New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

CTPRP Questions Bank

Page: 3 / 9
Total 125 questions

Certified Third-Party Risk Professional (CTPRP) Questions and Answers

Question 9

Which factor is MOST important when scoping assessments of cloud-based third parties that access, process, and retain personal data?

Options:

A.

The geographic location of the vendor's outsourced datacenters since assessments are only required for international data transfers

B.

The identification of the type of cloud hosting deployment or service model in order to confirm responsibilities between the third party and the cloud hosting provider

C.

The definition of requirements for backup capabilities for power generation and redundancy in the resilience plan

D.

The contract terms for the configuration of the environment which may prevent conducting the assessment

Question 10

Which action statement BEST describes an assessor calculating residual risk?

Options:

A.

The assessor adjusts the vendor risk rating prior to reporting the findings to the business unit

B.

The assessor adjusts the vendor risk rating based on changes to the risk level after analyzing the findings and mitigating controls

C.

The business unit closes out the finding prior to the assessor submitting the final report

D.

The assessor recommends implementing continuous monitoring for the next 18 months

Question 11

Which cloud deployment model is focused on the management of hardware equipment?

Options:

A.

Function as a service

B.

Platform as a service

C.

Software as a service

D.

Infrastructure as a service

Question 12

Which type of external event does NOT trigger an organization ta prompt a third party contract provisions review?

Options:

A.

Change in company point of contact

B.

Business continuity event

C.

Data breach/privacy incident

D.

Change in regulations

Page: 3 / 9
Total 125 questions