Now Learning Knowledge Article View
Article
KB0011556

Certified Implementation Specialist - Third-Party Risk Management (CIS-TPRM) Mainline Exam Blueprint

Article metadata.
This article was updated This article has 2078 views.

Updated July 2024

 


Introduction

The ServiceNow Certified Implementation Specialist – Third-party Risk Management Exam Specification document defines the purpose, audience, testing options, exam content coverage, test framework, and prerequisites to earn the Certified Implementation Specialist – Third-party Risk Management certification.

 

Exam Purpose

The Certified Implementation Specialist exam certifies that a successful candidate has the skills and essential knowledge to contribute to the configuration, implementation, and maintenance of the ServiceNow Third-party Risk Management application. 

 

Exam Audience

The ServiceNow Certified Implementation Specialist – Third-party Risk Management exam is available to ServiceNow customers, partners, employees, and others interested in becoming a ServiceNow Third-party Risk Management Implementer.

 

Exam Preparation

Exam questions are based on official ServiceNow training materials, the ServiceNow Product documentation site, and the ServiceNow developer site. Study materials posted elsewhere online are not official and should not be used to prepare for the examination.

Prerequisite ServiceNow Training

ServiceNow recommends the completion of the following prerequisite training course(s) in preparation for the Certified Implementation Specialist – Third-party Risk Management exam. The following ServiceNow training course(s) contain the underlying foundational knowledge needed for the exam.

  • Welcome to ServiceNow
  • ServiceNow Administration Fundamentals
  • System Administration Advanced 
  • UI Builder Fundamentals
  • Flow Designer Fundamentals
  • Get Started with Now Create 
  • ServiceNow Platform Implementation

 

Required ServiceNow Training

ServiceNow requires completion of the following training course(s) and certification(s). The content in these courses covers the exam learning domains and will help you prepare for the exam.

  • GRC: Third-party Risk Management (TPRM) Fundamentals  
  • GRC: Third-party Risk Management (TPRM) Implementation 
  • GRC: Third-party Risk Management Implementation (TPRMI) Simulator (Vancouver) 

Upon completion of the Third-party Risk Management Implementation course, the candidate will be eligible to obtain or purchase a nontransferable voucher code to register for the Certified Implementation Specialist – Third-party Risk Management exam.

Additional Recommended Resources

In addition to the above, the candidate may find the following additional resources valuable in preparation for the exam.

  • Credentialing Program Guide – a resource to guide you through the entire certification process
  • Performance Analytics Essentials 
  • Service Portal Fundamentals 
  • Automated Test Framework Fundamentals 
  • Knowledge Management Fundamentals 

 

Additional Recommended Experience

General familiarity with industry standards, terminology, and acronyms 

 

Exam Scope

Learning domains are the key topics and specific objectives included in the exam. Exam content or exam items are divided into learning domains.

The following table shows the learning domains, weightings, sub-topics, and the percentage of questions represented in each domain. The listed sub-skills should NOT be considered an all-inclusive list of the exam content. 

 

 

Number of Domains

 

 

Learning Domain

 

 

Percent of Exam

 

1

Third-party Risk Management Fundamentals and Third-party Risk Management Review

  • About Third-party Risk Management
  • Third-party Risk Management Process
  • Technical Details

25%

2

Core Configuration

  • Third-party Portfolio Configuration
  • Third-party Contacts Configuration
  • Third-party Risk Intelligence Scoring Configuration

8%

3

Assessment Configuration

  • Assessment Basics/Due Diligence Requests
  • Third-party IRQ (Tiering) and Due Diligence Configuration 
  • Risk Assessment Configuration 
  • Risk Assessment Generation 
  • Risk Assessment Calculations 
  • Assessment Lifecycle 

30%

4

Approval and Workflow Process Changes

  • IRQ Approval 
  • Third-party Risk Issues Approval 
  •  Third-party Risk Process Workflows 

 

12%

5

Third-party Portal Configuration

  • Third-party Portal Configuration 

15%

6

Other Application Relationships

  • ServiceNow GRC Overview
  • Monitor Risk and Control Compliance
  • Other Application Relationships

5%

7

Dashboards and Reports

5%

Total

100%

 

Exam Registration

ServiceNow partners with Kryterion using its Webassessor platform for exam registration. Our mainline exams are offered at Kryterion Test Centers or can be taken anywhere online while a Kryterion proctor monitors the exam appointment.

To register for an exam, you will need to create a Webassessor account and then link it to your Now Learning account.

For individuals with a disability or English as Second Language (ESL), ServiceNow does offer reasonable accommodation while taking the certification exam.

 

Exam Structure

Exam Duration

The exam duration is 90 minutes.

Number of Items

The exam consists of 60 questions.

 

Multiple Choice (single answer)

For each multiple-choice question on the exam, there are at least four possible responses. Select the one response that most accurately answers the question.

Multiple Select (select all that apply)

For each multiple-select question on the exam, there are at least four possible responses. The question will state how many responses should be selected. Select ALL responses that accurately answer the question. Partial credit is not provided.

 

Exam Result

The exam result is immediately displayed as a conditional pass or fail result after completing and submitting the exam. Additional scoring information can be found in the Obtain the Exam Result lesson in the Credentialing Program Guide. 

 

Pass Result 

A pass result indicates that the certification has been earned. The only information shared is the pass result. The pass result is conditional, meaning the exam at any time can be audited, reviewed, and the certification may be revoked after investigation if it is found that the ServiceNow Test Security Policies have been violated.  

To maintain a ServiceNow Certification, you will need to pass delta exams and pay the annual Certification Maintenance Program (CMP) Fee

 

Fail Result 

A failed result indicates that the certification was not earned. The percent earned for each learning domain is shared. For the next exam attempt, focus on the learning domains with the lowest percentage scores.  

Sample Questions

Sample Question #1 

What ServiceNow feature helps companies manage third parties without emails and spreadsheets? 

A. The Customer Service Portal 

B. The Third-party Portal 

C. The Third-party Registry 

D. The Third-party Platform

Answer: B

 

Sample Question – #2 

Which fields are included on the Third-party Contact form? (Select two)

A. Risk rating 

B. Rank tier 

C. Primary Contact 

D. Email 

Answer: C, D

 

Sample Question – #3 

Third-party Risk Issues are considered inactive when they enter this state: 

A. Review 

B. Submitted to Third Party

C. Finalize with Third Party

D. Closed 

Answer: D

 

Sample Question – #4 

What actions can occur in the Third-party Portal? 

A. View Project Gannt Charts 

B. Submit an incident 

C. Respond to a Third-party Risk Assessment 

D. Manage Third-party Contacts 

Answer: C, D

 

Sample Question – #5 

Risks registered within an organization are captured as which type of record in ServiceNow? 

A. Control Definition 

B. Risk Statement 

C. Control Template 

D. Attestation

Answer: B

 

Sample Question – #6 

What is a common table used for Third-party Risk Management reporting? 

A. Control [sn_control] 

B. Task [task] 

C. Third-party Risk Assessment [sn_vdr_risk_asmt_assessment]

D. Third party [core_third_party] 

Answer: C