Can someone help me with GRC questions?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-23-2023 12:55 AM
I'm preparing for exam and some of below questions are confusing so if you guys give me correct answer that would be great
Who can send the Policy back to draft or forward it by requesting approval? (Select three)
Approvers
Owning Group
Owner
Reviewers
Control Failure Factor represents the impact of Control Failures on what score?
Residual
Inherent
Calculated
Total
When selecting policy exception sources: (Select four)
Only Policies in Review can be selected.
Issues in Draft or Retired state cannot be selected.
The selected Policy, Control Objective, and Issues must be related.
Only Issues with an active control can be selected.
Only Issues in Respond state can be selected.
Only published Policies can be selected.
Which role(s) has the capability to create Policies? Choose two.)
Compliance User
Risk Manager
Compliance Manager
Compliance Admin
David is an Audit Manager. In addition to Audit Manager, which roles should be assigned to ensure he can manage the audit process as well as other GRC functions related to audit? (Choose two)
sn_grc.manager
sn_grc.reader
sn_grc.user
sn_grc.developer
sn_audit.user
The Risk Scoring values are entered on the Risk Statement. What records inherits the values from the Risk Statement?
Risk Criteria Matrix
Registered Risk
Risk Framework
Risk Response Issue
If a company is performing similar tests across many of their technical and process controls. What will be the best approach?
Create a test plan for each control
Create Engagement templates
Leverage test templates
Create a test plan for all controls
Which GRC application would you use to manage internal or external consultancy processes that aim to prove the effectiveness of controls?
Risk Management
Audit Management
Policy and Compliance Management
Vendor Risk Management
The Entity Filter record requires which mandatory field to be completed?
a) Filter date
b) Filter name
c) Conditions
d) Source table
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-23-2023 01:18 AM
@vijayr2313 Hi!
Please find below answers -
Control Failure Factor represents the impact of Control Failures on what score? --> Residual
Which GRC application would you use to manage internal or external consultancy processes that aim to prove the effectiveness of controls? --> Policy & Compliance Management
The Risk Scoring values are entered on the Risk Statement. What records inherits the values from the Risk Statement? --> Risk Criteria Matrix
David is an Audit Manager. In addition to Audit Manager, which roles should be assigned to ensure he can manage the audit process as well as other GRC functions related to audit? (Choose two)-->
sn_grc.manager
sn_grc.user
Which role(s) has the capability to create Policies? Choose two.)-->
Compliance Manager
Compliance Admin
Please mark it helpful if it helps...
Thanks,
Sonia
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-19-2023 07:59 AM - edited 11-19-2023 08:20 AM
Hi @SoniaShridhar13, could you please explain the rationale behind this one: Which GRC application would you use to manage internal or external consultancy processes that aim to prove the effectiveness of controls?
You mentioned Policy and Compliance Management, but I thought it would have been Risk Management, which includes functionality to measure control effectiveness? From the textbook: "create the manual factor for Control Effectiveness, which calculates the control effectiveness score on the Control Effectiveness Assessment"(pg 243)? More on the process, here: https://docs.servicenow.com/bundle/vancouver-governance-risk-compliance/page/product/grc-risk/task/c...
Alternatively, this link shows how audit management also can measure control test effectiveness https://docs.servicenow.com/bundle/tokyo-governance-risk-compliance/page/product/grc-audit/concept/i...
Seems like it can really go either way