New Year Special Sale - 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: spcl70

Practice Free CIS-RCI Certified Implementation Specialist - Risk and Compliance Exam Questions Answers With Explanation

We at Crack4sure are committed to giving students who are preparing for the ServiceNow CIS-RCI Exam the most current and reliable questions . To help people study, we've made some of our Certified Implementation Specialist - Risk and Compliance exam materials available for free to everyone. You can take the Free CIS-RCI Practice Test as many times as you want. The answers to the practice questions are given, and each answer is explained.

Get Full 165 Questions Search Other ServiceNow Exam
Question # 6

Entity Types are applied to which types of records? (Choose three.)

A.

Risk Statement

B.

Issue

C.

Risk

D.

Control Objective

E.

Policy

F.

Control

Question # 7

The ‘Add to Update Set’ utility is available for download via:

A.

ServiceNow Developer site

B.

ServiceNow store

C.

ServiceNow Community

D.

ServiceNow HI support

Question # 8

The Citation table is a child table of which parent?

A.

Content

B.

Authority Document

C.

Item

D.

Document

Question # 9

Which tables extend the Content (sn_grc_content) table? (Choose two.)

A.

sn_compliance_citation

B.

sn_grc_issue

C.

sn_compliance_policy_statement

D.

sn_risk_risk

Question # 10

Who should be directly involved in GRC implementations? (Choose four.)

A.

Board of directors

B.

Chief Executive

C.

ServiceNow platform experts

D.

Business Analyst

E.

Risk and compliance experts

F.

CMDB process owner

Question # 11

Who can move a Policy into Review? (Choose two.)

A.

sys admin

B.

policy approver

C.

policy reviewer

D.

policy owner

Question # 12

Which of the following extends from items?

A.

Citation

B.

Controls

C.

Issue

D.

Policy

Question # 13

The content table (sn_grcs_content) is a parent table of:

A.

sn_grc_profile

B.

sn_risk_framework

C.

sn_risk_definition

D.

sn_risk_risk

Question # 14

Santa Clara Facility and Boston Facility are examples of what?

A.

Entities

B.

Entity Object

C.

Entity Class

D.

Entity Type

Question # 15

For a particular risk assessment methodology (RAM), the control effectiveness score is calculated based on an individual assessment of controls. What are options for control identification? (Choose three.)

A.

Controls are identified from library and ad-hoc

B.

Controls are identified from indicator results

C.

Controls are identified from library

D.

Controls are identified ad-hoc

E.

Controls are identified from related issues

Question # 16

Which of the following relationship sets are considered a many-to-many relationship? (Choose three.)

A.

Entity Type and Entity Class

B.

Indicator Template and Entity Type

C.

Control and Risk

D.

Control Objective and Entity Type

E.

Entity Type and Entity

Question # 17

Which of the following are Policy Lifecycle states included in the ServiceNow baseline? (Choose two.)

A.

Expired

B.

Review

C.

Acknowledged

D.

Published

E.

Verified

Question # 18

Which GRC application would you use to manage internal or external consultancy processes that aim to prove

the effectiveness of controls?

A.

Audit Management

B.

Risk Management

C.

Vendor Risk Management

D.

Policy and Compliance Management

Question # 19

Setting up entity classes is required when using which GRC features? (Choose two.)

A.

Setting up an object-based risk assessment

B.

Adding to the policy exception integration registry

C.

Assessing the impact of a regulatory feed

D.

Leveraging classic risk assessments

E.

Leveraging advanced risk assessments

Question # 20

What are some of the drivers for customers to get the GRC suite of applications? (Choose four.)

A.

They would like efficiency

B.

They would like integrated reporting

C.

They would like transparency

D.

They would like automated customer service

E.

They would like custom websites

F.

They would like workflow driven processes

Question # 21

GRC Options in Interactive Filters are only available through which feature?

A.

GRC Filtering

B.

Metrics Reporting

C.

Performance Analytics

D.

Trending Analytics

Question # 22

In which state is the Policy once all approvals are received?

A.

Review

B.

Published

C.

Draft

D.

Retired

E.

Awaiting Approval

Question # 23

As a customer reaches greater GRC maturity, what can we expect to see occurring across their organization? (Choose three.)

A.

Single Risk and Control frameworks across enterprise available to all stakeholders

B.

Reliance on spreadsheet management for risk reporting

C.

Continuous real-time monitoring of control performance

D.

Cross-functional process automation

E.

Reactive strategies for GRC activities

Question # 24

Possible regulations when Entity scoping for Healthcare:

(Choose two.)

A.

HITRUST

B.

FISMA

C.

HIPAA

D.

HETRUST

Question # 25

Policies can be automatically published after which of the following occurs?

A.

Related control objectives are marked active

B.

Policy exception is closed

C.

Policy is approved by all approvers

D.

Policy is approved by one approver

Question # 26

What table, along with the Policy table, is linked to the Control Objective table by a many-to-many

relationship?

A.

Entity Class

B.

Citation

C.

Authority Documents

D.

Risk Framework

Question # 27

What ensures that every time you create an Entity from a specific table, the Class of the Entity is set according to the rule?

A.

Entity class rules

B.

Entity business rules

C.

Entity class assignment

D.

Entity type rules

Question # 28

Which GRC tables serve as primary parent tables for the GRC applications? (Choose three.)

A.

Content

B.

Item

C.

Asset

D.

Task

E.

Document

Question # 29

An Entity can belong to one or multiple of which of the following?

A.

Entity Types

B.

Information Objects

C.

Departments

D.

Entity Classes

Question # 30

Which feature would you use to track completion of certain tasks?

A.

Related Lists

B.

SLAs

C.

Workflow Editor

D.

Notifications

Question # 31

What is the minimum role required to create a risk assessment methodology (RAM)?

A.

sn_compliance.admin

B.

sn_risk.user

C.

sn_risk.manager

D.

sn_risk.admin

Question # 32

Control indicators may be triggered or scheduled in which state?

A.

Retired

B.

Monitor

C.

Review

D.

Attest

E.

Draft

Question # 33

All of the following are PARENT tables which exist within the GRC Entities application scope EXCEPT.

A.

Item

B.

Document

C.

Content

D.

Indicator

Question # 34

Which table stores the links from Policy to Control Objective?

A.

[sn_compliance_m2m_policy_profile_type]

B.

[sn_compliance_m2m_policy_profile]

C.

[sn_compliance_m2m_policy_statement]

D.

[sn_compliance_m2m_statement_profile_type]

Question # 35

What three records need to be set-up when integrating with a provider RSS feed? (Choose three.)

A.

Feed sources record

B.

Provider record

C.

Regulatory Feed record

D.

Connection and Credentials record

E.

Regulatory Change Task record

Question # 36

Where does a policy get published to when it is approved?

A.

Knowledge Summit

B.

ServiceNow Library

C.

Authoritative Records

D.

Knowledge Base

CIS-RCI PDF

$33

$109.99

3 Months Free Update

Add to Cart
  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions

CIS-RCI PDF + Testing Engine

$52.8

$175.99

3 Months Free Update

Add to Cart
  • Exam Name: Certified Implementation Specialist - Risk and Compliance
  • Last Update: Dec 15, 2025
  • Questions and Answers: 165
  • Free Real Questions Demo
  • Recommended by Industry Experts
  • Best Economical Package
  • Immediate Access

CIS-RCI Engine

$39.6

$131.99

3 Months Free Update

Add to Cart
  • Best Testing Engine
  • One Click installation
  • Recommended by Teachers
  • Easy to use
  • 3 Modes of Learning
  • State of Art Technology
  • 100% Real Questions included