ServiceNow cis-rci practice test

Certified Implementation Specialist - Risk and Compliance Exam

Last exam update: Feb 21 ,2024
Page 1 out of 3. Viewing questions 1-15 out of 45

Question 1

UCF has a collection of what? Select all UCF terms.
(Choose three.)

  • A. Control Indicators
  • B. Authority Documents
  • C. Policies
  • D. Citations
  • E. Controls
Answer:

BDE

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%

Reference:
https://docs.servicenow.com/bundle/orlando-governance-risk-compliance/page/product/grc-ucfimport/concept/c_UCF.html

Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 2

The SOX content pack includes a series of policies, control, risks. How are all of these components
linked
together?

  • A. Mapping File
  • B. Manually
  • C. Automatically
  • D. Batch import
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

Entity scoping is used for what?

  • A. Make sure that all of your Entities have the right visibility
  • B. Create and assign controls to the correct users
  • C. Create, assign, and manage controls and risks across an enterprise
  • D. Scope out the different users and roles that have access to the platform
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://docs.servicenow.com/bundle/newyork-governance-risk-compliance/page/product/grccommon/task/create-a-profile.html

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

Which role reviews the risk response and moves the Risk record into the Monitor state at the
appropriate
time?

  • A. Risk Manager
  • B. Risk User
  • C. Risk Reader
  • D. Risk Owner
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://docs.servicenow.com/bundle/orlando-governance-risk-compliance/page/product/grc-risk/task/t_CreateRisk.html

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

Control indicators may be triggered or scheduled in which state?

  • A. Retired
  • B. Monitor
  • C. Review
  • D. Attest
  • E. Draft
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%

Reference:
https://docs.servicenow.com/bundle/orlando-governance-risk-compliance/page/product/grc-risk/task/t_CreateRisk.html

Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 6

For Control records, who can modify the Control in the Draft state?

  • A. All compliance users
  • B. Only the Compliance Manager
  • C. Only the person assigned the Attestation
  • D. Only Control Owners
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://community.servicenow.com/community
?
id=community_
Question&sys_
id=f2ee79bcdbd33b8423f4a345ca9619f7&view_source=searchResult

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

Possible regulations when Entity scoping for Healthcare:
(Choose two.)

  • A. HITRUST
  • B. FISMA
  • C. HIPAA
  • D. HETRUST
Answer:

AC

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

What type of customers may you encounter? (Choose three.)

  • A. Organization recently acquired and had some bad audit findings (using ServiceNow GRC to help restart their process)
  • B. Organization with little to nothing in place already (implementing one or more core ServiceNow GRC applications)
  • C. Organization undergoing a full GRC transformation (implementing all three core ServiceNow GRC applications at once or in a phased approach)
  • D. Organization implementing ServiceNow GRC to help ease their Customer Service organization (using other tools to manage other processes)
  • E. Organization implementing ServiceNow GRC to help ease their Help Desk organization (using other tools to manage other processes)
Answer:

ABD

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 9

What would you leverage in order to provide users with an alternate user experience to view
policies, create
policy exceptions, and search for controls?

  • A. Help Desk Portal
  • B. Catalog Portal
  • C. Access Portal
  • D. Service Portal
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

What are the four values leveraged for the Inherent and Residual Risk Score Types?

  • A. Impact, Probability, SLE, ARO
  • B. Impact, Likelihood, SLE, ALE
  • C. Impact, Likelihood, SLE, Score
  • D. Impact, Likelihood, SLE, ARO
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 11

The ‘Add to Update Set’ utility is available for download via:

  • A. ServiceNow Developer site
  • B. ServiceNow store
  • C. ServiceNow Community
  • D. ServiceNow HI support
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://community.servicenow.com/community
?
id=community_blog&sys_id=dd0d9079db858098d58ea345ca961925

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 12

Which role(s) has the capability to create Policies? Choose two.)

  • A. Compliance Manager
  • B. Compliance admin
  • C. Compliance User
  • D. Risk Manager
Answer:

AB

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://docs.servicenow.com/bundle/orlando-governance-risk-compliance/page/product/grc-
policyand-compliance/task/t_DefineAPolicy.html

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 13

When calculating compliance scores, what is true about the weighting of Controls? (Choose two.)

  • A. Controls are not weighted equally by default
  • B. The weight cannot be changed
  • C. The default value is 10
  • D. The weight of the Control is set when the Control is created
Answer:

CD

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://community.servicenow.com/community
?
id=community_
Question&sys_
id=bc450789dbf393802be0a851ca961948

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 14

Which of the following statements correctly describe the risk management lifecycle process?

  • A. Access, Identify and Plan, Control, Review
  • B. Control, Review, Assess, Identify and Plan
  • C. Identify and Plan, Assess, Control, Review
  • D. Identify and Plan, Review, Assess, Control
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 15

The Risk Scoring values are entered on the Risk Statement. What records inherits the values from the
Risk
Statement?

  • A. Risk Criteria Matrix
  • B. Risk Framework
  • C. Registered Risk
  • D. Risk Response Issue
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2