Policy Configuration

Question 1

What is the Policy record lifecycle?

Answer 1

Draft -> Review -> Awaiting approval -> Published -> Retired

Question 2

When the policy record is in the review state, who can request approval?

Answer 2

the policy owner, members of the Owning group, sn_compliance.manager role, admin role

Question 3

Which role is required to create policies?

Answer 3

sn_compliance.user

Question 4

Who can move the policy into the Review state?

Answer 4

the policy owner, members of the Owning group, sn_compliance.manager role, admin role

Question 5

What happens when a policy is approved?

Answer 5

Policy is published, KB article is created, associated control objectives are set to active

Question 6

Who can retire a policy?

Answer 6

Policy owner or sn_compliance.manager

Question 7

True or False: Control objectives have their own lifecycle

Answer 7

False

Question 8

What happens when a Policy exceeds its valid to date and it has no reviewers?

Answer 8

Policy set to draft

Question 9

What happens when a Policy exceeds its valid to date and it does have reviewers?

Answer 9

Policy set to Review

Question 10

What is the default system property for when published policies revert to Review?

Answer 10

30 days after Valid To date