ServiceNow Certified Implementation Specialist – Risk and Compliance Exam Specification
Utah Release – Updated April 2023
Introduction
The ServiceNow Certified Implementation Specialist – Risk and Compliance Exam Specification document defines the purpose, audience, testing options, exam content coverage, test framework, and prerequisites to earn the Certified Implementation Specialist – Risk and Compliance certification.
Exam Purpose
The Certified Implementation Specialist – Risk and Compliance exam certifies that a successful candidate has the skills and essential knowledge to contribute to the configuration, implementation, and maintenance of ServiceNow Risk, Policy and Compliance, and Audit Management applications.
Exam Audience
The ServiceNow Certified Implementation Specialist – Risk and Compliance exam is available to ServiceNow customers, partners, employees, and others interested in becoming a ServiceNow Risk and Compliance Implementer.
Exam Preparation
Exam questions are based on official ServiceNow training materials, the ServiceNow Product documentation site, and the ServiceNow developer site. Study materials posted elsewhere online are not official and should not be used to prepare for the examination.
Recommended ServiceNow Training
ServiceNow recommends the completion of the following prerequisite training course(s) in preparation for the ServiceNow Certified Implementation Specialist – Risk and Compliance exam. The following ServiceNow training course(s) contain the underlying foundational knowledge needed for the exam.
- Welcome to ServiceNow
- ServiceNow Administration Fundamentals
- ServiceNow Administration Advanced
- Get Started with Now Create
- ServiceNow Platform Implementation
- CMDB Fundamentals
- Flow Designer Essentials
- UI Builder Essentials
Required ServiceNow Training
ServiceNow requires completion of the following training course(s) and certification(s). The content in these courses covers the exam learning domains and will help you prepare for the exam.
NOTE: The required course, GRC: Integrated Risk Management (IRM) Implementation, is offered in on-demand and live instructor-led (ILT) formats. Required courses differ depending on the format taken as these courses were built on different ServiceNow family releases.
If you take the GRC: Integrated Risk Management (IRM) Implementation on-demand course, the San Diego version | |
GRC: Integrated Risk Management (IRM) Fundamentals |
On-demand |
GRC: Integrated Risk Management (IRM) Implementation |
On-demand |
GRC: Classic Risk Assessment Fundamentals |
On-demand |
GRC: Audit Management Essentials |
On-demand |
If you take the GRC: Integrated Risk Management (IRM) Implementation live ILT course, the Utah version | |
GRC: Integrated Risk Management (IRM) Fundamentals |
On-demand |
GRC: Integrated Risk Management (IRM) Implementation |
Instructor-led (ILT) |
GRC: Classic Risk Assessment Fundamentals |
On-demand |
GRC: Regulatory Change Management Essentials |
On-demand |
GRC: Audit Management Essentials |
On-demand |
Upon completion of the GRC: Integrated Risk Management (IRM) Implementation course, the candidate will be eligible to obtain or purchase a nontransferable voucher code to register for the Certified Implementation Specialist – Risk and Compliance exam.
Additional Resources
In addition to the above, the candidate may find the following additional resources valuable in preparation for the exam.
- Candidate Journey Guide – a resource to guide you through the entire certification process
- Governance, Risk, and Compliance release notes for Utah
Additional Recommended Experience
- General familiarity with GRC industry terminology, acronyms, and initialisms
- Six months of field experience participating in at least two ServiceNow deployment projects or maintaining ServiceNow instances
Exam scope
Learning domains are the key topics and specific objectives included in the exam. Exam content or exam items are divided into learning domains.
The following table shows the learning domains, weightings, sub-topics, and the percentage of questions represented in each domain. The listed sub-skills should NOT be considered an all-inclusive list of the exam content.
Number of Domains |
Learning Domain |
Percent of Exam |
1 |
GRC Overview
|
10% |
2 |
Implementation Planning
|
5% |
3 |
Entity Scoping
|
25% |
4 |
Policy and Compliance Implementation Approach
|
25% |
5 |
Risk Implementation Approach
|
25% |
6 |
Extended Capabilities
|
5% |
7 |
Audit Management Implementation
|
5% |
Total |
100% |
Exam Registration
ServiceNow partners with Kryterion using its Webassessor platform for exam registration. Our mainline exams are offered at Kryterion Test Centers or can be taken anywhere online while a Kryterion proctor monitors the exam appointment.
To register for an exam, you will need to create a Webassessor account and then link it to your Now Learning account.
For individuals with a disability or English as Second Language (ESL), ServiceNow does offer reasonable accommodation while taking the certification exam.
Exam Structure
Number of Items
The exam consists of forty-five questions.
Multiple Choice (single answer)
For each multiple-choice question on the exam, there are at least four possible responses. Select the one response that most accurately answers the question.
Multiple Select (select all that apply)
For each multiple-select question on the exam, there are at least four possible responses. The question will state how many responses should be selected. Select ALL responses that accurately answer the question. Partial credit is not provided.
Exam Result
The exam result is immediately displayed as a conditional pass or fail result after completing and submitting the exam. Additional scoring information can be found in the Obtain the Exam Result lesson in the Candidate Journey Guide.
Pass Result
A pass result indicates that the certification has been earned. The only information shared is the pass result. The pass result is conditional, meaning the exam at any time can be audited, reviewed, and the certification may be revoked after investigation if it is found that the ServiceNow Test Security Policies have been violated.
To maintain a ServiceNow Certification, you will need to pass delta exams and pay the annual Certification Maintenance Program (CMP) Fee.
Fail Result
A failed result indicates that the certification was not earned. The percent earned for each learning domain is shared. For the next exam attempt, focus on the learning domains with the lowest percentage scores.
Sample Questions
Sample Item #1:
Which of the following are scoped applications in GRC? (Select all that apply)
A. GRC: Profiles
B. GRC: Risk Management
C. GRC: Compliance and Audit Management
D. Global
Answer: A & B
Sample Item #2:
Who should be on the core implementation team for a GRC implementation? (Select all that apply)
A. Risk and compliance experts
B. ServiceNow developer team
C. External audit team
D. Risk assessors
Answer: A & B
Sample Item #3:
The Entity Filter record requires which mandatory field to be completed?
A. Filter date
B. Filter name
C. Conditions
D. Source table
Answer: D
Sample Item #4:
Which of the following are tables in the GRC: Policy and Compliance scope? (Select all that apply)
A. Issue
B. Control
C. Risk
D. Citation
Answer: B & D
Sample Item #5:
Which of the following are tables in the Risk scope? (Select all that apply)
A. Issue
B. Risk Framework
C. Risk Statement
D. Citation
Answer: B & C
Sample Item #6:
Unified Compliance Framework (UCF) Control documents import into which ServiceNow table with the UCF integration?
A. Citation table
B. Control Objectives table
C. Authority Documents table
D. Policy table
Answer: B
Sample Item #7:
Which roles are inherited when a user is given the sn_audit.user role? (Select all that apply)
A. sn_grc.reader
B. sn_compliance.reader
C. sn_risk.reader
D. sn_audit.external_auditor
Answer: A, B, & C
Back to Top