ServiceNow Certified Implementation Specialist – Risk and Compliance — Question 145

A control objective has been related to a risk statement and they've been scoped with the same entity type. What can we expect to occur?

Answer options

• A. Risks for this risk statement will be moved back into a Review state since there are new factors impacting risk likelihood.
• B. A control for this control objective, with a matching entity, will be related to the registered risk for this risk statement as a mitigating control.
• C. The control objective will be marked as compliant since it is mitigating the related risk statement.
• D. Risk scores will automatically decrease for the risk statement's risks since there are now mitigating controls.

Correct answer: B

Explanation

The correct answer is B because when a control objective matches the entity type of a risk statement, it serves as a mitigating control for that risk. The other options suggest outcomes that either misinterpret the relationship between controls and risks or incorrectly assume automatic compliance or risk score adjustments without proper context.