Which role can you grant to external audit team members?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the ServiceNow Integrated Risk Management Exam. Utilize flashcards and multiple-choice questions with detailed explanations and hints. Enhance your knowledge and skills for the certification exam.

Multiple Choice

Which role can you grant to external audit team members?

Explanation:
This tests which role is intended for external audit team members in ServiceNow IRM. The best choice is the sn_audit.external_auditor role because it is specifically designed for third-party auditors and provides the necessary access to audit-related data while keeping editing and administrative capabilities restricted. This aligns with the principle of least privilege, giving external auditors visibility to audits, findings, and evidence without granting broader control over risk, compliance, or audit management. The other roles correspond to internal responsibilities: sn_compliance_user focuses on compliance-related tasks, sn_risk_user on risk management activities and configurations, and sn_audit_manager on managing audits and workflows. Granting those would give external auditors more permissions than needed and could raise security and separation-of-duties concerns.

This tests which role is intended for external audit team members in ServiceNow IRM. The best choice is the sn_audit.external_auditor role because it is specifically designed for third-party auditors and provides the necessary access to audit-related data while keeping editing and administrative capabilities restricted. This aligns with the principle of least privilege, giving external auditors visibility to audits, findings, and evidence without granting broader control over risk, compliance, or audit management.

The other roles correspond to internal responsibilities: sn_compliance_user focuses on compliance-related tasks, sn_risk_user on risk management activities and configurations, and sn_audit_manager on managing audits and workflows. Granting those would give external auditors more permissions than needed and could raise security and separation-of-duties concerns.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy