ServiceNow cis-rc practice test

Risk and Compliance

Last exam update: Nov 18 ,2025
Page 1 out of 15. Viewing questions 1-10 out of 142

Question 1

How can you get the SOX content pack?

  • A. ServiceNow Store
  • B. Patch Update
  • C. Platform Upgrade
  • D. Professional Services
Mark Question:
Answer:

b

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

Which of the following statements correctly describe the risk management lifecycle process?

  • A. Access, Identify and Plan, Control, Review
  • B. Control, Review, Assess, Identify and Plan
  • C. Identify and Plan, Assess, Control, Review
  • D. Identify and Plan, Review, Assess, Control
Mark Question:
Answer:

a

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

Where does a policy get published to when it is approved?

  • A. Knowledge Summit
  • B. ServiceNow Library
  • C. Authoritative Records
  • D. Knowledge Base
Mark Question:
Answer:

d

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

For advanced risk assessment, risk response can be handled in the following ways:
(Choose two.)

  • A. Create multiple risk response tasks
  • B. Skipped entirely based on attributes defined in the RAM
  • C. Must create a mitigation response task
  • D. Must create at least one risk response task
Mark Question:
Answer:

ac

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

What are some of the baseline tables commonly leveraged in Entity filters? (Choose three.)

  • A. Company [core_company]
  • B. Services [cmdb_ci_service]
  • C. Location [cmn_location]
  • D. Risk [sn_risk_risk]
  • E. Audit Engagement [sn_audit_engagement]
Mark Question:
Answer:

abd

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 6

What types of tasks are specific to the Audit module? (Choose four.)

  • A. Control Attestation
  • B. Interview
  • C. Walkthrough
  • D. Control Test
  • E. Activity
  • F. Remediation
Mark Question:
Answer:

bcef

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
F
50%
Discussions
vote your answer:
A
B
C
D
E
F
0 / 1000

Question 7

Which role(s) has the capability to create Policies? Choose two.)

  • A. Compliance Manager
  • B. Compliance admin
  • C. Compliance User
  • D. Risk Manager
Mark Question:
Answer:

ab

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

Which of the following tables exist within the GRC: Profiles application scope? (Choose three.)

  • A. sn_grc_profile_type
  • B. sn_grc_indicator
  • C. sn_grc_compliance_policy_statement
  • D. sn_grc_risk_definition
  • E. sn_grc_profile_class
Mark Question:
Answer:

cde

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 9

As a customer reaches greater GRC maturity, what can we expect to see occurring across their organization? (Choose three.)

  • A. Single Risk and Control frameworks across enterprise available to all stakeholders
  • B. Reliance on spreadsheet management for risk reporting
  • C. Continuous real-time monitoring of control performance
  • D. Cross-functional process automation
  • E. Reactive strategies for GRC activities
Mark Question:
Answer:

ace

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 10

Which is not a type of key compliance indicator?

  • A. Performance Analytics
  • B. Manual
  • C. Scripted
  • D. Reference
  • E. Basic
Mark Question:
Answer:

c

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000
To page 2