Download Certified Implementation Specialist - Vendor Risk Management.CIS-VRM.VCEplus.2023-04-27.60q.vcex

Vendor: ServiceNow
Exam Code: CIS-VRM
Exam Name: Certified Implementation Specialist - Vendor Risk Management
Date: Apr 27, 2023
File Size: 31 KB

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Purchase
Coupon: EXAM_HUB

Discount: 20%

Demo Questions

Question 1
Which of the following is an objective of Vendor Risk Management? (Choose two.)
  1. To help vendors improve their security posture and preparedness
  2. To assess and manage the risk from interactions with vendors and third parties
  3. To help negotiate the best possible price for a product or service from the vendor
  4. To verify that vendors have adequate measures and processes in place to ensure profitability of vendor
Correct answer: AB
Explanation:
Reference:  https://reciprocity.com/resources/what-is-a-vendor-risk-managementprogram/#:~:text=A%20vendor%20risk%20management%20framework,across%20the%20organization's%20supplier%20base
Reference:  
https://reciprocity.com/resources/what-is-a-vendor-risk-managementprogram/#:~:text=A%20vendor%20risk%20management%20framework,across%20the%20organization's%20supplier%20base
Question 2
The Vendor records are stored in which table?
  1. Company [core_company]
  2. Department [cmn_department]
  3. Task [task]
  4. User [sys_user] 
Correct answer: A
Question 3
Internal roles include: (Choose three.)
  1. Vendor Contact sn_vdr_risk.vendor_contact
  2. Vendor Risk Manager sn_vdr_risk_asmt.vendor_risk_manager
  3. Primary Vendor Contact sn_vdr_risk_asmt.prim_vendor_contact
  4. Vendor Risk Assessor sn_vdr_risk_asmt.vendor_assessor
  5. Vendor Risk Reviewer sn_vdr_risk_asmt.vendor_assessment_reviewer
Correct answer: BDE
Question 4
Roles preceded by sn_vdr_risk are for which scope?
  1. GRC: Vendor Risk Remediation
  2. GRC: Vendor Risk Core
  3. GRC: Risk Management    
  4. GRC: Vendor Risk Management
Correct answer: D
Question 5
Before any changes to the configuration of an application are made, it is recommended that the correct update set and application scope are selected. 
What role is required for this functionality?
  1. The Vendor Administrator role is required for this functionality
  2. The Data Administrator role is required for this functionality
  3. The User Administrator role is required for this functionality
  4. The System Administrator role is required for this functionality
Correct answer: D
Explanation:
Reference:  https://www.bmc.com/blogs/sysadmin-role-responsibilities-salary/
Reference:  
https://www.bmc.com/blogs/sysadmin-role-responsibilities-salary/
Question 6
What is the definition of `Risk Management'?
  1. Policies/Standards/Procedures established to ensure an organization is aligned with corporate strategy and expectations are clearly defined 
  2. The process of conforming to standards, policies, and remediation of audit findings
  3. The elimination of vulnerable surface area in an enterprise environment
  4. Process to identify, assess, and respond to risks, threats and vulnerabilities that could compromise the business
Correct answer: D
Explanation:
Reference:  https://www.techtarget.com/searchsecurity/definition/What-is-risk-management-andwhy-is-it-important
Reference:  
https://www.techtarget.com/searchsecurity/definition/What-is-risk-management-andwhy-is-it-important
Question 7
Which of the following is the main benefit of using the Vendor Portal?
  1. Assessments are performed via the Vendor Portal and spreadsheets
  2. More efficiently communicating Assessments with a single contact
  3. Assessments are shared through the Vendor Portal and email
  4. More efficiently completing Assessments via the Vendor Portal
Correct answer: D
Explanation:
Reference:  https://oboloo.com/blog/what-are-the-benefits-of-using-a-vendor-portal-inprocurement/
Reference:  
https://oboloo.com/blog/what-are-the-benefits-of-using-a-vendor-portal-inprocurement/
Question 8
Baseline email notifications that help to automate the vendor risk management process are installed with which plugin?
  1. GRC: Vendor Risk Management
  2. GRC: Audit Management
  3. GRC: Risk Management
  4. GRC: Policy and Compliance Management
Correct answer: D
Question 9
Which statement best describes the role assignment of vendor contacts in Vendor Risk Management?
  1. When vendor contacts are created, they are automatically assigned the snc_internal role and the snc_external role
  2. When vendor contacts are created, they must be manually assigned the snc_external role
  3. When vendor contacts are created, they are automatically assigned the snc_internal role
  4. When vendor contacts are created, they are automatically assigned the snc_external role
Correct answer: D
Question 10
What can a vendor contact do in the Vendor Portal? (Choose four.)
  1. Update answers to returned questionnaires
  2. Communicate or share information with other vendors of the assessing organization
  3. Create new issues and tasks for the vendor risk assessor team
  4. Review and respond to issues created by the assessing organization
  5. Manage vendor contacts and task assignments within the vendor organization
  6. Respond to assessments sent by the assessing organization
Correct answer: ADEF
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!