ServiceNow Certified Implementation Specialist – Vendor Risk Management — Question 49

What is the definition of ‘Risk Management’?

Answer options

• A. Policies/Standards/Procedures established to ensure an organization is aligned with corporate strategy and expectations are clearly defined
• B. The process of conforming to standards, policies, and remediation of audit findings
• C. The elimination of vulnerable surface area in an enterprise environment
• D. Process to identify, assess, and respond to risks, threats and vulnerabilities that could compromise the business

Correct answer: D

Explanation

The correct answer, D, accurately describes Risk Management as a systematic approach to identifying, assessing, and responding to various risks that could impact a business. The other options focus on compliance, policy adherence, or vulnerability reduction, which are related concepts but do not encompass the full scope of Risk Management.