Policy And Compliance Implementation Approach 25% Flashcards
Carl is a compliance analyst with the compliance user role. What are his primary responsibilities in policy and compliance? Select all that apply.
Relate policies to control objectives
Delete authority documents, citations, policies, policy statements and controls
Send out policy acknowledgement campaigns and monitor progress
Coordinate and facilitate configuration requests
Manage policy acknowledgement campaigns and related audiences
Relate policies to control objectives
Send out policy acknowledgement campaigns and monitor progress
The policy for personnel health and safety is being reviewed and it is in the Review state. The compliance manager, Colin, is unable to move the policy back to Draft. What could be the reason (s)? Select all that apply.
He is not one of the named reviewers
He is not the policy owner
He does not have the sys admin role
He does not have the compliance admin role
He is not one of the named reviewers
He is not the policy owner
Defining regularly scheduled acknowledgement campaigns reduces the need to manually define campaigns. What are the prerequisite data required to automatically create an acknowledgement campaign for a policy? Select all that apply.
Audience
First acknowledgement date
Frequency
Number of days to respond
Valid from/to
Audience
First acknowledgement date
Frequency
Number of days to respond
After controls are generated for entities at Aglow Travel, control owners need to validate that a control is implemented before evaluating its effectiveness. How do they validate this?
Indicator template
Control test
Control attestation
Indicator attestation
Control attestation
Cecilia, the compliance analyst wants to create a group of control attestations. However, she is unable to add one of the control attestation records to the group. What could be the reason(s)? Select all that apply.
It is based on the same questionnaire
It is already complete
It is cancelled
It is not assigned to her
It is already complete
It is cancelled
It is not assigned to her
Where does a policy get published to when it is approved?
A. Knowledge Summit
B. ServiceNow Library
C. Authoritative Records
D. Knowledge Base
Knowledge Base
In which state can reviewers either send the Policy back to draft or forward it by requesting approval?
A. Retired
B. Published
C. Awaiting Approval
D. Review
Review
For Control records, who can modify the Control in the Draft state?
A. All compliance users
B. Only the Compliance Manager
C. Only the person assigned the Attestation
D. Only Control Owners
All compliance users
Policies can be automatically published after which of the following occurs?
A. Related control objectives are marked active
B. Policy exception is closed
C. Policy is approved by all approvers
D. Policy is approved by one approver
Policy is approved by all approvers
Which of the following records does not have a lifecycle?
A. Control Objective
B. Policy
C. Policy Exception
D. Control
Control Objective
Which of the following is not a table in the Policy and Compliance scope?
a. Policy
b. Authority Document
c. Issue
d. Control
Issue
What is the name of the Control Objective table?
a. sn_compliance_control_objective
b. sn_compliance_statement
c. sn_compliance_policy_statement
d. sn_grc_policy_statement
sn_compliance_policy_statement
When calculating compliance scores, what is true about the weighting of Controls? (Choose two)
The default value is 10
The weight of the Control is set when the Control is created
The weight cannot be changed
Controls are not weighted equally by default
The default value is 10
The weight of the Control is set when the Control is created
Policies are created in which state?
New
Open
Draft
Work In Progress
Draft
If a person is submitting Policy Exception through Service Portal. In which state the Record Producer creates the Policy Exception?
Draft
Analyze
Awaiting Approval
New
New