Certified Implementation Specialist - Vendor Risk Management

Here you have the best ServiceNow CIS-VRM practice exam questions

You have 59 total questions to study from
Each page has 5 questions, making a total of 12 pages
You can navigate through the pages using the buttons at the bottom
This questions were last updated on November 15, 2024

Question 1 of 59

Which of the following is an objective of Vendor Risk Management? (Choose two.)

To help vendors improve their security posture and preparedness

To assess and manage the risk from interactions with vendors and third parties

To help negotiate the best possible price for a product or service from the vendor

To verify that vendors have adequate measures and processes in place to ensure profitability of vendor

Correct Answer: A, B

Vendor Risk Management aims to ensure that vendors and third parties maintain a level of security that protects the organization from various risks. It involves assessing and managing the risks that arise from these interactions, which aligns with assessing and managing the risk from interactions with vendors and third parties. Additionally, helping vendors improve their security posture and preparedness can be an objective to mitigate risks. Other options like negotiating the best possible price or ensuring the profitability of vendors are not primary objectives of Vendor Risk Management.

Question 2 of 59

The Vendor records are stored in which table?

Company [core_company]

Department [cmn_department]

Task [task]

User [sys_user]

Correct Answer: A

The Vendor records are stored in the Company [core_company] table. This table is typically used for storing information about external organizations with which a business interacts, such as vendors. Therefore, Company [core_company] is the correct choice.

Question 3 of 59

Internal roles include: (Choose three.)

Vendor Contact sn_vdr_risk.vendor_contact

Vendor Risk Manager sn_vdr_risk_asmt.vendor_risk_manager

Primary Vendor Contact sn_vdr_risk_asmt.prim_vendor_contact

Vendor Risk Assessor sn_vdr_risk_asmt.vendor_assessor

Vendor Risk Reviewer sn_vdr_risk_asmt.vendor_assessment_reviewer

Correct Answer: B, D, E

Internal roles within an organization are typically those that involve assessing, managing, or reviewing processes and risks internally, rather than interfacing directly with external entities. Vendor Risk Manager, Vendor Risk Assessor, and Vendor Risk Reviewer are roles that focus on managing and assessing risks at different levels within the organization. They are all internal roles as they are concerned with the internal management of vendor-related risks, rather than acting as points of contact with vendors.

Question 4 of 59

Roles preceded by sn_vdr_risk are for which scope?

GRC: Vendor Risk Remediation

GRC: Vendor Risk Core

GRC: Risk Management

GRC: Vendor Risk Management

Correct Answer: D

Roles preceded by sn_vdr_risk are typically for the GRC: Vendor Risk Management scope. In ServiceNow, the prefix 'sn_vdr_risk' is associated with roles and functionalities specifically designed to manage vendor risks, making GRC: Vendor Risk Management the correct scope.

Question 5 of 59

Before any changes to the configuration of an application are made, it is recommended that the correct update set and application scope are selected. What role is required for this functionality?

The Vendor Administrator role is required for this functionality

The Data Administrator role is required for this functionality

The User Administrator role is required for this functionality

The System Administrator role is required for this functionality

Correct Answer: D

The System Administrator role is required for managing and configuring application settings, including selecting the correct update set and application scope. This role typically has the necessary permissions to make changes to the configuration of an application.