CIS-VRM
Free trial
Verified
Question 1
Which of the following is an objective of Vendor Risk Management? (Choose two.)
- A: To help vendors improve their security posture and preparedness
- B: To assess and manage the risk from interactions with vendors and third parties
- C: To help negotiate the best possible price for a product or service from the vendor
- D: To verify that vendors have adequate measures and processes in place to ensure profitability of vendor
Question 2
What can a vendor contact do in the Vendor Portal? (Choose four.)
- A: Update answers to returned questionnaires
- B: Communicate or share information with other vendors of the assessing organization
- C: Create new issues and tasks for the vendor risk assessor team
- D: Review and respond to issues created by the assessing organization
- E: Manage vendor contacts and task assignments within the vendor organization
- F: Respond to assessments sent by the assessing organization
Question 3
Which functions can be performed in the Vendor Portal? (Choose three.)
- A: Assessment response
- B: Contact Management
- C: Issue remediation
- D: Schedule web meetings
- E: Requests via virtual agent
Question 4
Where do vendors manage issues, respond to requests, and fulfill tasks assigned to them?
- A: Spreadsheets
- B: Vendor Portal
- C: ServiceNow Platform
- D: Email
Question 5
Which statements most accurately describe assignments to vendor contacts? (Choose two.)
- A: Individual sections in the questionnaire or document request can be assigned
- B: A questionnaire or document request cannot be assigned to multiple vendor contacts
- C: A questionnaire can be read by vendor contacts that are not assigned
- D: A questionnaire can only be completed by assigned vendor contacts
Question 6
What are the baseline mandatory fields when creating a new Vendor Contact? (Choose three.)
- A: Name (First and Last)
- B: Vendor
- C: Department
- D: Email
- E: Role
Question 7
Which of these options can be used in data cleansing when importing vendor data? (Choose three.)
- A: Data Policies
- B: Access Control Lists
- C: Field Normalization Rules
- D: Fix Scripts
- E: Data Import or Data Source Transform
- F: UI Policies
Question 8
Which of the following are functions of the Vendor Risk Assessor? (Choose three.)
- A: Enable communications across vendors
- B: Access completed assessments from vendors
- C: Update vendor contract deadlines
- D: Create issues for the vendor
- E: Create a Primary Contact record for a Vendor
Question 9
What third-party vendor security evaluation solutions are commonly integrated with VRM out-of-the-box? (Choose two.)
- A: MyScoreMetrics
- B: Vendor Insights
- C: Bitsight
- D: Security Scorecard
Question 10
What is the no code option to cleaning data being loaded into the Vendor Risk application?
- A: Fix Scripts
- B: Field Normalization
- C: Import
Question 11
When will the tiering value appear on the Vendor record?
- A: When the Tiering Assessment record state is closed
- B: When the Tiering Assessment record state is Tiering Assessment
- C: When all tiering assessments have been completed
Question 12
The Vendor records are stored in which table?
- A: Company [core_company]
- B: Department [cmn_department]
- C: Task [task]
- D: User [sys_user]
That’s the end of your free questions
You’ve reached the preview limit for CIS-VRMConsider upgrading to gain full access!
Free preview mode
Enjoy the free questions and consider upgrading to gain full access!