During the Generating Observations phase of the Vendor Risk Assessment, what action might be taken by the Risk Assessor?
During the Generating Observations phase of the Vendor Risk Assessment, what action might be taken by the Risk Assessor?A . Create issues from the assessment if necessary B. Update the vendor risk score C. Email the vendor D. Answer questions the vendor forgot to answerView AnswerAnswer: A
Which statement accurately describes the visibility and audit history of actions and communications in the Vendor Risk Management application?
Which statement accurately describes the visibility and audit history of actions and communications in the Vendor Risk Management application?A . The vendor and assessor interactions are captured in the Vendor Risk Issue record and are only visible from the portal view B. The Vendor Risk Issues created and the activity...
What are the features of Vendor Risk Issues? (Choose two.)
What are the features of Vendor Risk Issues? (Choose two.)A . Generate audit tasks for the vendor risk team B. Can only be seen by the customer’s vendor risk team C. Provide vendor direct access to update and respond to Issues D. Can be generated on-demand or automatically due to...
Which of these must be true in order for a vendor risk issue to be visible in the Vendor Portal?
Which of these must be true in order for a vendor risk issue to be visible in the Vendor Portal?A . There must be at least one secondary contact for the vendor B. The primary vendor contact must have the sn_vdr_issues role C. Issues are always visible in the vendor...
The Vendor records are stored in which table?
The Vendor records are stored in which table?A . Company [core_company] B. Department [cmn_department] C. Task [task] D. User [sys_user]View AnswerAnswer: A
What role is required for this functionality?
Before any changes to the configuration of an application are made, it is recommended that the correct update set and application scope are selected. What role is required for this functionality?A . The Vendor Administrator role is required for this functionality B. The Data Administrator role is required for this...
How are Vendor Risk questionnaires and document requests displayed on the Vendor Portal?
How are Vendor Risk questionnaires and document requests displayed on the Vendor Portal?A . As separate requests and can be assigned to different vendor contacts B. As separate requests and can only be assigned to the same vendor contact C. As a single assessment assigned to a single vendor contact...
To what type of assessment record can a vendor contact respond?
To what type of assessment record can a vendor contact respond?A . Vendor tiering assessment B. Vendor risk assessment C. Customer assessment D. External monitoring assessmentView AnswerAnswer: B Explanation: Reference: https://www.smartsheet.com/content/vendor-assessment-evaluation
What is the definition of ‘Risk Management’?
What is the definition of ‘Risk Management’?A . Policies/Standards/Procedures established to ensure an organization is aligned with corporate strategy and expectations are clearly defined B. The process of conforming to standards, policies, and remediation of audit findings C. The elimination of vulnerable surface area in an enterprise environment D. Process...
What third-party vendor security evaluation solutions are commonly integrated with VRM out-of-the-box? (Choose two.)
What third-party vendor security evaluation solutions are commonly integrated with VRM out-of-the-box? (Choose two.)A . MyScoreMetrics B. Vendor Insights C. Bitsight D. Security ScorecardView AnswerAnswer: C,D