CIS-VRM : ServiceNow Vendor Risk Management Exam

CIS-VRM Dumps
CIS-VRM Braindumps
CIS-VRM Real Questions
CIS-VRM Practice Test
CIS-VRM Actual Questions


ServiceNow
CIS-VRM
ServiceNow Vendor Risk Management
https://killexams.com/pass4sure/exam-detail/CIS-VRM
Question: 158
Which of these must be true in order for a vendor risk issue to be visible in the Vendor Portal?
A. There must be at least one secondary contact for the vendor
B. The primary vendor contact must have the sn_vdr_issues role
C. Issues are always visible in the vendor portal
D. The Visible in vendor portal field must have a value of true
Answer: D
Question: 159
What are the features of Vendor Risk Issues? (Choose two.)
A. Generate audit tasks for the vendor risk team
B. Can only be seen by the customerās vendor risk team
C. Provide vendor direct access to update and respond to Issues
D. Can be generated on-demand or automatically due to an incorrect answer
Answer: A,C,D
Question: 160
During the Generating Observations phase of the Vendor Risk Assessment, what action might be taken by the Risk
Assessor?
A. Create issues from the assessment if necessary
B. Update the vendor risk score
C. Email the vendor
D. Answer questions the vendor forgot to answer
Answer: A
Question: 161
Vendor Risk Tasks are saved to which one of the following tables?
A. [task]
B. [planned_task]
C. [sn_vendor_risk_task]
D. [sn_vdr_risk_asmt_task]
Answer: C
Question: 162
How are Vendor Risk questionnaires and document requests displayed on the Vendor Portal?
A. As separate requests and can be assigned to different vendor contacts
B. As separate requests and can only be assigned to the same vendor contact
C. As a single assessment assigned to a single vendor contact
D. As a single assessment assigned to a single engagement contact
Answer: A
Question: 163
Which of these options can be used in data cleansing when importing vendor data? (Choose three.)
A. Data Policies
B. Access Control Lists
C. Field Normalization Rules
D. Fix Scripts
E. Data Import or Data Source Transform
F. UI Policies
Answer: A,C,D,E
Question: 164
What is the definition of āRisk Managementā?
A. Policies/Standards/Procedures established to ensure an organization is aligned with corporate strategy and
expectations are clearly defined
B. The process of conforming to standards, policies, and remediation of audit findings
C. The elimination of vulnerable surface area in an enterprise environment
D. Process to identify, assess, and respond to risks, threats and vulnerabilities that could compromise the business
Answer: D
Explanation:
Reference: https://www.techtarget.com/searchsecurity/definition/What-is-risk-management-and-why-is-it-important
Question: 165
The Vendor records are stored in which table?
A. Company [core_company]
B. Department [cmn_department]
C. Task [task]
D. User [sys_user]
Answer: A
Question: 166
Which statements most accurately describe assignments to vendor contacts? (Choose two.)
A. Individual sections in the questionnaire or document request can be assigned
B. A questionnaire or document request cannot be assigned to multiple vendor contacts
C. A questionnaire can be read by vendor contacts that are not assigned
D. A questionnaire can only be completed by assigned vendor contacts
Answer: A,C,D
Question: 167
What third-party vendor security evaluation solutions are commonly integrated with VRM out-of-the-box? (Choose
two.)
A. MyScoreMetrics
B. Vendor Insights
C. Bitsight
D. Security Scorecard
Answer: A,C,D
Question: 168
For each questionnaire template/assessment metric type, how many vendor risk areas can be designated?
A. One
B. As many as desired
C. None
D. Two
Answer: A
Question: 169
Which functions can be performed in the Vendor Portal? (Choose three.)
A. Assessment response
B. Contact Management
C. Issue remediation
D. Schedule web meetings
E. Requests via virtual agent
Answer: A,B,C
Question: 170
Where can the score for each Assessment Metric or Metric Category be configured?
A. Assessment Metric Category record
B. Assessment Template record
C. Assessment record
D. Assessment Metric Type record
Answer: D
Question: 171
Roles preceded by sn_vdr_risk are for which scope?
A. GRC: Vendor Risk Remediation
B. GRC: Vendor Risk Core
C. GRC: Risk Management
D. GRC: Vendor Risk Management
Answer: B
Question: 172
Internal roles include: (Choose three.)
A. Vendor Contact sn_vdr_risk.vendor_contact
B. Vendor Risk Manager sn_vdr_risk_asmt.vendor_risk_manager
C. Primary Vendor Contact sn_vdr_risk_asmt.prim_vendor_contact
D. Vendor Risk Assessor sn_vdr_risk_asmt.vendor_assessor
E. Vendor Risk Reviewer sn_vdr_risk_asmt.vendor_assessment_reviewer
Answer: A,B,D,E
Question: 173
Who is able to change the password for the vendor contact? (Choose two.)
A. Vendor Contract Relationship Manager
B. sys_admin
C. Vendor contact via the Forgot Password link
D. Vendor Risk Reviewer
Answer: A,B,C
Question: 174
Which statement accurately describes the visibility and audit history of actions and communications in the Vendor
Risk Management application?
A. The vendor and assessor interactions are captured in the Vendor Risk Issue record and are only visible from the
portal view
B. The Vendor Risk Issues created and the activity and history are lost from the Vendor Assessment Portal when the
associated vendor contact changes
C. The Vendor Risk Issues created and the activity and history will remain in the Vendor Assessment Portal even
when vendor contacts change
D. The vendor and assessor interactions are captured in the Vendor Risk Issue record and are only visible from the
platform view
Answer: C
Question: 175
To what type of assessment record can a vendor contact respond?
A. Vendor tiering assessment
B. Vendor risk assessment
C. Customer assessment
D. External monitoring assessment
Answer: B
Explanation:
Reference: https://www.smartsheet.com/content/vendor-assessment-evaluation
Question: 176
From an Assessment record, the vendor risk assessor can click on āView Responsesā to see which of the following?
A. Issue Responses
B. Email Responses
C. Task Responses
D. Assessment Responses
Answer: D
Question: 177
Before any changes to the configuration of an application are made, it is recommended that the correct update set and
application scope are selected.
What role is required for this functionality?
A. The Vendor Administrator role is required for this functionality
B. The Data Administrator role is required for this functionality
C. The User Administrator role is required for this functionality
D. The System Administrator role is required for this functionality
Answer: D
Explanation:
Reference: https://www.bmc.com/blogs/sysadmin-role-responsibilities-salary/

User: Aadya***** Word of mouth is a powerful way of advertising a product. When something is so good, why not spread the word and promote it positively?

User: Nataliya***** I searched for practice tests that would satisfy my specific needs for the cis-vrm exam, and I found them on Killexams.com. The practice tests knocked out all my doubts in a short time. For the first time in my career, I attended the cis-vrm exam with only one instruction material, and I managed to score fantastically. I am truly satisfied, and I am here to congratulate you on the outstanding help you provided me in the form of the test material.

User: Sarah***** In conclusion, Killexams.com practice questions and answers are the most ideal way to get equipped and pass IT tests. I scored 88% on my ServiceNow CIS-VRM exam, and my associates have used Killexams.com material to obtain various certifications. It is a reliable learning tool and one of my top choices.

User: Seryozha***** I passed my exam with an 84% mark in the stipulated time, thanks to killexams.com. Studying while working full-time can be challenging, but the concise answers provided by killexams.com helped me understand complicated subjects. I took the cis-vrm exam to advance my career, and killexams.com helped me achieve my goal.

User: Sergei***** If you want to change your destiny and ensure that happiness is part of your future, you must work hard. It was my destiny to find Killexams during my exams because it led me towards my destiny. My fate was getting accurate grades, and Killexams and its teachers made it possible through their exceptional coaching. Thanks to their material, I could not possibly fail the CIS-VRM exam.

---