Which three steps can be performed by using the Configure Module Objects pages? (Choose three.)

A. Choose display (or hide) configurable options for: results, events, consequences and treatments.

B. Set "object-perspective" association.

C. Create object data import templates.

D. Edit the assessment activity question and guidance text for all assessment types.

E. View assessment response details for all assessment types.

What would happen to an access incident in Advanced Access Controls (AAC) that has been remediated and has a status of "Closed," but poses a conflict again during a subsequent evaluation of controls?

A. The incident is deferred.

B. The incident remains in "Closed" status and additional remedial action cannot be taken.

C. The incident remains in "Closed" status and assigned users receive a notification that additional access incidents have been identified.

D. The incident is copied and a new incident is created based on the original incident.

E. The incident status changes to "Assigned."

A Control Manager has changed the status of an issue to "In Remediation" and has submitted it. What will be the state of the Issue if there is no issue validator, reviewer, or approver configured?

A. In Review

B. Active

C. Reported

D. Approved

E. In Edit

You have five business units in our company, BU1 through BU5. You want to build a transaction model to identify suppliers who have been paid more than $100,000 USD across all business units except BU5. Which two filters must be combined? (Choose two.)

A. Add a standard filter where the "Payment" object's "Organization ID" equals BU1, BU2, BU3, BU4.

B. Add a function filter grouping by "Supplier ID" where the sum of "Payment Amount" is greater than 100,000.

C. Add a function filter grouping by "Organization ID" where the sum of "Payment Amount" is greater than 100,000.

D. Add a standard filter where the "Payment" object's "Organization ID" equals BU5, and advanced option "Exclude" is checked.

E. Add a standard filter where the "Payment" object's "Organization ID" is equal to itself.

When you view or edit a transaction incident, you may see extra columns that are not present in the business objects used in the control. What three kinds of control logic or conditions can cause this? (Choose three.)

A. Equals (when the same attribute is used on both sides of the condition)

B. Not in

C. Similar

D. Average Function

E. Between (when using a date attribute)

Which two options can be assigned to a duty role? (Choose two.)

A. Functional Security Policy

B. Abstract Role

C. Data Security Policy

D. Job Role

You have created security roles for the Procure-to-Pay (P2P) Control Manager for the EMEA region in your client's organization. But, there are two problems with his or her security configuration. Problem 1: This person should not receive notifications to complete control assessments, but currently he or she does. Problem 2: Also, although he or she has access to controls associated with EMEA, he or she is unable to access controls created for individual regions within EMEA. You have given him or her the following job role: EMEA P2P Control Manager Job Role Seeded Control Manager Duty Composite Seeded Control Certification Assessor Duty Composite EMEA P2P Control Manager Data Security Policy Seeded Control Manager Data Security Policy Perspective filter where Region Perspective “equals” EMEA Perspective filter where Process Perspective “equals” P2P

Which two actions need to be taken to correct the problems? (Choose two.)

A. Remove Control Certification Assessor Composite from the EMEA P2P Control Manager job role.

B. Create EMEA P2P Control Certification Assessor Data Security Policy striped by both EMEA and P2P perspectives and assign to the job role.

C. Add to the EMEA P2P Control Manager Data Security Policy the seeded Control Certification Assessor Data Security Policy.

D. While defining data security policy, set the perspective value to EMEA including all child nodes of the EMEA region.

How do you identify Financial Reporting Compliance Cloud's key stakeholders?

A. Identify users who need to create and submit expense reports easily.

B. Identify users who will create customer invoices, and receive and apply customer payments.

C. Identify executives who need to certify internal controls for SOX or similar mandates.

D. Identify executives who will manage customer balances and recognize revenue.

You have defined an initial Perspective Hierarchy for your client in the Advanced Controls module. After refining their business requirements, your client wants to expand the existing hierarchy to include 150 perspective items in various levels.

For efficient processing, you decide to use the GRC data migration feature to import the new items.

Which three are valid processing steps required to define the export file? (Choose three.)

A. Navigate to Risk Management Tools > Setup and Administration > Data Migration, and select Advanced Controls.

B. Generate Template as Without Data.

C. Navigate to Manage Module Perspectives.

D. Generate Template as Without Data ?Perspectives Only.

E. Click the Create Import Template button.

Your client has asked you to define a transaction model to identify duplicate invoices based on Invoice Numbers and Invoice Amounts. Which two standard filters can be combined to accomplish this? (Choose two.)

A. The "Payables Invoice" object's "Supplier ID" does not equal itself.

B. The "Payables Invoice" object's "Invoice ID" is similar to the "Payables Invoice" object's "Invoice Number".

C. The "Payables Invoice" object's "Invoice Amount" is equal to itself.

D. The "Payables Invoice" object's "Invoice Number" is equal to the "Payables Invoice" object's "Invoice ID."

E. The "Payables Invoice" object's "Invoice Number" is equal to itself.