How do you populate the Control Method field with a new custom value, such as a third-party application'?
A. Enter the new value directly in the Control method field.
B. Use Lookup Meaning of the new lookup value.
C. Use Lookup Code of the new lookup value.
D. Use Lookup Type of the new lookup value.
A Control Manager has changed the status of an issue to "In Remediation" and has submitted it. What will be the state of the Issue if there is no issue validator, reviewer, or approver configured?
A. In Review
B. Active
C. Reported
D. Approved
E. In Edit
You have five business units in our company, BU1 through BU5. You want to build a transaction model to identify suppliers who have been paid more than $100,000 USD across all business units except BU5. Which two filters must be combined? (Choose two.)
A. Add a standard filter where the "Payment" object's "Organization ID" equals BU1, BU2, BU3, BU4.
B. Add a function filter grouping by "Supplier ID" where the sum of "Payment Amount" is greater than 100,000.
C. Add a function filter grouping by "Organization ID" where the sum of "Payment Amount" is greater than 100,000.
D. Add a standard filter where the "Payment" object's "Organization ID" equals BU5, and advanced option "Exclude" is checked.
E. Add a standard filter where the "Payment" object's "Organization ID" is equal to itself.
You are configuring security and you do not want the risks to go through the review and approve process each time they are updated. How will you meet this requirement?
A. Add the Risk Reviewer Composite duty role to the person who creates the risks so he or she would be able to review them before saving the record.
B. Use only the Risk Approver Composite duty role in the configurations so the risks will not go through the review process.
C. Ensure that only the upper management is given the Risk Reviewer Composite duty role so they could review the risks that they want to review.
D. Ensure that no user has been assigned a job role that includes the Risk Reviewer Composite or Risk Approver Composite Duty Role.
You have two segregation of duties requirements:
1) a user can access either the supplier creation pages or the invoice pages, but not both.
2) a user can access either the invoice creation pages or the payment creation pages, but not both.
How must these requirements be met in Advanced Access Controls?
A. Construct one model with three condition filters where the Function Name Equals "Create Supplier", "Create Invoice" and "Create Payment"
B. Construct two models, and create controls based on the models: "Create Supplier and Create Invoice", "Create Invoice and Create Payment"
C. Construct three controls, and create controls based on the models: "Create Supplier and Create Invoice", "Create Invoice and Create Payment", "Create Supplier and Create Payment"
D. Construct one model: "Create Supplier and Create Invoice and Create Payment"
E. Construct one entitlement: "Create Supplier and Create Invoice and Create Payment"
You want to identify Controls with the most Incidents, with the condition that the identified Controls should
have 80% of all Incidents. To do this, you have imported a custom object that contains the number of
incidents associated with each control, and have added that object to a transaction model.
Which pattern filter must you now apply?
A. Anomaly Detection
B. Mean
C. Pareto
D. Absolute Deviation
E. Clustering
How do you associate a risk to a control?
A. On the Related Controls tab of risk definition, add the control.
B. To associate a control to a risk, the control needs to be in the Review state.
C. In the related object section of process definition, add the control to the risk.
D. On the Related Objects tab of control definition, add the risk.
E. The only way to create risk-control associations is through data import.
Which three objects can be related to issues when creating an issue on the Manage Issues page? (Choose three.)
A. Test Plans
B. Assessments
C. Processes
D. Perspectives
E. Risks
F. Controls