Certified Implementation Specialist - Risk and Compliance v1.0 (CIS-RC)

Page:    1 / 12   
Total 169 questions

Which feature would you use to track completion of certain tasks?

  • A. Related Lists
  • B. SLAs
  • C. Workflow Editor
  • D. Notifications


Answer : C

Which GRC application would you use to determine where the organization is the most vulnerable or has the most exposure?

  • A. Vendor Risk Management
  • B. Audit Management
  • C. Policy and Compliance Management
  • D. Risk Management


Answer : D

What are the terms for level of risk before and after any actions are taken? (Choose two.)

  • A. Operational risk
  • B. Digital risk
  • C. Inherent risk
  • D. Calculated risk
  • E. Residual risk
  • F. Solutioned risk


Answer : AE

What types of tasks are specific to the Audit module? (Choose four.)

  • A. Control Attestation
  • B. Interview
  • C. Walkthrough
  • D. Control Test
  • E. Activity
  • F. Remediation


Answer : BCEF

What baseline criteria determine when notifications are triggered in relation to audit tasks? (Choose two.)

  • A. Expiration
  • B. At 50% completion
  • C. Reassignment
  • D. Due date change


Answer : AC

What minimum role is needed to bulk initiate risk assessments using the risk assessment scheduler?

  • A. sn_grc.business_user
  • B. sn_risk.user
  • C. sn_risk.admin
  • D. sn_risk.manager


Answer : D

Common controls from UCF import into which table in ServiceNow?

  • A. sn_compliance_policy
  • B. sn_compliance_policy_statement
  • C. sn_compliance_policy_exception
  • D. sn_complilance_authority_document


Answer : C

An Entity can belong to one or multiple of which of the following?

  • A. Entity Types
  • B. Information Objects
  • C. Departments
  • D. Entity Classes


Answer : B

When reviewing the Control Objective Table form with your customer, what are the most common choice lists to be configured? (Choose three.)

  • A. Reference
  • B. Classification
  • C. Category
  • D. Type
  • E. Description


Answer : BCD

Which ServiceNow roles can manually move a Control record into the Monitor state? (Choose two.)

  • A. Control owner
  • B. System admin
  • C. Process owner
  • D. Compliance manager


Answer : AD

For classic risk assessment, what are the risk components that apply to the Qualitative method? (Choose two.)

  • A. Single Loss Expectancy (SLE)
  • B. Annualized Rate of Occurrence (ARO)
  • C. Impact
  • D. Likelihood


Answer : CD

On which records is the entity a required field? (Choose two.)

  • A. Risk
  • B. Control
  • C. Policy
  • D. Control objective
  • E. Risk statement


Answer : AB

Entity Types are applied to which types of records? (Choose three.)

  • A. Risk Statement
  • B. Issue
  • C. Risk
  • D. Control Objective
  • E. Policy
  • F. Control


Answer : ACE

What new related list was added to the risk statement and entity records after migrating to advanced risk assessment?

  • A. Aggregated risk related list
  • B. Risk assessments related list
  • C. Risk tolerance related list
  • D. Assessment instances related list


Answer : A

What ensures that every time you create an Entity from a specific table, the Class of the Entity is set according to the rule?

  • A. Entity class rules
  • B. Entity business rules
  • C. Entity class assignment
  • D. Entity type rules


Answer : AD

Page:    1 / 12   
Total 169 questions