CIS-RCI Online Practice Questions and Answers

Which of the following statements correctly describe the risk management lifecycle process?

A. Access, Identify and Plan, Control, Review

B. Control, Review, Assess, Identify and Plan

C. Identify and Plan, Assess, Control, Review

D. Identify and Plan, Review, Assess, Control

What would you leverage in order to provide users with an alternate user experience to view policies, create policy exceptions, and search for controls?

A. Help Desk Portal

B. Catalog Portal

C. Access Portal

D. Service Portal

The Risk Scoring values are entered on the Risk Statement. What records inherits the values from the Risk Statement?

A. Risk Criteria Matrix

B. Risk Framework

C. Registered Risk

D. Risk Response Issue

For Control records, who can modify the Control in the Draft state?

A. All compliance users

B. Only the Compliance Manager

C. Only the person assigned the Attestation

D. Only Control Owners

Control indicators may be triggered or scheduled in which state?

A. Retired

B. Monitor

C. Review

D. Attest

E. Draft

Possible regulations when Entity scoping for Healthcare: (Choose two.)

A. HITRUST

B. FISMA

C. HIPAA

D. HETRUST

The SOX content pack includes a series of policies, control, risks. How are all of these components linked together?

A. Mapping File

B. Manually

C. Automatically

D. Batch import

The Tablename.config:

A. Displays the configuration list view of the table in the browser tab

B. Displays the table in list view within the Content Frame

C. Displays the table in list view within a separate browser tab

D. Displays the configuration list view of the table in the Content Frame

Control Failure Factor represents the impact of Control Failures on what score?

A. Inherent

B. Residual

C. Total

D. Calculated

Which role(s) has the capability to create Policies? (Choose two.)

A. Compliance Manager

B. Compliance admin

C. Compliance User

D. Risk Manager