What can be used to automatically assign a Vendor tier value?
A Risk Assessment
A configuration setting
A Tiering Assessment
A Vendor Tiering Rule
A Visual Task Board
Internal roles include: (Choose three.)
Vendor Contact sn_vdr_risk.vendor_contact
Vendor Risk Manager sn_vdr_risk_asmt.vendor_risk_manager
Primary Vendor Contact sn_vdr_risk_asmt.prim_vendor_contact
Vendor Risk Assessor sn_vdr_risk_asmt.vendor_assessor
Vendor Risk Reviewer sn_vdr_risk_asmt.vendor_assessment_reviewer
What is the definition of ‘Risk Management’?
Policies/Standards/Procedures established to ensure an organization is aligned with corporate strategy and expectations are clearly defined
The process of conforming to standards, policies, and remediation of audit findings
The elimination of vulnerable surface area in an enterprise environment
Process to identify, assess, and respond to risks, threats and vulnerabilities that could compromise the business
To what type of assessment record can a vendor contact respond?
Vendor tiering assessment
Vendor risk assessment
Customer assessment
External monitoring assessment
Which of these options can be used in data cleansing when importing vendor data? (Choose three.)
Data Policies
Access Control Lists
Field Normalization Rules
Fix Scripts
Data Import or Data Source Transform
UI Policies
Key data sources for Vendor Risk reporting include which of the following tables? (Choose two.)
Vendor Risk Assessment [sn_vdr_risk_asmt_assessment]
Questionnaire Templates [asmt_metric_type]
Vendor Benchmark Scores [sn_vdr_client_score]
Survey Scores [snc_survey_scores]
Vendor Risk Issue [sn_vdr_risk_asmt_issue]
CIS-Vendor Risk Management |
TESTED 25 Dec 2024
Copyright © 2014-2024 CramTick. All Rights Reserved