Certified Implementation Specialist - Risk and Compliance v1.0

Page:    1 / 12   
Exam contains 169 questions
Expand All

The Risk Scoring values are entered on the Risk Statement. What records inherits the values from the Risk Statement?

  • A. Risk Criteria Matrix
  • B. Risk Framework
  • C. Registered Risk
  • D. Risk Response Issue


Answer : D

Which of the following statements correctly describe the risk management lifecycle process?

  • A. Access, Identify and Plan, Control, Review
  • B. Control, Review, Assess, Identify and Plan
  • C. Identify and Plan, Assess, Control, Review
  • D. Identify and Plan, Review, Assess, Control


Answer : A

When calculating compliance scores, what is true about the weighting of Controls? (Choose two.)

  • A. Controls are not weighted equally by default
  • B. The weight cannot be changed
  • C. The default value is 10
  • D. The weight of the Control is set when the Control is created


Answer : CD

Which role(s) has the capability to create Policies? Choose two.)

  • A. Compliance Manager
  • B. Compliance admin
  • C. Compliance User
  • D. Risk Manager


Answer : AB

The ‘Add to Update Set’ utility is available for download via:

  • A. ServiceNow Developer site
  • B. ServiceNow store
  • C. ServiceNow Community
  • D. ServiceNow HI support


Answer : B

What are the four values leveraged for the Inherent and Residual Risk Score Types?

  • A. Impact, Probability, SLE, ARO
  • B. Impact, Likelihood, SLE, ALE
  • C. Impact, Likelihood, SLE, Score
  • D. Impact, Likelihood, SLE, ARO


Answer : A

What would you leverage in order to provide users with an alternate user experience to view policies, create policy exceptions, and search for controls?

  • A. Help Desk Portal
  • B. Catalog Portal
  • C. Access Portal
  • D. Service Portal


Answer : B

What type of customers may you encounter? (Choose three.)

  • A. Organization recently acquired and had some bad audit findings (using ServiceNow GRC to help restart their process)
  • B. Organization with little to nothing in place already (implementing one or more core ServiceNow GRC applications)
  • C. Organization undergoing a full GRC transformation (implementing all three core ServiceNow GRC applications at once or in a phased approach)
  • D. Organization implementing ServiceNow GRC to help ease their Customer Service organization (using other tools to manage other processes)
  • E. Organization implementing ServiceNow GRC to help ease their Help Desk organization (using other tools to manage other processes)


Answer : ABD

Possible regulations when Entity scoping for Healthcare:
(Choose two.)

  • A. HITRUST
  • B. FISMA
  • C. HIPAA
  • D. HETRUST


Answer : AC

For Control records, who can modify the Control in the Draft state?

  • A. All compliance users
  • B. Only the Compliance Manager
  • C. Only the person assigned the Attestation
  • D. Only Control Owners


Answer : D

Control indicators may be triggered or scheduled in which state?

  • A. Retired
  • B. Monitor
  • C. Review
  • D. Attest
  • E. Draft


Answer : D

Which role reviews the risk response and moves the Risk record into the Monitor state at the appropriate time?

  • A. Risk Manager
  • B. Risk User
  • C. Risk Reader
  • D. Risk Owner


Answer : A

Entity scoping is used for what?

  • A. Make sure that all of your Entities have the right visibility
  • B. Create and assign controls to the correct users
  • C. Create, assign, and manage controls and risks across an enterprise
  • D. Scope out the different users and roles that have access to the platform


Answer : B

The SOX content pack includes a series of policies, control, risks. How are all of these components linked together?

  • A. Mapping File
  • B. Manually
  • C. Automatically
  • D. Batch import


Answer : C

UCF has a collection of what? Select all UCF terms.
(Choose three.)

  • A. Control Indicators
  • B. Authority Documents
  • C. Policies
  • D. Citations
  • E. Controls


Answer : BDE

Page:    1 / 12   
Exam contains 169 questions
Expand All

Talk to us!

Have any questions or issues ? Please dont hesitate to contact us

[email protected]

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy