GRC Overview 10% Flashcards

1
Q

Which of the following are scoped applications in GRC? (Select all that apply)

A. GRC: Profiles

B. GRC: Risk Management

C. GRC: Compliance and Audit Management

D. Global

A

GRC: Profiles
GRC: Risk Management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The citation is a breakdown of the authority document. What GRC component is the breakdown of a policy?
A. Control
B. Control objective
C. Control scoped with an entity
D. Control scoped with an entity type

A

Control objective

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

To what are test plans related?
A. Risks
B. Entities
C. Controls
D. Audit tasks

A

Controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which statements are true about assessments in GRC? Select all that apply.

Control attestations are administered on controls

Control attestations are administered on controls and risks

Risk assessments are administered on risks and controls

Risk assessments are administered on risks

A

Control attestations are administered on controls
Risk assessments are administered on risks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following extends from Document Table? (Choose two.)
A. Citation
B. Policy
C. Control Objective
D. Authority Document

A

Authority Document
Policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following relationship sets are considered a many-to-many relationship? (Choose three.)

A. Entity Type and Entity Class
B. Indicator Template and Entity Type
C. Control and Risk
D. Control Objective and Entity Type
E. Entity Type and Entity

A

Control and Risk
Control Objective and Entity Type
Entity Type and Entity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly