Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmaspas7

Easiest Solution 2 Pass Your Certification Exams

CIS-VRM ServiceNow Certified Implementation Specialist -Vendor Risk Management Free Practice Exam Questions (2025 Updated)

Prepare effectively for your ServiceNow CIS-VRM Certified Implementation Specialist -Vendor Risk Management certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.

ServiceNow CIS-VRM Premium Access     Download Demo    
Page: 1 / 1
Total 60 questions

What can be used to automatically assign a Vendor tier value?

A.

A Risk Assessment

B.

A configuration setting

C.

A Tiering Assessment

D.

A Vendor Tiering Rule

E.

A Visual Task Board

A Vendor Risk Assessment that consists of a SIG Lite questionnaire and two document requests are displayed as how many total requests in the Vendor Portal?

A.

2

B.

3

C.

0

D.

1

The assessment page provides an area to import what kind of a completed questionnaire?

A.

GDPR

B.

SOC1 & SOC2

C.

SIG

D.

SOX

Which GRC records can be related to an Entity? (Choose three.)

A.

Entity Types

B.

Vendors

C.

Risks

D.

Policies

E.

Controls

Which statement accurately describes the visibility and audit history of actions and communications in the Vendor Risk Management application?

A.

The vendor and assessor interactions are captured in the Vendor Risk Issue record and are only visible from the portal view

B.

The Vendor Risk Issues created and the activity and history are lost from the Vendor Assessment Portal when the associated vendor contact changes

C.

The Vendor Risk Issues created and the activity and history will remain in the Vendor Assessment Portal even when vendor contacts change

D.

The vendor and assessor interactions are captured in the Vendor Risk Issue record and are only visible from the platform view

In the Vendor Portal, who can reassign Assessments?

A.

Vendor Business Owner

B.

Vendor

C.

Primary Contact

D.

Vendor Manager

Roles preceded by sn_vdr_risk are for which scope?

A.

GRC: Vendor Risk Remediation

B.

GRC: Vendor Risk Core

C.

GRC: Risk Management

D.

GRC: Vendor Risk Management

What can a vendor contact do in the Vendor Portal? (Choose four.)

A.

Update answers to returned questionnaires

B.

Communicate or share information with other vendors of the assessing organization

C.

Create new issues and tasks for the vendor risk assessor team

D.

Review and respond to issues created by the assessing organization

E.

Manage vendor contacts and task assignments within the vendor organization

F.

Respond to assessments sent by the assessing organization

What are some of the purposes of a Vendor Risk Issue? (Choose two.)

A.

Log access-related incidents for the vendor portal

B.

Indicate vendors that need further assessment

C.

Accept risks identified in the assessment

D.

Track remediation of compliance gaps

What is the advantage of using both VRM and GRC/IRM?

A.

Vendor Risk engagements automatically match with Audit engagements

B.

All compliance controls are automatically visible to the vendor risk manage

C.

Primary vendor contacts can then see their overall non compliant risk score

D.

Non compliant controls automatically adjust the risk score for a vendor entity

Where do vendors manage issues, respond to requests, and fulfill tasks assigned to them?

A.

Spreadsheets

B.

Vendor Portal

C.

ServiceNow Platform

D.

Email

During the Generating Observations phase of the Vendor Risk Assessment, what action might be taken by the Risk Assessor?

A.

Create issues from the assessment if necessary

B.

Update the vendor risk score

C.

Email the vendor

D.

Answer questions the vendor forgot to answer

On which of the following tables can you create vendor risk reports? (Choose three.)

A.

Company [core_company]

B.

Vendor Risk Assessment [sn_vdr_risk_asmt_assessment]

C.

Vendor Risk Issue [sn_vdr_risk_asmt_issue]

D.

Vendor Contact [vm_vendor_contact]

E.

Vendor Activity [vm_vendor_activity]

Vendor Risk Issues are usually created in which stage of an Assessment?

A.

Responses Received

B.

Generating Observations

C.

Submitted to Vendor

D.

Finalizing with Vendor

If clean data is not provided by the customer, what baseline solutions are available within the platform? (Choose three.)

A.

Integration hub ETL plugin

B.

Field normalization plugin

C.

Service graph connector

D.

System definition fix scripts module

E.

System import transform map scripts

Where can the score for each Assessment Metric or Metric Category be configured?

A.

Assessment Metric Category record

B.

Assessment Template record

C.

Assessment record

D.

Assessment Metric Type record

A Document Request Template is a record in which table?

A.

Document request item [sn_document_template]

B.

Vendor risk assessment [sn_vdr_risk_asmt_assessment]

C.

Assessment metric category [asmt_metric_category]

D.

Assessment metric type [asmt_metric type]

What are the baseline mandatory fields when creating a new Vendor Contact? (Choose three.)

A.

Name (First and Last)

B.

Vendor

C.

Department

D.

Email

E.

Role

ServiceNow CIS-VRM Premium Access     Download Demo    
Page: 1 / 1
Total 60 questions
Copyright © 2014-2025 Solution2Pass. All Rights Reserved