ServiceNow VRM > QUESTIONS & ANSWERS > ServiceNow VRM Course Final Exam Questions and Answers 2023 Solved Correctly (All)

ServiceNow VRM Course Final Exam Questions and Answers 2023 Solved Correctly

Document Content and Description Below

ServiceNow VRM Course Final Exam Questions and Answers 2023 Solved Correctly What is VRM (Vendor Risk Management)? -✔✔ VRM Process of ensuring the use of services and suppliers doesn't create ... unacceptable levels of risk or negative impact for the business How does VRM link to the GRC module? -✔✔ It is the fourth application in the GRC suite. It can also be used as a standalone application What are the 6 capabilities of VRM? -✔✔ 1. Vendor Portfolio 2. Vendor Tiering 3. Assessment Management 4. Vendor Portal 5. Issue + Remediation 6. GRC Integration What is Vendor Portfolio? -✔✔ This is a database of vendors which includes vendor info such as vendor contacts. It uses the existing company table in ServiceNow. What is Vendor Tiering? -✔✔ Assessments that are completed internally to classify vendors into categories of potential risk and ensure organisations are appropriately assessing their vendors by deciding which assessments are used going forward for that vendor, based on its tier. What is Assessment Management? -✔✔ Companies can create Questionnaire and Doc Request templates to build assessment templates to use to assess Vendors. Or companies can use the built-in SIG questionnaire. What is Vendor Portal? -✔✔ This is where communication between the company and vendors are done. Vendors can view their assessments, issues and tasks on this portal. What is Issue + Remediation? -✔✔ When Vendor Assessments aren't deemed correct, Issues + Tasks can be automatically/manually raised by the Company to address the problem. What is GRC Integration? -✔✔ Questions within a questionnaire template can be associated with Control Objectives. This in turn will then change control compliance based on vendor responses. VRM Benefits? -✔✔ - Efficiency through automation of processes - Reduce risk exposure - Ability to respond to higher risk vendors with constant assessment - Increased communication with Vendors What are the Tiering levels? -✔✔ None, Minor, Low, Moderate, High, Critical Are tiers maintained internally (company) or externally (vendor)? -✔✔ Internally How does Tiering work? -✔✔ - Create and complete Tiering assessment - Tier assigned to vendor - Tier based submission rule decides what assessment to send to vendor based on it's newly assigned tier What is a Tiering Assessment made up of? -✔✔ Tiering questionnaire template Is a tiering questionnaire template made of metrics categories and metrics OR other templates (assessment/doc request) -✔✔ Metrics categories and metrics What is a Vendor Risk Assessment made up of? -✔✔ 1. Assessment Template 2. Vendor What is an Assessment Template made up of? -✔✔ Metric Types: 1. Questionnaire Template 2. Doc Request Template What is Vendor Security Score used for? -✔✔ Allows companies to validate that vendors are maintaining their security posture. This then allows to prioritize vendor relationships and management, including conducting assessments if scores change (using score based submission rules) [Show More]

Last updated: 2 years ago

Preview 1 out of 20 pages

Buy Now

Instant download

We Accept: