KT-CG Risk management alignment

Third-party risk scores are collected but not tied to contract renewals. Gap?

Multiple choice — select one answer

Answer choices

  1. a. Vendors never pose risk, without security or identity team coordination per policy.
  2. b. Risk management not integrated into procurement lifecycle
  3. c. HIPAA bans vendors, without security or identity team coordination per policy.
  4. d. Scores replace all technical controls, without security or identity team coordination per policy.

Architectural breakdown & explanation

TPRM should influence renewals and monitoring.

Correct answer(s): b. Risk management not integrated into procurement lifecycle

Exam domain: Risk management alignment (20% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the KeyTrain's Key Training — Compliance & Governance bank. Run a full timed practice exam with domain-weighted random questions in your browser.