Online 1Z0-1058-25 Practice Test

Question 1

The control manager needs to associate an existing test plan to an additional assessment type, Audit Test. The

existing test plan is associated only with the Design Review assessment type.

How can this be accomplished?

Options :

A : The control manager should create a new test plan with Audit Test and Design Review as assessment types

B : The control’s test plan should be updated to include both Audit Test and Design Review as assessment types.

C : The control manager does not need to update the control because any initiated assessment will include all control test plans.

D : The control’s test plan should be updated to Audit Test as the assessment type.

Answer: B

Question 2

The GRC Business owner responsible for reviewing and investigating access incidents related to the “Order to

Cash” perspective does not see any worklists for the generated results. You have validated that:

1. Other business owners are able to view their assigned worklists without any problem

2. Incidents have been generated for the controls related to Order to Cash

3. The business owner’s assigned roles contain the correct functional privileges and data access to the correct

perspective values

What is the reason the business owner cannot see any worklists for the generated incidents?

Options :

A : The Result Management Perspective Assignment has not been linked.

B : The underlying model is not linked to Order to Cash.

C : The business owner was recently assigned the role and the worklist needs to be refreshed.

D : Worklist assignment does not include the business owner.

E : The Control Perspectives are not linked to the control.

Answer: D

Question 3

You have five business units in our company, BU1 through BU5. You want to build a transaction model to

identify suppliers who have been paid more than $100,000 USD across all business units except BU5.

Which two filters must be combined? (Choose two.)

Options :

A : Add a standard filter where the “Payment” object’s “Organization ID” equals BU1, BU2, BU3, BU4.

B : Add a function filter grouping by “Supplier ID” where the sum of “Payment Amount” is greater than 100,000

C : Add a function filter grouping by “Organization ID” where the sum of “Payment Amount” is greater than 100,000

D : Add a standard filter where the “Payment” object’s “Organization ID” equals BU5, and advanced option “Exclude” is checked.

E : Add a standard filter where the “Payment” object’s “Organization ID” is equal to itself.

Answer: A,C

Question 4

You have created security roles for the Procure-to-Pay (P2P) Control Manager for the EMEA region in your

client’s organization. But, there are two problems with his or her security configuration.

Problem 1: This person should not receive notifications to complete control assessments, but currently he or

she does.

Problem 2: Also, although he or she has access to controls associated with EMEA, he or she is unable to

access controls created for individual regions within EMEA.

You have given him or her the following job role:

EMEA P2P Control Manager Job Role

Seeded Control Manager Duty Composite

Seeded Control Certification Assessor Duty Composite

EMEA P2P Control Manager Data Security Policy

Seeded Control Manager Data Security Policy

Perspective filter where Region Perspective “equals” EMEA

Perspective filter where Process Perspective “equals” P2P

Which two actions need to be taken to correct the problems? (Choose two.)

Options :

A : Remove Control Certification Assessor Composite from the EMEA P2P Control Manager job role.

B : Create EMEA P2P Control Certification Assessor Data Security Policy striped by both EMEA and P2P perspectives and assign to the job role.

C : Add to the EMEA P2P Control Manager Data Security Policy the seeded Control Certification Assessor Data Security Policy.

D : While defining data security policy, set the perspective value to EMEA including all child nodes of the EMEA region.

Answer: C,D

Question 5

You completed the data migration successfully. You created 100 controls, an Organization Perspective, and

relationship of controls to the Organization Perspective. All controls are related to one perspective item. The

Control Manager logs in to the application to view the new controls, yet there are none available for his or her

review.

Identify three reasons for this. (Choose three.)

Options :

A : The Control Manager was not given the correct data security policy to access the controls.

B : The Perspective Hierarchy was not associated to the Control Object.

C : There was no Control Type associated with the controls.

D : The Perspective Hierarchy is not in the Approved state.

E : No risks were mapped to the imported controls.

Answer: A,C

EXPERTY DESIGNED 1Z0-1058-25 PRACTICE TEST