irm_cf_free assessment evaluation_2020-0

IRM Questionnaire

I have a documented list of compliance frameworks I comply with.





I have a list of controls that I am currently monitoring.
My controls have business owners assigned to them to show ownership outside of my Risk and Compliance organization.
My control compliance is assessed on a defined periodic schedule.
I have integrations to data sources that automatically validate control compliance.

About Me

My policies are stored and viewable in a central location.
I have a defined review and approval process for policies prior to publishing.
I have a defined list of risks that are monitored (a risk register).
My risks are scored against defined criteria.
I have a defined process to create risk mitigation plans.
I have a review and approval process for accepting risks.
I have a team that manages my internal audit process.
I have a defined process for assigning out responsibilities and tasks for internal audits.
I have documented, reusable test plans for internal audits.
My audits have defined relationships to control and risk libraries.
I generate post audit reports and store them in a central location.

Vendor Risk

Questions in my vendor assessment directly link to controls I am monitoring and can update compliance and risk scoring.

Cerna reserves the right to decline any registration without explanation.

Our offer is limited to 10, free 1-hour assessments for qualifying respondents.

Not all questions are mandatory, submit only those that interest you.

I have a process defined to periodically assess my risks.
I have a periodic review process for policies.
My policies are linked to specific control objectives (requirements).
I have a defined process to approve policy exceptions.
My vendor information is stored in a centralized location.
I have a process to assess vendors internally to determine potential risk.
I store my external vendor assessments in a central location after completion.
I have a formula that calculates the risk score for a vendor based off the responses to the vendor assessment.
irm_cf_free assessment evaluation_2020-0

Elevate your ServiceNow IRM Maturity

Complete the questionnaire below.

ServiceNow Integrated Risk Management (IRM) covers all of the core processes in a governance, risk, and compliance (GRC) program and enables organizations to significantly improve decision making and performance through an integrated view of how well your organization manages its unique set of governance, risk, audit, and compliance goals.

Would you like to take your IRM maturity to the next level?

Complete this comprehensive questionnaire to be eligible for a FREE 1-hour assessment!

Spots are limited, so complete the IRM questionnaire below and register for this free assessment today, where the experts from Cerna Solutions will:

Evaluate your current risk management posture

Introduce you to our unique IRM maturity model

Identify next steps to elevate your IRM maturity