What is the condition that must exist to edit the factor guidance of a published risk assessment methodology (RAM)?
A. All assessment instance records are canceled
B. All assessment instance records are deleted
C. All assessment instance records are closed
D. States of the assessment instance records are irrelevant
E. All assessment instance records are in the Monitor state
正解:B
質問 2:
On which records is the entity a required field? (Choose two.)
A. Risk statement
B. Control objective
C. Policy
D. Control
E. Risk
正解:D,E
質問 3:
Who should be directly involved in GRC implementations? (Choose four.)
A. Risk and compliance experts
B. ServiceNow platform experts
C. Board of directors
D. Business Analyst
E. CMDB process owner
F. Chief Executive
正解:B,C,D,E
質問 4:
Critical parts of a successful GRC implementation are understanding the customers current: (Choose three.)
A. Regulatory requirements
B. GRC processes
C. Audit failures
D. Risk and Compliance personas
E. Data breaches
正解:A,B,E
質問 5:
The SOX content pack includes a series of policies, control, risks. How are all of these components linked together?
A. Manually
B. Mapping File
C. Batch import
D. Automatically
正解:D
質問 6:
In which state can reviewers either send the Policy back to draft or forward it by requesting approval?
A. Retired
B. Awaiting Approval
C. Published
D. Review
正解:D
質問 7:
Which is not a type of key compliance indicator?
A. Manual
B. Scripted
C. Basic
D. Performance Analytics
E. Reference
正解:B
質問 8:
The overall goal of Entity Classes is to:
A. To enable reporting and to support advanced risk assessment
B. To provide specific information about an Entity, such as who owns the Entity
C. Show relationships between Entities and policies and map them directly to Citations
D. Associate Control Objectives and Risk Statements with Risks and Controls
正解:B
Kitami -
Pass4Testの問題集はCIS-RCIの試験内容をほとんど網羅しています。試験に合格しました。ありがとうございます。ここで感謝致します。