100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
ServiceNow VRM Course UPDATED Exam Questions and CORRECT Answers $9.49   Add to cart

Exam (elaborations)

ServiceNow VRM Course UPDATED Exam Questions and CORRECT Answers

 0 view  0 purchase
  • Course
  • ServiceNow VRM
  • Institution
  • ServiceNow VRM

ServiceNow VRM Course UPDATED Exam Questions and CORRECT Answers What is VRM (Vendor Risk Management)? - CORRECT ANSWER- VRM Process of ensuring the use of services and suppliers doesn't create unacceptable levels of risk or negative impact for the business How does VRM link to the GRC modu...

[Show more]

Preview 3 out of 18  pages

  • August 15, 2024
  • 18
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • ServiceNow VRM
  • ServiceNow VRM
avatar-seller
MGRADES
ServiceNow VRM Course UPDATED Exam
Questions and CORRECT Answers

What is VRM (Vendor Risk Management)? - CORRECT ANSWER- VRM Process of
ensuring the use of services and suppliers doesn't create unacceptable levels of risk or
negative impact for the business


How does VRM link to the GRC module? - CORRECT ANSWER- It is the fourth
application in the GRC suite. It can also be used as a standalone application


What are the 6 capabilities of VRM? - CORRECT ANSWER- 1. Vendor Portfolio
2. Vendor Tiering
3. Assessment Management
4. Vendor Portal
5. Issue + Remediation
6. GRC Integration


What is Vendor Portfolio? - CORRECT ANSWER- This is a database of vendors which
includes vendor info such as vendor contacts. It uses the existing company table in
ServiceNow.


What is Vendor Tiering? - CORRECT ANSWER- Assessments that are completed internally
to classify vendors into categories of potential risk and ensure organisations are appropriately
assessing their vendors by deciding which assessments are used going forward for that
vendor, based on its tier.


What is Assessment Management? - CORRECT ANSWER- Companies can create
Questionnaire and Doc Request templates to build assessment templates to use to assess
Vendors. Or companies can use the built-in SIG questionnaire.


What is Vendor Portal? - CORRECT ANSWER- This is where communication between the
company and vendors are done. Vendors can view their assessments, issues and tasks on this
portal.

,What is Issue + Remediation? - CORRECT ANSWER- When Vendor Assessments aren't
deemed correct, Issues + Tasks can be automatically/manually raised by the Company to
address the problem.


What is GRC Integration? - CORRECT ANSWER- Questions within a questionnaire
template can be associated with Control Objectives. This in turn will then change control
compliance based on vendor responses.


VRM Benefits? - CORRECT ANSWER- - Efficiency through automation of processes
- Reduce risk exposure
- Ability to respond to higher risk vendors with constant assessment
- Increased communication with Vendors


What are the Tiering levels? - CORRECT ANSWER- None, Minor, Low, Moderate, High,
Critical


Are tiers maintained internally (company) or externally (vendor)? - CORRECT ANSWER-
Internally


How does Tiering work? - CORRECT ANSWER- - Create and complete Tiering assessment
- Tier assigned to vendor
- Tier based submission rule decides what assessment to send to vendor based on it's newly
assigned tier


What is a Tiering Assessment made up of? - CORRECT ANSWER- Tiering questionnaire
template


Is a tiering questionnaire template made of metrics categories and metrics OR other templates
(assessment/doc request) - CORRECT ANSWER- Metrics categories and metrics


What is a Vendor Risk Assessment made up of? - CORRECT ANSWER- 1. Assessment
Template
2. Vendor

, What is an Assessment Template made up of? - CORRECT ANSWER- Metric Types:
1. Questionnaire Template
2. Doc Request Template


What is Vendor Security Score used for? - CORRECT ANSWER- Allows companies to
validate that vendors are maintaining their security posture. This then allows to prioritize
vendor relationships and management, including conducting assessments if scores change
(using score based submission rules)


What is Vendor security score made up of? - CORRECT ANSWER- 1. Network security
2. Hacker chatter
3. Patching cadence


What does the Vendor Portal allow? - CORRECT ANSWER- 1. Assessment Management -
respond to assessments on the portal
2. Issues + Tasks - Companies can create issues to remediate problems with assessments
3. Vendor contact Management - vendor can communicate with different functional groups.
Tasks can be assigned across vendors team


Can a Vendor Risk Assessment be submitted to a vendor without a primary contact? -
CORRECT ANSWER- No. Primary contact is required.


(Checkbox on vendor contact form)


What is the unique identifier for VRM? - CORRECT ANSWER- sn_vdr_risk_asmt


3 key INTERNAL roles? - CORRECT ANSWER- 1. vendor risk manager - manages
questionnaire, doc request and assessment templates + below
2. vendor risk assessor - manages, vendors, contacts, assessments + below
3. vendor risk reviewer - view and edit vendor reponses


What table are vendors stored? - CORRECT ANSWER- core_company

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller MGRADES. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $9.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

81989 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$9.49
  • (0)
  Add to cart