Can someone please give me answers for below questions

vijayr2313
Tera Contributor

1. Which GRC application would you use to manage internal or external consultancy processes that aim to prove the effectiveness of controls?

Risk Management
Audit Management
Policy and Compliance Management
Vendor Risk Management


2. The Risk Scoring values are entered on the Risk Statement. What records inherits the values from the Risk Statement?

Risk Criteria Matrix
Registered Risk
Risk Framework
Risk Response Issue


3. What are the different states available out of the box for classic/standard Risk management?

New, Awaiting Approval, Respond, Review, Monitor, Retired
Draft, Assess, Review, Monitor, Retired
New, Assess, Respond, Review, Monitor, Retired
Draft, Assess, Respond, Review, Monitor, Retired

 

4. Which of the following statements correctly describe the risk management lifecycle process?
A. Access, Identify and Plan, Control, Review
B. Control, Review, Assess, Identify and Plan
C. Identify and Plan, Assess, Control, Review
D. Identify and Plan, Review, Assess, Control

 

5. The Users with the role ________ and higher can be assigned to a Risk Response task.

sn_grc_risk.user
sn_risk.owner
sn_risk.reader
sn_risk.user

 

 

6. Which role is required to assign Risk Response task?

Risk Reader
Risk Writer
Risk User
Risk Manager

 

7. David is an Audit Manager. In addition to Audit Manager, which roles should be assigned to ensure he can manage the audit process as well as other GRC functions related to audit? (Choose two)

sn_grc.manager
sn_grc.reader
sn_grc.user
sn_grc.developer
sn_audit.user

 

8. Which role(s) has the capability to create Policies? Choose two.)

Compliance User
Risk Manager
Compliance Manager
Compliance Admin

 

9. Which role is required to set up Policy Acknowledgement campaign? (Select two)

Policy Reviewer
Policy Approver
Compliance User
Policy Owner

 

 

10. In which state can Compliance Manager or above review Control and move it to either Monitor or return to Draft state?

Review
Awaiting Approval
New
Attest

 

11. Which one of the following is not a trigger for issue creation?

Risk assessment returns the inherent and residual risk impact as ‘Very High’
Control effectiveness is ‘Ineffective’ and the state of control test is ‘Closed Complete’
Attestation returns the result as ‘Not Implemented’
Indicator failure
Manual issue created by any manager or admin role as well as by audit user

 

12. In Risk Management, which role is required to move the risk record into the Monitor State?

Risk Reader
Risk Developer
Risk User
Risk Manager

 

13. Who can send the Policy back to draft or forward it by requesting approval? (Select three)

Approvers
Owning Group
Owner
Reviewers

 

14. Control Failure Factor represents the impact of Control Failures on what score?

Residual
Inherent
Calculated
Total

 

15. UCF has a collection of what? Select all UCF terms. (Choose three)

Citations
Control Indicators
Authority Documents
Controls
Policies

 

16. Who can move a Policy into Review? (Choose two)

Policy Approver
Policy Reviewer
Policy Owner
Admin

 

17. Which role reviews the risk response and moves the Risk record into the Monitor state at the appropriate time?

Risk User
Risk Reader
Risk Manager
Risk Owner

 

18. Which roles are inherited when a user is given the sn_audit.user role?
(Select all that apply)
a) sn_grc.reader
b) sn_compliance.reader
c) sn_risk.reader
d) sn_audit.external_auditor

 

 

 

3 REPLIES 3

Ravi Chandra_K
Kilo Patron
Kilo Patron

Hello @vijayr2313 

Greetings!

I think answer to all of these can be found in CIS GRC course. it's better to refer now learning the official source of truth.

https://nowlearning.servicenow.com/lxp?id=amap_detail&summary_id=79d64e311bfcf01002ed2f89bd4bcb51&ac...

please mark the answer as correct and helpful if helped!

Kind Regards,

Ravi Chandra.

Prasanna_Patil
Tera Guru

Hi @vijayr2313 

 

You can even practice using this link ServiceNow CIS-RC Free Certification Exam Material | Exam Topics

 

In this please refer for the discussion and learn

Please hit like and Mark Helpful if you liked it
Regards,
Prasanna

hanwar2
Kilo Sage

Hi @vijayr2313 

were you able to get answers of these.