Policy and Compliance Questions

Policy and compliance record lifecycles, architecture, configuration, and supporting processes.

15 total questions2 free questions

About Policy and Compliance

Policy and Compliance Management covers how to create, manage, and enforce policies and compliance requirements, including policy lifecycles, control frameworks, control testing, and attestation.

Why This Matters for Your Exam

This is a major domain at 25% of the exam. Questions cover policy lifecycles, compliance requirements, control design, control testing, attestations, issues management, and the Compliance Manager dashboard.

Key Concepts to Master

Understand the policy lifecycle from draft to published to retired. Know how controls are linked to policies and tested for compliance. Master attestation workflows and issue remediation processes.

Exam Tips

Policies follow a lifecycle: Draft → Published → Retired. Controls have design effectiveness (documented properly) and operating effectiveness (working as intended). Attestations verify ongoing compliance.

Practice Questions

15 questions available

knowledge

What are the available actions when reviewing an evidence request?

AAccept, Reject, Archive

BAccept Evidence, Request Revision, Cancel, Delete

CApprove, Deny, Escalate

DSubmit, Review, Close

👆 Click an option above to select your answer

understanding

What is the purpose of indicators in continuous monitoring?

ATo track user login attempts

BTo collect data to monitor controls and risks, and collect audit evidence

CTo measure system performance

DTo track incident response times

👆 Click an option above to select your answer