Official exam blueprint & study strategies

ServiceNow CIS-CAD - Certified Application Developer

Fully visible study guidance for SERVICENOW · Certified Application Developer (CAD). This page is a text-friendly companion to the interactive quiz landing page.

Open the interactive quiz page

Domain 1: Designing and Creating an Application — 20%

A clean application starts long before anyone adds fields to a form.

You’ll need to understand application scope, tables, data models, application files, roles, and the difference between extending an existing table and creating a new one. Poor data design creates duplicate information, awkward references, brittle scripts, and maintenance problems that follow the application into production. Study how Studio and App Engine Studio organize development work, how records relate, and when configuration belongs inside the application scope. Don’t design only for the first request. Consider ownership, reuse, deployment, upgrades, and long-term support. The strongest applications begin with a clear data model and a well-defined boundary.

Domain 2: Application User Interface — 20%

The user interface domain covers the tools used to shape how people view, enter, and interact with application data.

You’ll need to understand forms, lists, views, UI policies, client scripts, UI actions, modules, workspaces, and related interface components. Pay close attention to execution context. A requirement may sound simple, but the correct solution depends on whether the behavior is client-side, server-side, role-specific, form-specific, or reusable across interfaces. Hiding a field, making it mandatory, changing its value, or enforcing access all require different approaches. Practice selecting the least complex tool that meets the requirement. A clear interface should guide users without introducing unnecessary scripting or inconsistent behavior.

Domain 3: Security and Restricting Access — 20%

Application security requires a deliberate access model rather than scattered checks added after development.

You’ll need to understand roles, users, groups, access control rules, table access, record access, field access, scripted conditions, application scope, and cross-scope privileges. Don’t assume that hiding a field on a form protects its data. Presentation controls affect what users see in one interface, while ACLs determine whether they can access the information at all. Study how multiple access rules combine and how inherited roles or table hierarchies affect the final result. A maintainable design grants the minimum required access through clear, testable rules that align with actual business responsibilities.

Domain 4: Application Automation — 20%

Application automation is about choosing the right execution method for the requirement.

You’ll need to understand Flow Designer, business rules, script includes, scheduled logic, events, notifications, and other automation components. Focus on when each mechanism runs, what data it can access, and whether the logic should be reusable. Record-triggered behavior needs clear conditions and predictable timing, while shared server logic should be placed in callable components rather than copied across scripts. Watch for recursion, duplicate actions, and hidden dependencies. The best solution usually minimizes custom code while keeping the behavior supportable and visible. Test failure conditions and negative paths, not just the successful outcome.

Domain 5: Working with External Data — 10%

External data introduces unreliable networks, mismatched schemas, changing payloads, and systems your application doesn’t control.

You’ll need to understand data sources, import sets, transform maps, coalescing, REST integrations, web services, authentication, and scheduled imports. Stage and validate incoming data before moving it into production tables. A successful transform doesn’t guarantee clean results if coalescing, field mappings, or identifiers are wrong. Study the difference between importing data, exposing data to another system, and invoking an external service. Common failures include duplicate records, expired credentials, unexpected null values, and payload changes. Strong integrations make errors visible, preserve traceability, and support safe recovery.

Domain 6: Managing Applications — 10%

Managing applications covers how development work is versioned, moved, reviewed, and maintained across environments.

You’ll need to understand application repositories, update sets, source control, delegated development, application publishing, and deployment methods. These tools don’t capture or move the same things, so know what each one is designed to manage. Pay attention to application scope, dependencies, collisions, missing records, and version differences. A disciplined lifecycle includes development, review, testing, versioning, deployment, validation, and rollback planning. Don’t assume every configuration change travels automatically. Production fixes should also be reconciled with the authoritative development source so later releases don’t overwrite or lose them.