Easter Special Sale - Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 575363r9

Welcome To DumpsPedia
  1. Home
  2. ServiceNow
  3. Risk and Compliance
  4. CIS-RCI
  5. Certified Implementation Specialist - Risk and Compliance Questions and Answers

CIS-RCI Sample Questions Answers

Questions 4

Which of the following relationship sets are considered a many-to-many relationship? (Choose three.)

Options:

A.

Entity Type and Entity Class

B.

Indicator Template and Entity Type

C.

Control and Risk

D.

Control Objective and Entity Type

E.

Entity Type and Entity

Buy Now
Questions 5

What are some of the drivers for customers to get the GRC suite of applications? (Choose four.)

Options:

A.

They would like efficiency

B.

They would like integrated reporting

C.

They would like transparency

D.

They would like automated customer service

E.

They would like custom websites

F.

They would like workflow driven processes

Buy Now
Questions 6

When calculating compliance scores, what is true about the weighting of Controls? (Choose two.)

Options:

A.

Controls are not weighted equally by default

B.

The weight cannot be changed

C.

The default value is 10

D.

The weight of the Control is set when the Control is created

Buy Now
Questions 7

What would you leverage in order to provide users with an alternate user experience to view policies, create

policy exceptions, and search for controls?

Options:

A.

Help Desk Portal

B.

Catalog Portal

C.

Access Portal

D.

Service Portal

Buy Now
Questions 8

Which filter navigation syntax displays the table in list view within a separate browser tab?

Options:

A.

Tablename_LIST

B.

Tablename.list

C.

Tablename.LIST

D.

Tablename.List

Buy Now
Questions 9

What are the terms for level of risk before and after any actions are taken? (Choose two.)

Options:

A.

Operational risk

B.

Digital risk

C.

Inherent risk

D.

Calculated risk

E.

Residual risk

F.

Solutioned risk

Buy Now
Questions 10

Entity scoping is used for what?

Options:

A.

Make sure that all of your Entities have the right visibility

B.

Create and assign controls to the correct users

C.

Create, assign, and manage controls and risks across an enterprise

D.

Scope out the different users and roles that have access to the platform

Buy Now
Questions 11

Which of the following are scoped applications related to the Risk and Compliance applications? (Choose

four.)

Options:

A.

GRC: GRC Profiles

B.

GRC: Attestation Design

C.

GRC: UCF Compliance

D.

GRC: Policy and Compliance

E.

GRC: Performance Analytics

F.

GRC: Risk Management

Buy Now
Questions 12

For a particular risk assessment methodology (RAM), the control effectiveness score is calculated based on an individual assessment of controls. What are options for control identification? (Choose three.)

Options:

A.

Controls are identified from library and ad-hoc

B.

Controls are identified from indicator results

C.

Controls are identified from library

D.

Controls are identified ad-hoc

E.

Controls are identified from related issues

Buy Now
Questions 13

An external audit team needs to view all of your published policies and controls? Which role can you give the team members?

Options:

A.

sn_audit_manager

B.

sn_compliance_user

C.

sn_audit.external_auditor

D.

sn_risk_user

Buy Now
Questions 14

Which tables extend the Content (sn_grc_content) table? (Choose two.)

Options:

A.

sn_compliance_citation

B.

sn_grc_issue

C.

sn_compliance_policy_statement

D.

sn_risk_risk

Buy Now
Questions 15

Which tables extend from the Task table? (Choose two.)

Options:

A.

Risk Framework

B.

Risk Response Task

C.

Risk Statement

D.

Risk Event

E.

Risk

Buy Now
Questions 16

Which of the following roles can create issues? (Choose three.)

Options:

A.

Risk Reader

B.

Compliance Reader

C.

External Auditor

D.

Compliance User

E.

Audit User

F.

Risk Manager

Buy Now
Questions 17

Control Failure Factor represents the impact of Control Failures on what score?

Options:

A.

Inherent

B.

Residual

C.

Total

D.

Calculated

Buy Now
Questions 18

Praveen is a Risk Manager. Why would he want to utilize Entity Types and Entities? (Choose three.)

Options:

A.

To monitor risk exposure

B.

To remediate vulnerabilities

C.

To perform risk assessments

D.

To perform policy exceptions

E.

To perform risk reporting

Buy Now
Questions 19

Which filter navigation syntax displays the default form view of the Risk table in the Content Frame?

Options:

A.

sn_risk_risk.form

B.

sn_risk_risk.LIST

C.

sn_risk_risk.FORM

D.

sn_risk_risk.list

Buy Now
Questions 20

If you create a control manually and later decide to create them automatically, what will be the result?

Options:

A.

ServiceNow will delete the manually created control

B.

ServiceNow creates a duplicate control and notifies the control owner

C.

ServiceNow creates a duplicate control without notifying the control owner

D.

ServiceNow identifies the control and does not create a duplicate

Buy Now
Questions 21

What happens when you assign an Entity Type to a Control Objective?

Options:

A.

An assessment is automatically generated to test each Entity listed in the Entity Type

B.

A policy is created automatically for every Entity listed in the Entity Type

C.

A control is automatically generated for every Entity listed in the Entity Type

D.

The Entity Type presents a compliance score and controls tied to it

Buy Now
Questions 22

Which table stored the links from Entity to Entity Types?

Options:

A.

[sn_compliance_m2m_profile_profile_type]

B.

[sn_risk_m2m_risk_profile]

C.

[sn_compliance_m2m_policy_profile]

D.

[sn_grc_m2m_profile_profile_type]

Buy Now
Questions 23

Who should be directly involved in GRC implementations? (Choose four.)

Options:

A.

Board of directors

B.

Chief Executive

C.

ServiceNow platform experts

D.

Business Analyst

E.

Risk and compliance experts

F.

CMDB process owner

Buy Now
Questions 24

Which of the following extends from Content Table? (Choose two.)

Options:

A.

Citation

B.

Policy

C.

Control Objective

D.

Authority Document

Buy Now
Questions 25

Where does one go to configure the Regulatory Change Management impact assessment template?

Options:

A.

Risk Assessment Methodologies module

B.

Impact Assessment Flow in Flow Designer

C.

Impact Assessment Templates module

D.

Risk Assessment Templates module

Buy Now
Questions 26

What is the condition that must exist to edit the factor guidance of a published risk assessment methodology (RAM)?

Options:

A.

All assessment instance records are in the Monitor state

B.

All assessment instance records are closed

C.

All assessment instance records are deleted

D.

States of the assessment instance records are irrelevant

E.

All assessment instance records are canceled

Buy Now
Questions 27

Which role is not part of ServiceNow GRC?

Options:

A.

Risk User

B.

Risk Developer

C.

Risk Manager

D.

Risk Reader

Buy Now
Questions 28

Unified Compliance Framework (UCF) uses a slightly different nomenclature structure than ServiceNow. Common controls from UCF import into which table in ServiceNow?

Options:

A.

Control Objective [sn_compliance_policy_statement]

B.

Authority Document [sn_compliance_authority_document]

C.

Control [sn_compliance_control]

D.

Citation [sn_compliance_citation]

Buy Now
Questions 29

What is the minimum role required to create a risk assessment methodology (RAM)?

Options:

A.

sn_compliance.admin

B.

sn_risk.user

C.

sn_risk.manager

D.

sn_risk.admin

Buy Now
Questions 30

The Entity Type table has a many-to-many relationship with which tables? (Choose two.)

Options:

A.

Risk Statement

B.

Policy

C.

Control

D.

Risk

Buy Now
Questions 31

Who can move a Policy record from Review into the next state?

Options:

A.

The sys admin

B.

The compliance manager

C.

Any reviewer

D.

The named policy owner

Buy Now
Questions 32

Santa Clara Facility and Boston Facility are examples of what?

Options:

A.

Entities

B.

Entity Object

C.

Entity Class

D.

Entity Type

Buy Now
Questions 33

Where does a policy get published to when it is approved?

Options:

A.

Knowledge Summit

B.

ServiceNow Library

C.

Authoritative Records

D.

Knowledge Base

Buy Now
Questions 34

In which state can reviewers either send the Policy back to draft or forward it by requesting approval?

Options:

A.

Retired

B.

Published

C.

Awaiting Approval

D.

Review

Buy Now
Questions 35

What would you use in order to accommodate a customer’s unique process around policy approvals? For example, each policy needs a second layer of approval.

Options:

A.

Create a new field and create notifications

B.

Add a new related list to keep track of who has already approved it and who hasn’t approved yet

C.

Add a UI Action to track who the stakeholders are

D.

Create a new workflow in the workflow editor

Buy Now
Questions 36

Which of the following are the classic risk score types that ServiceNow tracks? (Choose three.)

Options:

A.

Residual

B.

Inherent

C.

Calculated

D.

Operational

E.

Digital

Buy Now
Exam Code: CIS-RCI
Exam Name: Certified Implementation Specialist - Risk and Compliance
Last Update: May 14, 2024
Questions: 121
$64  $159.99
$48  $119.99
$40  $99.99
buy now CIS-RCI