GRC Overview 10% Flashcards
Which of the following are scoped applications in GRC? (Select all that apply)
A. GRC: Profiles
B. GRC: Risk Management
C. GRC: Compliance and Audit Management
D. Global
GRC: Profiles
GRC: Risk Management
The citation is a breakdown of the authority document. What GRC component is the breakdown of a policy?
A. Control
B. Control objective
C. Control scoped with an entity
D. Control scoped with an entity type
Control objective
To what are test plans related?
A. Risks
B. Entities
C. Controls
D. Audit tasks
Controls
Which statements are true about assessments in GRC? Select all that apply.
Control attestations are administered on controls
Control attestations are administered on controls and risks
Risk assessments are administered on risks and controls
Risk assessments are administered on risks
Control attestations are administered on controls
Risk assessments are administered on risks
Which of the following extends from Document Table? (Choose two.)
A. Citation
B. Policy
C. Control Objective
D. Authority Document
Authority Document
Policy
Which of the following relationship sets are considered a many-to-many relationship? (Choose three.)
A. Entity Type and Entity Class
B. Indicator Template and Entity Type
C. Control and Risk
D. Control Objective and Entity Type
E. Entity Type and Entity
Control and Risk
Control Objective and Entity Type
Entity Type and Entity