Certified Implementation Specialist - Risk and Compliance Mainline Exam Blueprint
Article
KB0011655

Certified Implementation Specialist - Risk and Compliance Mainline Exam Blueprint

Article metadata.
This article was updated This article has 1836 views.

 

 

 

ServiceNow Certified Implementation Specialist – Risk and Compliance Exam Specification

Utah Release – Updated April 2023

 

Introduction

The ServiceNow Certified Implementation Specialist – Risk and Compliance Exam Specification document defines the purpose, audience, testing options, exam content coverage, test framework, and prerequisites to earn the Certified Implementation Specialist – Risk and Compliance certification.

Exam Purpose

The Certified Implementation Specialist – Risk and Compliance exam certifies that a successful candidate has the skills and essential knowledge to contribute to the configuration, implementation, and maintenance of ServiceNow Risk, Policy and Compliance, and Audit Management applications.

Exam Audience

The ServiceNow Certified Implementation Specialist – Risk and Compliance exam is available to ServiceNow customers, partners, employees, and others interested in becoming a ServiceNow Risk and Compliance Implementer.

Exam Preparation

Exam questions are based on official ServiceNow training materials, the ServiceNow Product documentation site, and the ServiceNow developer site. Study materials posted elsewhere online are not official and should not be used to prepare for the examination.

Recommended ServiceNow Training

ServiceNow recommends the completion of the following prerequisite training course(s) in preparation for the ServiceNow Certified Implementation Specialist – Risk and Compliance exam. The following ServiceNow training course(s) contain the underlying foundational knowledge needed for the exam.

  • Welcome to ServiceNow
  • ServiceNow Administration Fundamentals
  • ServiceNow Administration Advanced
  • Get Started with Now Create
  • ServiceNow Platform Implementation
  • CMDB Fundamentals
  • Flow Designer Essentials
  • UI Builder Essentials

 

Required ServiceNow Training

ServiceNow requires completion of the following training course(s) and certification(s). The content in these courses covers the exam learning domains and will help you prepare for the exam.

NOTE: The required course, GRC: Integrated Risk Management (IRM) Implementation, is offered in on-demand and live instructor-led (ILT) formats. Required courses differ depending on the format taken as these courses were built on different ServiceNow family releases.

 

If you take the GRC: Integrated Risk Management (IRM) Implementation on-demand course, the San Diego version

 GRC: Integrated Risk Management (IRM) Fundamentals

On-demand

 GRC: Integrated Risk Management (IRM) Implementation

On-demand

 GRC: Classic Risk Assessment Fundamentals

On-demand

GRC: Audit Management Essentials

On-demand

If you take the GRC: Integrated Risk Management (IRM) Implementation live ILT course, the Utah version

 GRC: Integrated Risk Management (IRM) Fundamentals

On-demand

 GRC: Integrated Risk Management (IRM) Implementation

Instructor-led (ILT)

 GRC: Classic Risk Assessment Fundamentals

On-demand

 GRC: Regulatory Change Management Essentials

On-demand

 GRC: Audit Management Essentials

On-demand

 

Upon completion of the GRC: Integrated Risk Management (IRM) Implementation course, the candidate will be eligible to obtain or purchase a nontransferable voucher code to register for the Certified Implementation Specialist – Risk and Compliance exam.

 

Additional Resources

In addition to the above, the candidate may find the following additional resources valuable in preparation for the exam.

 

Additional Recommended Experience

  • General familiarity with GRC industry terminology, acronyms, and initialisms
  • Six months of field experience participating in at least two ServiceNow deployment projects or maintaining ServiceNow instances

 

Exam scope

Learning domains are the key topics and specific objectives included in the exam. Exam content or exam items are divided into learning domains.

The following table shows the learning domains, weightings, sub-topics, and the percentage of questions represented in each domain. The listed sub-skills should NOT be considered an all-inclusive list of the exam content.

Number of Domains

Learning Domain

Percent of Exam

1

GRC Overview

  • GRC Positioning and Framework
  • Key Terminology
  • Technical Details

10%

2

Implementation Planning

  • Use Cases
  • Implementation Team
  • Implementation Checklist
  • Personas, Groups and Roles

5%

3

Entity Scoping

  • Entity Scoping Overview
  • Entity Type Approach
  • Entity Class Approach
  • Entity Architecture

25%

4

Policy and Compliance Implementation Approach

  • Policy and Compliance Record
  • Policy and Compliance Architecture
  • Policy and Compliance Configuration

25%

5

Risk Implementation Approach

  • Classic Risk Assessment Lifecycle
  • Advanced Risk Assessment Lifecycle
  • Risk Management and Advanced Risk Assessment Architecture
  • Advanced Risk Assessment Configuration

25%

6

Extended Capabilities

  • Integrations
  • GRC: Regulatory Change Management Overview and Lifecycle
  • Configuration of RSS feed
  • Advanced Risk Assessment Integrations

5%

7

Audit Management Implementation

  • Audit Management Architecture and Components
  • Advanced Audit Architecture and Features
  • Use Cases

5%

Total

100%

 

Exam Registration

ServiceNow partners with Kryterion using its Webassessor platform for exam registration. Our mainline exams are offered at Kryterion Test Centers or can be taken anywhere online while a Kryterion proctor monitors the exam appointment.

To register for an exam, you will need to create a Webassessor account and then link it to your Now Learning account.

For individuals with a disability or English as Second Language (ESL), ServiceNow does offer reasonable accommodation while taking the certification exam.

 

Exam Structure

Number of Items

The exam consists of forty-five questions.

 

Multiple Choice (single answer)

For each multiple-choice question on the exam, there are at least four possible responses. Select the one response that most accurately answers the question.

Multiple Select (select all that apply)

For each multiple-select question on the exam, there are at least four possible responses. The question will state how many responses should be selected. Select ALL responses that accurately answer the question. Partial credit is not provided.

Exam Result

The exam result is immediately displayed as a conditional pass or fail result after completing and submitting the exam. Additional scoring information can be found in the Obtain the Exam Result lesson in the Candidate Journey Guide.

Pass Result

A pass result indicates that the certification has been earned. The only information shared is the pass result. The pass result is conditional, meaning the exam at any time can be audited, reviewed, and the certification may be revoked after investigation if it is found that the ServiceNow Test Security Policies have been violated.

To maintain a ServiceNow Certification, you will need to pass delta exams and pay the annual Certification Maintenance Program (CMP) Fee.

Fail Result

A failed result indicates that the certification was not earned. The percent earned for each learning domain is shared. For the next exam attempt, focus on the learning domains with the lowest percentage scores.

 

Sample Questions

Sample Item #1:

Which of the following are scoped applications in GRC? (Select all that apply)

A. GRC: Profiles 

B. GRC: Risk Management 

C. GRC: Compliance and Audit Management 

D. Global 

Answer: A & B 

 

Sample Item #2:

Who should be on the core implementation team for a GRC implementation? (Select all that apply) 

A. Risk and compliance experts  

B. ServiceNow developer team 

C. External audit team 

D. Risk assessors 

Answer: A & B 

 

Sample Item #3:

The Entity Filter record requires which mandatory field to be completed?

A. Filter date  

B. Filter name 

C. Conditions 

D. Source table 

Answer: D 

 

Sample Item #4:

Which of the following are tables in the GRC: Policy and Compliance scope? (Select all that apply)

A. Issue  

B. Control 

C. Risk 

D. Citation 

Answer: B & D 

 

Sample Item #5:

Which of the following are tables in the Risk scope? (Select all that apply)

A. Issue  

B. Risk Framework 

C. Risk Statement 

D. Citation 

Answer: B & C 

 

Sample Item #6:

Unified Compliance Framework (UCF) Control documents import into which ServiceNow table with the UCF integration?

A. Citation table 

B. Control Objectives table 

C. Authority Documents table 

D. Policy table 

Answer: B 

 

Sample Item #7:

Which roles are inherited when a user is given the sn_audit.user role? (Select all that apply) 

A. sn_grc.reader 

B. sn_compliance.reader 

C. sn_risk.reader 

D. sn_audit.external_auditor 

Answer: A, B, & C 

Back to Top