Exam CIS-RCI Realistic Dumps Verified Questions Free [Jun 03, 2026]
Valid CIS-RCI Dumps for Helping Passing ServiceNow Exam!
NEW QUESTION # 40
What actions does the GRC Business User Lite role allow a user to take?
Choose 2 answers
- A. Approve an Advanced Risk assessment
- B. Group control attestations
- C. Group issues
- D. Create a risk assessment
- E. Read a policy exception
Answer: B,C
NEW QUESTION # 41
Which of the following roles can create a policy? (Choose two.)
- A. Audit User
- B. Risk User
- C. Compliance User
- D. Compliance Manager
- E. Compliance Reader
Answer: A,E
NEW QUESTION # 42
Why would you create Entity classes?
- A. To be assigned to Control Objectives, which generate Controls for every Entity listed in the Entity class
- B. To show relationships between tables or objects you are tracking that doesn't otherwise exist anywhere in ServiceNow
- C. To show relationships between Entities and Policies and map them directory to Citations
- D. To be assigned to risk statements, which generate risks for every Entity listed in the Entity Class
Answer: A
Explanation:
Explanation/Reference: https://docs.servicenow.com/bundle/orlando-governance-risk-compliance/page/product/grc- common/task/t_CreateProfileTypes.html
NEW QUESTION # 43
Who can move a Policy into Review? (Choose two.)
- A. policy reviewer
- B. policy owner
- C. sys admin
- D. policy approver
Answer: C,D
NEW QUESTION # 44
Who can move a Policy into Review? (Choose two.)
- A. policy reviewer
- B. policy owner
- C. sys admin
- D. policy approver
Answer: C,D
Explanation:
Reference:
knowledge_18_LAB0296_policy_creation
NEW QUESTION # 45
Entity Types are applied to which types of records? (Choose three.)
- A. Issue
- B. Control Objective
- C. Risk
- D. Control
- E. Policy
- F. Risk Statement
Answer: C,E,F
NEW QUESTION # 46
Which GRC application would you use to manage internal or external consultancy processes that aim to prove the effectiveness of controls?
- A. Risk Management
- B. Vendor Risk Management
- C. Policy and Compliance Management
- D. Audit Management
Answer: C
NEW QUESTION # 47
What must an implementer configure to allow users to submit a policy exception from a non-GRC application like Security Operations?
Choose 2 answers
- A. Approval rules
- B. Exception risk rules
- C. Exception questionnaire
- D. verification rules
- E. Integration registry
Answer: B,E
NEW QUESTION # 48
The Calculated Risk Score utilizes data from the Inherent and Residual Risk scores to determine an adjusted ALE and Score. What other data drives the adjustments?
- A. Configuration Test Score
- B. Control and Indicator Failure Factors
- C. Attestation Score
- D. Audit Scores
Answer: B
NEW QUESTION # 49
Control Failure Factor represents the impact of Control Failures on what score?
- A. Residual
- B. Total
- C. Calculated
- D. Inherent
Answer: A
Explanation:
Reference: https://docs.servicenow.com/bundle/orlando-governance-risk-compliance/page/product/grc-risk/ task/t_CreateRisk.html
NEW QUESTION # 50
Which filter navigation syntax displays the table in list view within a separate browser tab?
- A. Tablename.list
- B. Tablename.LIST
- C. Tablename_LIST
- D. Tablename.List
Answer: B
NEW QUESTION # 51
What ensures that every time you create an Entity from a specific table, the Class of the Entity is set according to the rule?
- A. Entity business rules
- B. Entity type rules
- C. Entity class assignment
- D. Entity class rules
Answer: B,D
NEW QUESTION # 52
What feature is available in the GRC: Advanced Risk application but not available when using GRC: Risk Management classic risk assessment functionality?
- A. Risk indicator management
- B. Risk Response
- C. Multi-level risk statement hierarchy
- D. Risk issue management
Answer: C
NEW QUESTION # 53
Which of the following records does not have a lifecycle?
- A. Policy Exception
- B. Control Objective
- C. Control
- D. Policy
Answer: D
NEW QUESTION # 54
What record maintains the primary Risk Assessment Methodology that is displayed on the entity record?
- A. Entity Type
- B. Entity Class
- C. Entity
- D. Entity Tier
Answer: B
NEW QUESTION # 55
Which role(s) has the capability to create Policies? Choose two.)
- A. Compliance User
- B. Compliance Manager
- C. Compliance admin
- D. Risk Manager
Answer: B,C
Explanation:
Reference:
compliance/task/t_DefineAPolicy.html
NEW QUESTION # 56
Critical parts of a successful GRC implementation are understanding the customers current: (Choose three.)
- A. Risk and Compliance personas
- B. Regulatory requirements
- C. GRC processes
- D. Audit failures
- E. Data breaches
Answer: B,C,D
NEW QUESTION # 57
What assessment types can be enabled when configuring a risk assessment methodology (RAM)?
Choose 3 answers a
- A. Residual Assessment
- B. Application Risk Assessment
- C. inherent Assessment
- D. Control Assessment
- E. Project Risk Assessment
- F. Operational Risk Assessment
Answer: A,C,D
NEW QUESTION # 58
The Calculated Risk Score utilizes data from the Inherent and Residual Risk scores to determine an adjusted ALE and Score. What other data drives the adjustments?
- A. Configuration Test Score
- B. Attestation Score
- C. Control and Indicator Failure Factors
- D. Audit Scores
Answer: D
NEW QUESTION # 59
All of the following are PARENT tables which exist within the GRC Entities application scope EXCEPT.
- A. Item
- B. Content
- C. Document
- D. Indicator
Answer: C
NEW QUESTION # 60
......
CIS-RCI Exam Dumps For Certification Exam Preparation: https://www.examdiscuss.com/ServiceNow/exam/CIS-RCI/
Download Free ServiceNow CIS-RCI Exam Questions & Answer : https://drive.google.com/open?id=1ZD9eyr3pvvNBbQOcCdKqEF96DyoFgMKB