Questions
ayuda
option
My Daypo

ERASED TEST, YOU MAY BE INTERESTED ONRisk Management 2018 1z0-958

COMMENTS STATISTICS RECORDS
TAKE THE TEST
Title of test:
Risk Management 2018 1z0-958

Description:
Questions and answers

Author:
Vlad Te
(Other tests from this author)

Creation Date:
16/02/2020

Category:
Others

Number of questions: 74
Share the Test:
Facebook
Twitter
Whatsapp
Share the Test:
Facebook
Twitter
Whatsapp
Last comments
No comments about this test.
Content:
Your customer needs to conduct monthly Operational Effectiveness assessments for controls across two organizations (North America and EMEA). Your customer requires that assessment results for North America be accessible only to users in North America and likewise for EMEA. Additionally, the Chief Risk Officer reviews the assessment results by Business Process every week. How should you design perspectives to achieve this? Use the Region hierarchy for security and the Business Process hierarchy for reporting of controls. Use the Region hierarchy initially, and later use both Region and Business Process hierarchies for security. Use both Region and Business Process hierarchies solely for reporting purposes. Use the Business Process hierarchy for security and the Region hierarchy for reporting of controls.
When you view or edit a transaction incident, you may see extra columns that are not present in the business objects used in the control. What three kinds of control logic or conditions can cause this? (Choose three.) Equals (when the same attribute is used on both sides of the condition) Not in Similar Average Function Between (when using a date attribute).
Which two filters must be combined to identify different suppliers who use the same taxpayer ID? (Choose two.) Function filter grouping by "Supplier ID" where count is greater than 1 Standard filter where the “Supplier” object’s “Supplier ID” is equal to itself. Function filter grouping by “Taxpayer ID” where count is greater than 1. Standard filter where the “Supplier” object’s “Allow Withholding Tax” is not blank. Standard filter where the “Supplier” object’s “Taxpayer ID” is not blank.
Select three fields that are required to create an impromptu assessment. (Choose three.) Due Date Template Name Reviewer Perspectives Activity.
You completed the data migration successfully. You created 100 controls, an Organization Perspective, and relationship of controls to the Organization Perspective. All controls are related to one perspective item. The Control Manager logs in to the application to view the new controls, yet there are none available for his or her review. Identify three reasons for this. (Choose three.) The Control Manager was not given the correct data security policy to access the controls. The Perspective Hierarchy was not associated to the Control Object There was no Control Type associated with the controls. The Perspective Hierarchy is not in the Approved state. No risk were mapped to the imported controls.
What would happen to an access incident in Advanced Access Controls (AAC) that has been remediated and has a status of “Closed,” but poses a conflict again during a subsequent evaluation of controls?(Choose two) The incident is deferred. The incident remains in “Closed” status and additional remedial action cannot be taken. The incident remains in “Closed” status and assigned users receive a notification that additional access incidents have been identified. The incident is copied and a new incident is created based on the original incident. The incident status changes to “Assigned.”.
You have built a transaction model to identify possible duplicate charges between invoicing and expense credit cards. The model logic already includes two standard filters that identify amounts and suppliers that are the same or similar, as shown: Which additional date filter will further refine the set of duplicate charges found? The “Payables Invoice” object’s “Invoice Date” attribute is greater than the “Expense Report Credit Card Transaction” object’s “Transaction Date” attribute. The “Expense Report Credit Card Transaction” object’s “Last Updated Date” attribute is greater than the “Relative Value” of 3 months. The “Expense Report Credit Card Transaction” object’s “Transaction Date” attribute is not blank. The “Payables Invoice” object’s “Invoice Date” attribute is similar to the “Expense Report Credit Card Transaction” object’s “Transaction Date” attribute within +/- 10 days.
You have imported risks in Financial Reporting Compliance using data migration. Your client is asking if you can add controls for these risks. Which two statements are true? (Choose two.) To relate controls to risks, the risks must be in “approved” state. You cannot use the Data Migration tool to add control records to map to existing risks. You can use the Data Migration tool to add control records for the existing risks. To relate controls, risks must be assigned to the same perspective that is assigned to the control you want to map it to. You can manually add control definitions and relate them to the risks in Financial Reporting Compliance.
Your customer has a requirement to define an IT Compliance Manager job role with privileges to manage risks and controls, and the issues related to the risks and controls. What are the duty roles that must be included in this job role to achieve this requirement? Seeded Issue Manager Composite and Issue Validator Composite Seeded Risk Issue Manager and Control Issue Manager Seeded Issue Manager Composite Seeded Risk Manager Composite, Control Manager Composite, and Issue Manager Composite.
The GRC Business owner responsible for reviewing and investigating access incidents related to the “Order to Cash” perspective does not see any worklists for the generated results. You have validated that: 1. Other business owners are able to view their assigned worklists without any problem 2. Incidents have been generated for the controls related to Order to Cash 3. The business owner’s assigned roles contain the correct functional privileges and data access to the correct perspective values What is the reason the business owner cannot see any worklists for the generated incidents? The Result Management Perspective Assignment has not been linked. The underlying model is not linked to Order to Cash. The business owner was recently assigned the role and the worklist needs to be refreshed. Worklist assignment does not include the business owner. The Control Perspectives are not linked to the control.
You are implementing Advanced Access Controls for a client. You need to create a model that returns users who have been assigned a specified access point but excludes a specific operating unit. Which business object(s) do you need to add to your model to accomplish this objective? Access Point and Fusion Access Condition Access Entitlement Access Point and User Business Object Access Point Fusion Access Condition.
Which two options can be assigned to a duty role? (Choose two.) Functional Security Policy Abstract Role Data Security Policy Job Role.
You are gathering requirements on how your client performs control assessments. Which three tasks should you complete to set up assessments in Financial Reporting Compliance? (Choose three.) Identify the type of assessments included in each assessment cycle. Understand the sample size for each audit test. Determine if control assessments are planned ahead of time or are run impromptu. Determine the main objectives of deploying the control. Determine whether assessments templates, plans, and completed assessments need to go through a review and approve workflow.
You are implementing Advanced Access Controls and there is a requirement for a control to monitor user access to specific, client-defined access points which give users the ability to both initiate a purchase order and approve payments on that purchase order. Which is a valid option to implement the control? From the “Access Entitlements” page create two entitlements containing the respective client-defined access points. Create an access model from the “Models” tab of Advanced Controls, based on the entitlements you created. Select Actions > Create Access Control from the “Controls” tab of Advanced Controls. Create an access model from the “Models” tab of Advanced Controls, and then define an access point filter for each individual client-defined access point. From the “Access Entitlements” page create two entitlements containing the respective client-defined access points. Create an access model from the “Models” tab of Advanced Controls, based on the entitlements you created. Finally, deploy an access control in the “Controls” tab of Advanced Controls, and select the access model you created. Create an access entitlement from the “Access Entitlements” page, then select Actions > Create Access Control from the “Controls” tab of Advanced Controls, and select the entitlement you created.
Your client has configured separate roles for control assessor and control assessment reviewer. The control assessor has submitted his or her assessment. The control assessor realizes later that he or she has forgotten to attach a critical test evidence document to the assessment and needs to attach it now. How can this be accomplished? The assessor can request the reviewer to attach the document during the review. On the Assessment tab in the Control definition, the assessor can select the assessment and click the Complete Assessment button. He or she can attach the document and resubmit the assessment. The assessor can request the reviewer to reject the assessment. After the assessment is rejected, the assessor can then attach the document and resubmit the assessment. On the Manage Assessments page, the assessor can select the assessment and click the Reopen button. He or she can then attach the document and resubmit the assessment.
You are building a transaction model to identify invoices with USD amounts that are greater than the supplier’s average invoice amount. The order of the filters is important. 1. Add an “Average” Function filter grouping by “Supplier ID” where “Invoice Amount” is greater than 0. 2. Add a standard filter where “Invoice Currency” equals “USD.” 3. Add a standard filter where the delivered “Average Value” attribute is less than “Invoice Amount.” What is the correct order of the filters for this transaction model? 1, 3, 2 1, 2, 3 2, 3, 1 3, 2, 1 2, 1, 3.
During implementation, you created a risk object and successfully mapped it to a control object. The client’s Risk Owner is able to access the risk but not the control. Why did this happen? The Risk Administrator needs to run the synchronize jobs to populate the mapping. The Risk Owner account is inactive. The Risk Owner role does not have the right privileges. The risk and control objects are inactive and need to be made active.
You are working with the customer to gather Risk-Control data for the data import process. The customer has information in multiple formats. Which format should be used for importing the data? .xlsx .doc .pdf .xml .txt.
How do you add values to a Risk Type list of values? Populate the Import template with the new values in the Issue Severity column on the Controls tab. Add the lookup codes to the GRC_RISK_TYPE Lookup Type. Because you cannot add new values, update one of the existing lookup codes to what the client wants it to be. Add the lookup codes to the GRCM_RISK_TYPE Lookup Type. Use the default lookup codes because there is no way to update the existing ones.
You can relate objects in Financial Reporting Compliance. Which statement is true about editing or creating related objects in the Related Objects section on the Risk Definition page? You can relate only process objects. You can relate a new process and a new control. You can relate only control objects. You can relate only an existing control, but not a new control.
Which statement related to Advanced Access Controls is true? If helps enforce segregation of duties. If helps perform risk analysis and evaluation. It analyzes transaction records. It documents risks and controls.
At the last step of initiating assessments, the assessment manager sees who the assessment participants are (to complete, review, and approve the assessments). If the assessment manager wants to change the participant, who completes the assessment, what should he or she do? Modify the perspective hierarchy in the last step of initiating assessments. Modify the participant list in the last step of initiating assessments. Request the administrator to change the Perspective in Data Security Policy for the Control Manager’s job role. It is not possible to change the participants after Data Security Policies are assigned. Request the administrator to assign Data Security Policies with correct perspectives to the Assessor’s job role.
You have scheduled quarterly assessments for a Control object at the beginning of the year with future dates. However, the test plans associated with the Control object were updated before the assessment could be started. Which statement is true about this scenario? The user will have the option to select the older or newer versions of the test plans during the assessment process. The scheduled assessment process will end in error. The assessment will be associated with the version of the test plans from the time of assessment initiation. The updated test plans will become available during the assessment.
The control manager needs to associate an existing test plan to an additional assessment type, Audit Test. The existing test plan is associated only with the Design Review assessment type. How can this be accomplished? The control manager should create a new test plan with Audit Test and Design Review as assessment types. The control’s test plan should be updated to include both Audit Test and Design Review as assessment types. The control manager does not need to update the control because any initiated assessment will include all control test plans. The control’s test plan should be updated to Audit Test as the assessment type.
During an assessment, an issue was created. Your job as the Issue Manager is to review the issues and validate them. If it is determined that they are not valid issues, you need to close them. You have found an issue that is not valid and with Status: Open and State: Reported. Identify the correct step to close this issue. On the Manage Issues page, highlight the issue and click the Close button. The assessment associated to the issue must be completed before closing the issue. Only then can you close the issue. After you have completed the remediation plan, click the Close button on the Remediation Plan page Ensure that the issue status is In Edit, and then from the Actions menu, select Close Issue.
Which three risk assessment activity types are available in Financial Reporting Compliance? (Choose three.) Design Review Qualitative Analysis Quantitative Analysis Certify Audit Assess Risk.
Which three statements are true about the purpose of perspectives? (Choose three.) Perspectives can be used to define user privileges. Perspectives can be used for categorizing Financial Reporting Compliance objects. Perspectives can be used to represent regional hierarchies. Perspectives are used to enable data security on Financial Reporting Compliance objects Perspectives enable functional security in Financial Reporting Compliance.
You have defined an initial Perspective Hierarchy for your client in the Advanced Controls module. After refining their business requirements, your client wants to expand the existing hierarchy to include 150 perspective items in various levels. For efficient processing, you decide to use the GRC data migration feature to import the new items. Which three are valid processing steps required to define the export file? (Choose three.) Navigate to Risk Management Tools > Setup and Administration > Data Migration, and select Advanced Controls. Generate Template as Without Data. Navigate to Manage Module Perspectives. Generate Template as Without Data – Perspectives Only. Click the Create Import Template button.
During implementation, you created a Financial Reporting Compliance superuser and assigned this user the following roles: Enterprise Risk and Control Manager IT Security Manager Employee The superuser logs in to Financial Reporting Compliance but is not able to create new Data Security Policies. What is wrong? The superuser’s account is inactive and his or her account needs to be activated. The application will not allow a user to both create users and assign them roles. The superuser’s account is created but the synchronization jobs have not been run. The superuser’s account is not yet approved by his or her supervisor in Financial Reporting Compliance.
When running Synchronize Transaction from the Data Sources page of Application Configurations, which statement is true when you have two models using invoice and payment business objects? One job will run for the two objects based on transactions dated before the Transaction Created As of Date. One job will run for the two objects and the Transaction Created As of Date has no impact on the data. One job will run for the two objects based on transactions dated after the Transaction Created As of Date. Two jobs will run for the two objects based on transactions dated after the Transaction Created As of Date.
You have completed the data import process with no errors. You created process, risks, controls, and one perspective. Controls were related to perspectives. You have provided the customer with the Control Manager security role. When the customer logs in to Financials Risk Compliance (FRC), the customer cannot see any controls. Which step was missed during the import process? Data security policies for Controls were not created. The Controls were not related to any risk objects. The parent process was never approved. The Control Method was not set to a valid value.
You want to identify Controls with the most Incidents, with the condition that the identified Controls should have 80% of all Incidents. To do this, you have imported a custom object that contains the number of incidents associated with each control, and have added that object to a transaction model. Which pattern filter must you now apply? Anomaly Detection Mean Pareto Absolute Deviation Clustering.
Which part of the security structure cannot be created or viewed from the Security Console, when configuring security for Financial Reporting Compliance? Composite Duty Role Job Role Perspective Policy Data Security Policy Functional Security Policy.
Your client has subscribed to Financial Reporting Compliance and would like to address risks using treatment plans. Which option shows the settings that will help in achieving this configuration? Configure Module Perspectives > Edit Financial Reporting Compliance > Risk-Organization mapping set to required, active. Configure Module Objects > Edit Risk Object Configuration > Treatment = Show Configure Module Objects > Edit Risk Object Configuration > Treatment = Hide and Default Configure Module Objects > Edit Control Object Configuration > Result = Show Configure Module Objects > Edit Risk Object Configuration > Result = Show.
An assessor is trying to complete an operational assessment on a control for manual AP Invoice entry and is reviewing Prior Results. Which statement is true about viewing Prior Results for this control? He or she will be able to review results of all prior assessments of all types for this control. He or she will be able to review results of all prior Audit tests and operational assessments for this control. He or she will be able to review only results of prior operational assessments for this control. He or she will be able to review results of all prior operational assessments for all controls. He or she will be able to review results of all prior assessments of all types for all controls.
You are remediating access incidents in Advanced Access Controls (AAC), and have just completed the remediation of a segregation of duties conflict for users in Fusion Security by removing the conflicting access from the users. What status do you set for the incident in AAC? Resolved Remediation Remedy Authorized Accepted.
How do you identify Financial Reporting Compliance Cloud’s key stakeholders? Identify users who need to create and submit expense reports easily. Identify users who will create customer invoices, and receive and apply customer payments. Identify executives who need to certify internal controls for SOX or similar mandates. Identify executives who will manage customer balances and recognize revenue.
You have created a risk definition R100 and have created a new control C100 for this risk. No user has been assigned the Risk or Control reviewer and approver roles. What will be the state of R100 and C100 after submitting? Both R100 and C100 will be in the “In Review” state. Both R100 and C100 will be in the “Awaiting Approval” state. Both R100 and C100 will be in the “Approved” state. Both R100 and C100 will be in the “New” state.
You build an access model with two entitlements. Each entitlement has four access points. The entitlements do not have any access points in common. How many access point combinations will be analyzed? 20 16 8 4 25.
Which three are true about implementing a best practice solution for Financial Reporting Compliance? (Choose three.) Large scope of project requires high effort for maintenance and administration. It promotes rapid implementation and go-live. It promotes go-live with minimal acceptance testing and user training. It provides maximum return on investment with minimum project risk. It promotes successful adoption and minimizes on-going cost of operation.
After adding a new control in Financial Reporting Compliance, the control owner clicks Submit. Users with the Control Reviewer and Control Approver roles exist. What is the expected outcome? The control goes into the “Waiting for Approval” state. The control goes into the “New” state. The control goes into the “Approved” state. The control goes into the “In Review” state.
When validating imported data, the control manager at your client has identified an incorrect Risk-Control mapping; that is, Control A was mapped incorrectly to Risk B instead of Risk A. What needs to be done to fix the mapping? A: Edit Process A definition > Remove the Control A - Risk B relationship and add Control A - Risk relationship B: 1. Edit Risk B definition > Set status to Inactive 2. Edit Control A definition > Add related Risk A C: Edit Control A definition > Remove related Risk B and add related Risk A D: 1. Edit Risk A definition > Add related Control A 2. Edit Risk B definition > Remove related Control A Option A Option B Option C Option D.
After generating an XML file export of Advanced Controls perspectives, you receive a message that the export job has been generated. What are the three steps you need to perform in order to download and review the formatted export file? (Choose three.) Open with an XML editor, such as Excel. Navigate to Monitor Jobs and click the message link for the export job. Click the Item Results link. Click the Export File button. Open with an HTML editor.
Which three tasks should be completed before starting the Financial Reporting Compliance implementation? (Choose three.) Migrate the organization’s existing risk and control matrix into Financial Reporting Compliance. Complete control review and assessment for one period/cycle with the actual business owners. Create a project plan with objectives, goals, and exit criteria. Identify Financial Reporting Compliance users for everyday use, administration, and sustained use. Plan to go-live with a simple scope and later expand the solution to include additional business units/organizations/compliance frameworks.
Your client has asked you to define a transaction model to identify duplicate invoices based on Invoice Numbers and Invoice Amounts. Which two standard filters can be combined to accomplish this? (Choose two.) The “Payables Invoice” object’s “Supplier ID” does not equal itself. The “Payables Invoice” object’s “Invoice ID” is similar to the “Payables Invoice” object’s “Invoice Number”. The “Payables Invoice” object’s “Invoice Amount” is equal to itself. The “Payables Invoice” object’s “Invoice Number” is equal to the “Payables Invoice” object’s “Invoice ID.” The “Payables Invoice” object’s “Invoice Number” is equal to itself.
A user has created and submitted a new control and the state of the control is “In Review.” The user expected that the control state would change to “Approved.” Why is the control not in the “Approved” state? This user is not a Control Approver; therefore, the status will be “In Review.” The Control Reviewer role has been assigned to some users. New controls must always be reviewed, irrespective of security configuration. The Control Approver role has been assigned to some users.
The internal auditor advised the Control Owner of North America to perform assessment for two P2P controls. Which three steps can the Control Owner perform to kick-off assessments for only those two controls? (Choose three.) Initiate a planned assessment that includes all controls assigned to perspective P2P. Perform impromptu assessments for the two controls. Enable impromptu assessments during configuration of module objects. Initiate a planned assessment and include the two controls as part of the same assessment. Initiate two planned assessments, one for each control.
You need to schedule the report “Access Violations by User.” Which two steps do you take to create the saved parameters for the report schedule? (Choose two.) Navigate to Administration Reports. Highlight the report name and click Run Now. Navigate to Scheduling under Setup and Administration. Click Save Report Parameters to create saved settings. Select Display Scheduled Reports.
You have two segregation of duties requirements: 1) a user can access either the supplier creation pages or the invoice pages, but not both. 2) a user can access either the invoice creation pages or the payment creation pages, but not both. How must these requirements be met in Advanced Access Controls? Construct one model with three condition filters where the Function Name Equals “Create Supplier”, “Create Invoice” and “Create Payment” Construct two models, and create controls based on the models: “Create Supplier & Create Invoice”, “Create Invoice & Create Payment” Construct three controls, and create controls based on the models: “Create Supplier & Create Invoice”, “Create Invoice & Create Payment”, “Create Supplier & Create Payment” Construct one model: “Create Supplier & Create Invoice & Create Payment” Construct one entitlement: “Create Supplier & Create Invoice & Create Payment”.
Which two activities can be performed using Financial Reporting Compliance? (Choose two.) Review and approve the accuracy and completeness of control descriptions. Gain real-time access to live financial data and proactively resolve issues. Continuously monitor financial transactions and role-based remediation of transaction incidents. Review control assessment results, along with any effectiveness issues found. Provide self-service access to reporting and analysis against financial transactions. Conduct intuitive audits of general ledger balances with journal details.
Which controls can user A access and manage for the following Control Manager role configuration? See details of perspective trees and control-perspective association below. None Controls 2 and 3 Only Control 1 All controls Controls 1, 2, and 3.
Your client needs to perform Design Review and Certification assessment for all their controls. Identify two options that show how this requirement can be met. (Choose two.) Option A Option B Option C Option D Option E.
Identify the four statuses and states in which you can edit an issue’s description, assuming you have the necessary privileges to edit the issue. (Choose four.) Status: On Hold; State: In Review Status: Closed; State: Final Close Status: Open; State: Approved Status: Closed; State: Closed – Awaiting Approval Status: Open; State: In Edit Status: On Hold; State: Awaiting Approval Status: Open; State: New Status: On-Hold; State: Reported.
Which filter can be used to identify expense reports that contain suspicious expense type combinations, such as, a report for a single trip that contains taxi, car rental, and mileage expenses? Inclusive function filter grouped by the “Expense Report Information” object’s “Report Number” where the “Expense Type” has an “Equals” condition for values that include taxi, car, mileage. Inclusive function filter grouped by the “Expense Report Information” object’s “Report Number” where the “Expense Type” has an “In” condition for values that include taxi, car, mileage. Inclusive function filter grouped by the “Expense Report Information” object’s “Person” where the “Expense Type” has an “In” condition for values that include taxi, car, mileage. Inclusive function filter grouped by the “Expense Report Information” object’s “Report Number” where the “Expense Type” has an “In” condition for values that include taxi, car, mileage. Inclusive function filter grouped by the “Expense Report Information” object’s “Person” where the “Expense Type” has an “In” condition for values that include taxi, car, mileage.
Your client is configuring their Test pod (which has no data) and has created their initial import template with controls, test plans, perspectives, and perspective-control mappings. They have used custom list of values for Control Frequency. Which three tasks must be completed before performing the data import? (Choose three.) Validate that all nods on the Perspective Item tab are covered on the Perspective Hierarchy tab. Validate that the control-perspective relationship has been created in Manage Module Perspectives. Validate that new lookup values are created for any custom list of values. Validate that there are no duplicate worksheet IDs within the same worksheet. Validate that the System ID column is populated correctly.
You are configuring security and you do not want the risks to go through the review and approve process each time they are updated. How will you meet this requirement? Add the Risk Reviewer Composite duty role to the person who creates the risks so he or she would be able to review them before saving the record. Use only the Risk Approver Composite duty role in the configurations so the risks will not go through the review process. Ensure that only the upper management is given the Risk Reviewer Composite duty role so they could review the risks that they want to review. Ensure that no user has been assigned a job role that includes the Risk Reviewer Composite or Risk Approver Composite Duty Role.
You are designing data for data import. The customer decided that they want to secure controls based on their company organization. Which three worksheets of the import template are required to accomplish this requirement? (Choose three.) Perspective Items Controls Control Test Plans Perspective-Control.
Which two would need to happen in order for Advanced Access Controls (AAC) to automatically assign a status of “Closed” to an access incident? (Choose two.) The incident is resolved in Fusion Cloud and a subsequent evaluation of controls finds that the incident no longer exists. A global condition was added that resolves the conflict and a subsequent evaluation of controls finds that the incident no longer exists. A user sets the State of the incident to “Remediate”. The incident is resolved using simulation in AAC and a subsequent evaluation of controls finds that the incident no longer exists. A user sets the Status of the incident to “Resolved”.
Which two steps are required to set up two levels of approval for new controls, which are added after the initial import? (Choose two.) On the Controls tab of the Import template, set the control state to NEW for each control record. Identify the organizations or business units for which users will perform review or approval. Identify users who will perform control review and approval. Identify the other roles to be provided for control managers.
You have five business units in our company, BU1 through BU5. You want to build a transaction model to identify suppliers who have been paid more than $100,000 USD across all business units except BU5. Which two filters must be combined? (Choose two.) Add a standard filter where the “Payment” object’s “Organization ID” equals BU1, BU2, BU3, BU4. Add a function filter grouping by “Supplier ID” where the sum of “Payment Amount” is greater than 100,000. Add a function filter grouping by “Organization ID” where the sum of “Payment Amount” is greater than 100,000. Add a standard filter where the “Payment” object’s “Organization ID” equals BU5, and advanced option “Exclude” is checked. Add a standard filter where the “Payment” object’s “Organization ID” is equal to itself.
Which controls can user A manage for the following Control Manager role Configuration? See details of perspective trees and control-perspective association below. All controls Controls 2 and 4 Controls 1, 2, and 4 None Controls 1 and 2.
A Control Manager has changed the status of an issue to “In Remediation” and has submitted it. What will be the state of the Issue if there is no issue validator, reviewer, or approver configured? In Review Active Reported Approved In Edit.
You are helping your client identify and define their controls. You have determined that your client requires two perspectives: Business Units and Regulatory Standards. The controls are going to be secured by the business unit, and you want to ensure that when the client defines new controls, it is mandatory to assign a Business Units perspective to the control. You are going to set the “Required” field to “yes” for the Control-Business Units association. Where do you do this in the product? The Create Control screen The Manage Object Perspectives screen The Import template The Create Perspectives screen The Manage Module Perspectives screen.
You have created security roles for the Procure-to-Pay (P2P) Control Manager for the EMEA region in your client’s organization. But, there are two problems with his or her security configuration. Problem 1: This person should not receive notifications to complete control assessments, but currently he or she does. Problem 2: Also, although he or she has access to controls associated with EMEA, he or she is unable to access controls created for individual regions within EMEA. You have given him or her the following job role: EMEA P2P Control Manager Job Role Seeded Control Manager Duty Composite Seeded Control Certification Assessor Duty Composite EMEA P2P Control Manager Data Security Policy Seeded Control Manager Data Security Policy Perspective filter where Region Perspective “equals” EMEA Perspective filter where Process Perspective “equals” P2P Which two actions need to be taken to correct the problems? (Choose two.) Remove Control Certification Assessor Composite from the EMEA P2P Control Manager job role. Create EMEA P2P Control Certification Assessor Data Security Policy striped by both EMEA and P2P perspectives and assign to the job role. Add to the EMEA P2P Control Manager Data Security Policy the seeded Control Certification Assessor Data Security Policy. While defining data security policy, set the perspective value to EMEA including all child nodes of the EMEA region.
Your client has three operating units. What are two ways in which you can exclude an operating unit where there are not enough personnel to allow segregation of duties? (Choose two.) In a model, create a new condition logic filter, select the operating unit attribute, select the operating unit value, and then perform an exclusion though the advanced options check box. Navigate to the Create Access Global Condition page and create a new condition logic filter, select the operating unit attribute, select the operating unit value,and then perform an exclusion though the advanced options check box. Navigate to the Create Access Global Condition page and create a new condition logic filter, select the within same operating unit attribute, select the value yes, and then perform your exclusion though the advanced options check box. In a model, create a new condition logic filter, select the within same operating unit attribute, select the value yes, and then perform your exclusion though the advanced options check box. In a model, create a new condition logic filter, select the operating unit attribute and select the operating unit value.
You are implementing Advanced Access Controls for a client who wants to limit the seeded job role “Application Access Auditor”. This job role should NOT include system configuration duties, but allows the user to monitor jobs schedules for Advanced Controls. After the seeded job role is copied, that two duty roles should be removed to comply with the access restrictions? (Choose two.) Access Control Manager Advanced Control System Administrator Access incident Results Manager Application Data Source Manager Access Model Manager.
Which two should you determine to ensure that your client can successfully maintain and administer Perspectives post go-live? (Choose two.) Identify if your client wants to review and/or approve new perspectives or changes made to existing perspectives. Identify lookup values that need to be created for Control, Risk, and Issue Type fields. Identify users who will be responsible for creating and maintaining perspectives, both for security as well as reporting. Identify users who will be responsible for creating and maintaining controls and/or risks.
How do you populate the Control Method field with a new custom value, such as a third-party application’? Enter the new value directly in the Control method field. Use Lookup Meaning of the new lookup value. Use Lookup Code of the new lookup value. Use Lookup Type of the new lookup value.
Which three objects can be related to issues when creating an issue on the Manage Issues page? (Choose three.) Test Plans Assessments Processes Perspectives Risks Controls.
You are validating your customer’s import template before import. The customer requires that all controls be set up so they are noted to be used for the Audit Test assessment type. How do you verify that this has been done? The Assessment Flag and the Audit Testing Flag are both set to “Y.” The Control has a related process. The Control status filed is set to “Audit Test.” The Control comment filed has a notation for “Audit Test.”.
An organization has a list of companies with which they no longer wish to do business. The list is not stored in their ERP Could but is stored in a file. Which transaction model will identify payments made to these companies? Create an Imported business object that can be used in conjunction with Oracle’s pre-built “Payment” object. One both objects are in your model, add this standard filter: the “Payment” object’s “Remit to Supplier Name” is similar to the custom object’s “Company Name” by 95% Add a configurable attribute “Company Name” to Oracle’s pre-built “Payment” object. Then add this standard filter: “Remit to Supplier Name” equals “Company Name”. You cannot define this model because imported objects from a file cannot be used with delivered objects. Create an Imported business object that can be used in conjunction with Oracle’s pre-built “Payables Invoice” object. Once both objects are in your model, add this standard filter: the “Payables Invoice” object’s “Supplier Name” equals the custom object’s “Company Name”.
You are implementing Advanced Financial Controls and you want to identify suspect transactions where the payment amount is less than $20 USD. However, you only want the results returned to be temporary. What will you build in order to accomplish your objective? Template Control Model Filter Business object.
Which three steps can be performed by using the Configure Module Objects pages? (Choose three.) Choose display (or hide) configurable options for: results, events, consequences and treatments Set “object-perspective” association. Create object data import templates. Edit the assessment activity question and guidance text for all assessment types. View assessment response details for all assessment types.
You are advising your client on design and configuration related to how access incident results will be viewed and managed. The client has provided a list of business requirements: Incident results can be viewed by Department Groups of investigators receive assigned incidents based on Department Must ensure systematically that no incident is unassigned to an investigator Which three must be configured to support these requirements? (Choose three.) Worklist assignment Result Investigator should be set to specific users. Custom perspective for Department linked to the Results object with Required set to “No” Custom perspective for Department linked to the Results object with Required set to “Yes” Investigators are assigned job roles with custom Department perspective data roles attached. Other incident users receive job roles which only allow viewing of incidents. Investigators are assigned job roles with custom Department perspective data roles attached for managing incidents. Other incident users are assigned job roles with custom Department perspective data roles attached for viewing only. Worklist assignment Result Investigator should be set to “All Eligible Users”.
Report abuse Consent Terms of use