Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. ServiceNow
  3. CIS-TPRM

ServiceNow CIS-TPRM Exam (page: 2)
ServiceNow Certified Implementation Specialist - Third-party Risk Management
Updated on: 02-Mar-2026

Viewing Page 2 of 9
CIS-TPRM PDF 60 Questions

What other record is created when an element classification is created?

  1. Classification component definition
  2. Classification component criteria
  3. Engagement component definition
  4. Engagement component criteria

Answer(s): B

Explanation:

When an element classification is created in ServiceNow TPRM, a Classification Component Criteria record is also created. This defines the specific criteria or attributes associated with the classification, helping to standardize risk assessments and evaluations.



To what do third parties have direct access?

  1. Update and respond to issues and tasks
  2. View other third party's assessment responses
  3. Modify issue remediation workflow
  4. View other third party's issues and tasks

Answer(s): A

Explanation:

Third parties have direct access to update and respond to issues and tasks assigned to them through the Third-party Portal, enabling them to provide required information and complete assessments without accessing unrelated third-party data.



What are benefits of creating Question Banks? (Choose two.)

  1. An entire category and all its metrics from a question bank can be added to a questionnaire template
  2. The auto assessment generator can randomly select metrics from a question bank to create a questionnaire template
  3. Responses to individual metrics belonging to a question bank will be tracked in the question bank
  4. Individual metrics from a question bank can be added to a questionnaire template

Answer(s): A,D

Explanation:

Question Banks allow organizations to reuse predefined sets of questions efficiently. An entire category and all its metrics can be added to a questionnaire template (A), and individual metrics can also be selectively added to a template (D), enabling flexibility and consistency in assessments.



What statements can be made about the Third-party tier? (Choose two.)

  1. It is leveraged to decide whether to do business with a third-party, or not
  2. It is leveraged to identify the appropriate assessment to send to the third-party
  3. It is required to generate a third-party assessment
  4. It can be manually set or set via the Third-party Tiering process

Answer(s): B,D

Explanation:

The Third-party tier is used to determine the appropriate assessment to send to a third-party and can be either manually set or automatically determined through the Third-party Tiering process, providing a structured approach to risk evaluation.



What application provides the capability to define multiple levels of approvals for an employee with the sn_grc_appr.admin role?

  1. Approval Configurator
  2. Multiple Approver Manager
  3. Multi-level Approval Manager
  4. IRQ ApprovalConfigurator

Answer(s): A

Explanation:

The Approval Configurator application allows users with the sn_grc_appr.admin role to define multiple levels of approvals in ServiceNow, enabling complex approval workflows based on configurable business rules.



What can be said concerning the number of third-party contacts?

  1. A third party must have one designated internal third-party manager
  2. A third party can designate more than one contact as the primary, but must have a minimum of one primary contact
  3. A third party can only designate one contact as the primary contact, but may have multiple non-primary contacts
  4. A third party can only designate one contact as the primary and must have a minimum of one non-primary contact

Answer(s): C

Explanation:

A third party in ServiceNow TPRM can designate only one contact as the primary contact to manage communications and responsibilities, while allowing multiple non-primary contacts to participate in assessments and document submissions.



What are benefits of using the Third-party Portal? (Choose two.)

  1. The Third-party Portal consolidates all communications and artifacts to a single system of truth
  2. Third-party Portal allows the Third-party Risk Assessor team to reassign parts of a Inherent Risk Assessment
  3. The Third-party Portal matches a database of documents to document requests
  4. The Third-party Portal reduces risk for an organization by enabling secure communications with the third- party
  5. The Third-party Portal can be leveraged by the third party to work with other partners

Answer(s): A,D

Explanation:

The Third-party Portal provides a centralized system of truth for all communications and artifacts with third parties and reduces organizational risk by enabling secure and controlled interactions with third parties.



What is the minimum role required to create event-driven rules?

  1. sn_vdr_risk_asmt.vendor_risk_manager
  2. sn_vdr_risk_asmt.vendor_risk_due_dilligence
  3. sn_vdr_risk_asmt.vendor_risk_admin
  4. sn_vdr_risk_asmt.vendor_risk_assessor

Answer(s): C

Explanation:

The sn_vdr_risk_asmt.vendor_risk_admin role is the minimum role required to create event-driven rules in ServiceNow TPRM, as it provides administrative permissions to configure and manage automated risk workflows.



Viewing Page 2 of 9



Share your comments for ServiceNow CIS-TPRM exam with other users:

whoAreWeReally 12/19/2023 8:29:00 PM

took the test last week, i did have about 15 - 20 word for word from this site on the test. (only was able to cram 600 of the questions from this site so maybe more were there i didnt review) had 4 labs, bgp, lacp, vrf with tunnels and actually had to skip a lab due to time. lots of automation syntax questions.
EUROPEAN UNION


vs 9/2/2023 12:19:00 PM

no comments
Anonymous


john adenu 11/14/2023 11:02:00 AM

nice questions bring out the best in you.
Anonymous


Osman 11/21/2023 2:27:00 PM

really helpful
Anonymous


Edward 9/13/2023 5:27:00 PM

question #50 and question #81 are exactly the same questions, azure site recovery provides________for virtual machines. the first says that it is fault tolerance is the answer and second says disater recovery. from my research, it says it should be disaster recovery. can anybody explain to me why? thank you
CANADA


Monti 5/24/2023 11:14:00 PM

iam thankful for these exam dumps questions, i would not have passed without this exam dumps.
UNITED STATES


Anon 10/25/2023 10:48:00 PM

some of the answers seem to be inaccurate. q10 for example shouldnt it be an m custom column?
MALAYSIA


PeterPan 10/18/2023 10:22:00 AM

are the question real or fake?
Anonymous


CW 7/11/2023 3:19:00 PM

thank you for providing such assistance.
UNITED STATES


Mn8300 11/9/2023 8:53:00 AM

nice questions
Anonymous


Nico 4/23/2023 11:41:00 PM

my 3rd purcahse from this site. these exam dumps are helpful. very helpful.
ITALY


Chere 9/15/2023 4:21:00 AM

found it good
Anonymous


Thembelani 5/30/2023 2:47:00 AM

excellent material
Anonymous


vinesh phale 9/11/2023 2:51:00 AM

very helpfull
UNITED STATES


Bhagiii 11/4/2023 7:04:00 AM

well explained.
Anonymous


Rahul 8/8/2023 9:40:00 PM

i need the pdf, please.
CANADA


CW 7/11/2023 2:51:00 PM

a good source for exam preparation
UNITED STATES


Anchal 10/23/2023 4:01:00 PM

nice questions
INDIA


J Nunes 9/29/2023 8:19:00 AM

i need ielts general training audio guide questions
BRAZIL


Ananya 9/14/2023 5:16:00 AM

please make this content available
UNITED STATES


Swathi 6/4/2023 2:18:00 PM

content is good
Anonymous


Leo 7/29/2023 8:45:00 AM

latest dumps please
INDIA


Laolu 2/15/2023 11:04:00 PM

aside from pdf the test engine software is helpful. the interface is user-friendly and intuitive, making it easy to navigate and find the questions.
UNITED STATES


Zaynik 9/17/2023 5:36:00 AM

questions and options are correct, but the answers are wrong sometimes. so please check twice or refer some other platform for the right answer
Anonymous


Massam 6/11/2022 5:55:00 PM

90% of questions was there but i failed the exam, i marked the answers as per the guide but looks like they are not accurate , if not i would have passed the exam given that i saw about 45 of 50 questions from dump
Anonymous


Anonymous 12/27/2023 12:47:00 AM

answer to this question "what administrative safeguards should be implemented to protect the collected data while in use by manasa and her product management team? " it should be (c) for the following reasons: this administrative safeguard involves controlling access to collected data by ensuring that only individuals who need the data for their job responsibilities have access to it. this helps minimize the risk of unauthorized access and potential misuse of sensitive information. while other options such as (a) documenting data flows and (b) conducting a privacy impact assessment (pia) are important steps in data protection, implementing a "need to know" access policy directly addresses the issue of protecting data while in use by limiting access to those who require it for legitimate purposes. (d) is not directly related to safeguarding data during use; it focuses on data transfers and location.
INDIA


Japles 5/23/2023 9:46:00 PM

password lockout being the correct answer for question 37 does not make sense. it should be geofencing.
Anonymous


Faritha 8/10/2023 6:00:00 PM

for question 4, the righr answer is :recover automatically from failures
UNITED STATES


Anonymous 9/14/2023 4:27:00 AM

question number 4s answer is 3, option c. i
UNITED STATES


p das 12/7/2023 11:41:00 PM

very good questions
UNITED STATES


Anna 1/5/2024 1:12:00 AM

i am confused about the answers to the questions. are the answers correct?
KOREA REPUBLIC OF


Bhavya 9/13/2023 10:15:00 AM

very usefull
Anonymous


Rahul Kumar 8/31/2023 12:30:00 PM

need certification.
CANADA


Diran Ole 9/17/2023 5:15:00 PM

great exam prep
CANADA