What table, along with the Policy table, is linked to the Control Objective table by a many-to-many relationship?
Correct Answer: B
Explanation:
In ServiceNow GRC/IRM, the Control Objective table is linked through a many-to-many relationship with both the Policy table and the Citation table. The Citation table represents regulatory or compliance references that map controls to external standards, laws, or frameworks, helping ensure traceability between control objectives and compliance requirements.
Question 2
Which of the following statements is true of a Risk Response task?
Correct Answer: C
Explanation:
In ServiceNow IRM (Integrated Risk Management), Risk Response tasks are used to manage mitigation or treatment actions for a risk. Assignment and management of these tasks are restricted to users with appropriate governance permissions, and in many configurations, the risk_admin role is required to assign and manage Risk Response tasks to ensure proper control over risk treatment workflows and compliance accountability.
Question 3
Which role is not part of ServiceNow GRC?
Correct Answer: B
Explanation:
In ServiceNow GRC (Governance, Risk, and Compliance / IRM), standard roles include Risk User, Risk Manager, and Risk Reader, which are part of the out-of-the-box role structure used for managing risk activities and access. However, Risk Developer is not a standard or baseline GRC role, as development activities are handled by platform roles like admin or app-specific configuration roles, not a dedicated “risk developer” role.
Demo Practice Mode
You are viewing only the questions marked as Demo.