool. This distribution should directly inform how you allocate your study time.

Domain
Weight
Focus areas
ServiceNow Configuration
20%
Instance configuration, system properties, UI customization, application menus, modules, navigation, and personalizing the ServiceNow platform UI including banners, logos, and branding.
User Interface and Navigation
15%
List views, form design, related lists, field configuration, UI policies, client scripts, UI actions, and configuring the ServiceNow Next Experience (Polaris) interface for end users.
Self-Service and Process Automation
20%
Service Catalog configuration, catalog items, record producers, order guides, flow designer, business rules, workflow editor, notifications, SLA management, and escalation rules for ITSM processes.
Data Management
20%
Tables, fields, relationships, data dictionary, import sets, transform maps, data sources, update sets, application scope, and using ServiceNow Studio for configuration management.
Platform Security
15%
Access Control Lists (ACLs), roles, groups, user administration, high-security plugins, data classification, IP address filtering, and understanding the evaluation order of security rules.
Service Catalog
10%
Catalog items vs record producers vs order guides, catalog client scripts, catalog UI policies, variables and variable sets, fulfillment workflows, and managing catalog categories and portals.

Note the domain with the highest weight — many candidates under-invest here because it feels conceptual. In practice, this is where the exam is most precise, with scenario-based questions that test specifics.

What the exam actually tests

This is not a memorization exam. Questions require applied judgment under constraints. Almost every question includes a scenario with explicit requirements and asks you to select the most appropriate solution.

Here are examples of the question types you will encounter:

ACL vs Role Access Scenario
A user in the "itil" role can read Incident records but cannot write to the "Resolution Notes" field. What type of security control is most likely restricting write access to that specific field?
ServiceNow security is evaluated in order: ACLs first, then roles. Field-level security is enforced through ACLs with the "write" operation on a specific field. Role-based access controls object-level access. Knowing the evaluation sequence is essential for these questions.
Update Set vs Source Control
A developer made configuration changes in a development instance and needs to move them to a production instance. They used Update Sets. What must they do before committing the Update Set in production, and what is the key limitation of Update Sets for team collaboration?
Update Sets capture configuration changes and migrate them between instances. The limitation is conflict resolution — when two developers change the same configuration, Update Sets do not merge intelligently. Source control integration (Git) solves team collaboration issues. Know when each is appropriate.
Business Rule Execution Context
You need to auto-populate the "Resolved By" field with the current user when an Incident is moved to "Resolved" state. This logic should run server-side only, not based on user interaction. Which automation type is correct: Business Rule, Client Script, or UI Policy?
Business Rules run server-side (before/after/async/display). Client Scripts run in the browser (onChange, onLoad, onSubmit). UI Policies control field visibility/mandatory/read-only client-side. Server-side field updates triggered by data conditions = Business Rule.

How to prepare — 4-week study plan

This plan assumes one hour per weekday and roughly 30 minutes of lighter review on weekends. It is calibrated for someone with some relevant experience. If you are starting from zero, add an extra week before Week 1 to familiarise yourself with the basics.

W1
Week 1: Platform Navigation, Tables, and Data Dictionary
  • Provision a free ServiceNow Personal Developer Instance (PDI) at developer.servicenow.com. Navigate all main application areas: Incident, Problem, Change, Service Catalog, and CMDB.
  • Study the ServiceNow table structure: every record is a row in a table, tables extend other tables (inheritance), and the sys_id is the universal unique identifier. Understand the glide_record API concept.
  • Configure a new custom table with multiple field types, a reference field pointing to the User table, and a dependent field. Enable and configure the table for import and export.
  • Study the data dictionary: learn how to create fields using the field dictionary vs directly on a form. Understand dictionary attributes, choice lists, and dependent picklists.
W2
Week 2: Security Model — ACLs, Roles, and Groups
  • Study the ServiceNow security evaluation chain: IP Address Filtering → High Security Plugin → ACLs → Role Assignment. Understand that ACLs are evaluated top-down and the first matching rule applies.
  • Create ACLs in your PDI: table-level read/write, record-level conditional ACLs using scripts, and field-level ACLs restricting specific fields to specific roles. Test each with a non-admin user.
  • Configure roles, groups, and group membership. Understand that roles are assigned to users directly or via groups, and that ServiceNow roles are hierarchical (a role can contain other roles).
  • Complete 30 practice questions on ACL evaluation order, role inheritance, and the difference between data policies (enforce data regardless of interface) vs ACLs (enforce at the record access level).
W3
Week 3: Automation — Business Rules, Client Scripts, Flows, and Update Sets
  • Build all four Business Rule types in your PDI: before (modify record before save), after (trigger notifications after save), async (background processing), and display (alter display data).
  • Create Client Scripts: an onChange script that sets a field value based on another field, an onLoad script that hides a field for specific roles, and an onSubmit validation script.
  • Build a complete Service Catalog item with variables, a catalog client script for dynamic behavior, a catalog UI policy, and a Flow Designer flow for fulfillment with approval steps.
  • Practice Update Sets end-to-end: create a new Update Set, make configuration changes captured in it, export it to XML, and simulate importing it to another instance. Review conflict resolution steps.
W4
Week 4: SLA, Notifications, Import Sets, and Mock Exams
  • Configure SLA definitions for Incidents: P1 response SLA of 1 hour and resolution SLA of 4 hours. Set up SLA breaching notifications and test the SLA engine with test records.
  • Study import sets and transform maps: load a CSV file of user records into a staging table, create a transform map with field mappings and transformation scripts, and run the transform.
  • Take two full 60-question timed mock exams under exam conditions. Score and categorize errors by domain. Re-study the two weakest domains with targeted practice.
  • Review the ServiceNow CSA exam blueprint and confirm coverage of all objectives. Complete the ServiceNow CSA Maintenance Exam Study Guide on ServiceNow Training portal.

Common mistakes candidates make

These patterns appear repeatedly among candidates who resit this exam. Knowing them in advance is worth several percentage points.

Confusing ACLs and Role Assignment for Access Control
The most common failure point on the CSA exam. Candidates understand that roles control access, but do not understand that ACLs provide a more granular layer evaluated before role assignment for record and field operations. A user with the "itil" role can be blocked from a specific field or record by an ACL. Know the ACL evaluation order (table → record → field), the available operations (read, write, create, delete), and that ACL conditions can include scripts for dynamic evaluation.
Not Understanding Update Sets vs Source Control
Update Sets are the traditional ServiceNow deployment mechanism and are heavily tested on the CSA. Candidates often memorize that Update Sets move configurations between instances but fail scenario questions about what is NOT captured (data records, certain system properties) and how to handle conflicts when two update sets modify the same configuration. Understand the complete Update Set workflow: tracking → complete → export → import → preview → commit.
Confusing Business Rules, Client Scripts, and UI Actions Execution Contexts
These three automation tools all appear in the "User Interface and Navigation" and "Self-Service and Process Automation" domains, and scenario questions ask you to choose the correct tool. Business Rules = server-side, data-condition triggered. Client Scripts = browser-side, user-interaction triggered (onChange, onLoad, onSubmit). UI Actions = buttons/links on forms and lists that can run either client-side or server-side. UI Policies = declarative client-side field behavior (no code required).
Not Using a Personal Developer Instance for Hands-On Practice
The CSA exam is scenario and configuration heavy. Candidates who study only from documentation and practice questions cannot reliably answer questions about where specific settings live in the UI, how configuration screens behave, or what happens when conflicting rules apply. ServiceNow provides free Personal Developer Instances — use one for every study session and configure each exam objective yourself before the exam.

Is Certsqill right for you?

Honestly: Certsqill is built for candidates who have already done some studying and want to convert knowledge into exam performance. If you have never touched the subject, start with a foundational course first — then come to Certsqill when you are ready to practice.

Where Certsqill is strong: question depth, AI-powered explanations, and domain analytics. Every question is mapped to the exam blueprint. When you get something wrong, the AI tutor explains why the right answer is right and why each wrong answer fails under the specific constraints in the question.

Where Certsqill is not a replacement: video courses and hands-on labs. Use Certsqill to test and sharpen — not as your first exposure to a topic you have never encountered.

Ready to start practicing?
440 CSA questions. AI tutor. 3 mock exams. 7-day free trial.