New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: best70

CIS-RCI Certified Implementation Specialist - Risk and Compliance Questions and Answers

Questions 4

Which is not a type of key compliance indicator?

Options:

A.

Performance Analytics

B.

Manual

C.

Scripted

D.

Reference

E.

Basic

Buy Now
Questions 5

Which of the following relationship sets are considered a many-to-many relationship? (Choose three.)

Options:

A.

Entity Type and Entity Class

B.

Indicator Template and Entity Type

C.

Control and Risk

D.

Control Objective and Entity Type

E.

Entity Type and Entity

Buy Now
Questions 6

What ensures that every time you create an Entity from a specific table, the Class of the Entity is set according to the rule?

Options:

A.

Entity class rules

B.

Entity business rules

C.

Entity class assignment

D.

Entity type rules

Buy Now
Questions 7

What is the condition that must exist to edit the factor guidance of a published risk assessment methodology (RAM)?

Options:

A.

All assessment instance records are in the Monitor state

B.

All assessment instance records are closed

C.

All assessment instance records are deleted

D.

States of the assessment instance records are irrelevant

E.

All assessment instance records are canceled

Buy Now
Questions 8

The ServiceNow Platform requires which external components in order to ingest data from other systems?

Options:

A.

The platform includes an SDK template that allows developers to enhance it using Java

B.

A messaging bus needs to be developed

C.

The platform allows XML to be ingested, and it required developers to leverage XSLT to map it properly

D.

The platform has Integration Service that allow users and developers to ingest data from a variety of

sources

Buy Now
Questions 9

Which of the following tables exist within the GRC: Profiles application scope? (Choose three.)

Options:

A.

Document

B.

Policy

C.

Risk

D.

Content

E.

Indicator

Buy Now
Questions 10

Unified Compliance Framework (UCF) uses a slightly different nomenclature structure than ServiceNow. Common controls from UCF import into which table in ServiceNow?

Options:

A.

Control Objective [sn_compliance_policy_statement]

B.

Authority Document [sn_compliance_authority_document]

C.

Control [sn_compliance_control]

D.

Citation [sn_compliance_citation]

Buy Now
Questions 11

Which GRC application would you use to manage internal or external consultancy processes that aim to prove

the effectiveness of controls?

Options:

A.

Audit Management

B.

Risk Management

C.

Vendor Risk Management

D.

Policy and Compliance Management

Buy Now
Questions 12

Jim is an Audit Manager. In addition to Audit Manager, which roles should be assigned to ensure he can

manage the audit process as well as other GRC functions related to audit? (Choose two.)

Options:

A.

sn_grc.manager

B.

sn_audit.user

C.

sn_grc.user

D.

sn_grc.reader

E.

sn_grc.developer

Buy Now
Questions 13

A control objective has been related to a risk statement and they've been scoped with the same entity type. What can we expect to occur?

Options:

A.

Risks for this risk statement will be moved back into a Review state since there are new factors impacting risk likelihood.

B.

A control for this control objective, with a matching entity, will be related to the registered risk for this risk statement as a mitigating control.

C.

The control objective will be marked as compliant since it is mitigating the related risk statement.

D.

Risk scores will automatically decrease for the risk statement's risks since there are now mitigating controls.

Buy Now
Questions 14

What minimum role is needed to bulk initiate risk assessments using the risk assessment scheduler?

Options:

A.

sn_grc.business_user

B.

sn_risk.user

C.

sn_risk.admin

D.

sn_risk.manager

Buy Now
Questions 15

The Calculated Risk Score utilizes data from the Inherent and Residual Risk scores to determine an adjusted ALE and Score. What other data drives the adjustments?

Options:

A.

Audit Scores

B.

Attestation Score

C.

Configuration Test Score

D.

Control and Indicator Failure Factors

Buy Now
Questions 16

Where does a policy get published to when it is approved?

Options:

A.

Knowledge Summit

B.

ServiceNow Library

C.

Authoritative Records

D.

Knowledge Base

Buy Now
Questions 17

UCF has a collection of what? Select all UCF terms.

(Choose three.)

Options:

A.

Control Indicators

B.

Authority Documents

C.

Policies

D.

Citations

E.

Controls

Buy Now
Questions 18

For a particular risk assessment methodology (RAM), the control effectiveness score is calculated based on an individual assessment of controls. What are options for control identification? (Choose three.)

Options:

A.

Controls are identified from library and ad-hoc

B.

Controls are identified from indicator results

C.

Controls are identified from library

D.

Controls are identified ad-hoc

E.

Controls are identified from related issues

Buy Now
Exam Code: CIS-RCI
Exam Name: Certified Implementation Specialist - Risk and Compliance
Last Update: Dec 22, 2024
Questions: 121

PDF + Testing Engine

$134.99

Testing Engine

$99.99

PDF (Q&A)

$84.99