New Year Sale - Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70dumps

CIS-RCI Questions and Answers

Question # 6

What are some characteristics of the ServiceNow Store? (Choose four.)

A.

Some applications are certified by ServiceNow

B.

All applications are certified by ServiceNow

C.

Applications may be developed by ServiceNow Technology Partners

D.

It houses both paid and free applications and integrations

E.

Applications are built om the ServiceNow platform

F.

Applications are certified by other developers

Full Access
Question # 7

For classic risk assessment, what are the risk components that apply to the Qualitative method? (Choose two.)

A.

Single Loss Expectancy (SLE)

B.

Annualized Rate of Occurrence (ARO)

C.

Impact

D.

Likelihood

Full Access
Question # 8

Why would you create Entity classes?

A.

To show relationships between tables or objects you are tracking that doesn’t otherwise exist anywhere in

ServiceNow

B.

To be assigned to risk statements, which generate risks for every Entity listed in the Entity Class

C.

To be assigned to Control Objectives, which generate Controls for every Entity listed in the Entity class

D.

To show relationships between Entities and Policies and map them directory to Citations

Full Access
Question # 9

Which GRC application would you use to manage internal or external consultancy processes that aim to prove

the effectiveness of controls?

A.

Audit Management

B.

Risk Management

C.

Vendor Risk Management

D.

Policy and Compliance Management

Full Access
Question # 10

Service Level Agreements can be used for the which of the following? (Choose two.)

A.

Risk Issues

B.

Risk

C.

Risk Statement

D.

Risk Response Task

E.

Risk Framework

Full Access
Question # 11

Which of the following relationship sets are considered a many-to-many relationship? (Choose three.)

A.

Entity Type and Entity Class

B.

Indicator Template and Entity Type

C.

Control and Risk

D.

Control Objective and Entity Type

E.

Entity Type and Entity

Full Access
Question # 12

The content table (sn_grcs_content) is a parent table of:

A.

sn_grc_profile

B.

sn_risk_framework

C.

sn_risk_definition

D.

sn_risk_risk

Full Access
Question # 13

How can you get the SOX content pack?

A.

ServiceNow Store

B.

Patch Update

C.

Platform Upgrade

D.

Professional Services

Full Access
Question # 14

Which one of the following is not a trigger for issue creation?

A.

Manual issue created by any manager or admin role as well as by audit user

B.

Indicator failure

C.

Risk assessment returns the inherent and residual risk impact as ‘Very High’

D.

Attestation returns the result as ‘Not Implemented’

E.

Control effectiveness is ‘Ineffective’ and the state of control test is ‘Closed Complete’

Full Access
Question # 15

Which of the following records does not have a lifecycle?

A.

Control Objective

B.

Policy

C.

Policy Exception

D.

Control

Full Access
Question # 16

Where does one go to configure the Regulatory Change Management impact assessment template?

A.

Risk Assessment Methodologies module

B.

Impact Assessment Flow in Flow Designer

C.

Impact Assessment Templates module

D.

Risk Assessment Templates module

Full Access
Question # 17

Control Failure Factor represents the impact of Control Failures on what score?

A.

Inherent

B.

Residual

C.

Total

D.

Calculated

Full Access
Question # 18

Which of the following roles can create a policy? (Choose two.)

A.

Audit User

B.

Compliance User

C.

Compliance Manager

D.

Risk User

E.

Compliance Reader

Full Access