SAP GRC Mock Test

This section presents you various set of Mock Tests related to SAP GRC. You can download these sample mock tests at your local machine and solve offline at your convenience. Every mock test is supplied with a mock test key to let you verify the final score and grade yourself.

Questions and Answers

SAP GRC Mock Test IV

Q 1 - What is the maximum number of authorizations in a role?

A - 100

B - 150

C - 200

D - 250

Answer : B

Q 2 - You can add/delete Transaction Codes for derived roles like single roles?

A - True

B - False

Answer : B

Q 3 - Which of the following is/are critical objects in SAP R/3 system?




D - All of the above

Answer : D

Q 4 - In Virsa compliance Calibrator -> Informer tab, to check SoD violations which of the following view is supported?

A - Violations by risk level

B - Violations by process

C - Both of these

Answer : C

Q 5 - Multiple system disruption like overwriting master data in the system commonly comes under which of the following risk classification?

A - Low

B - Medium

C - High

D - Critical

Answer : B


Critical -

Critical classification is done for risks that contains company’s critical assets that are very likely to be compromised by fraud or system disruptions.

High -

This includes physical or monetary loss or system-wide disruption includes fraud, loss of any asset or failure of a system.

Medium -

This includes multiple system disruption like overwriting master data in the system.

Low -

This includes risk where the productivity losses or system failures compromised by fraud or system disruptions and loss is minimum.

Q 6 - To reduce the impact of risk before it actually occurs is known as?

A - Preventive Mitigation Controls

B - Detective Mitigation Controls

C - None of these

Answer : A

Q 7 - Superuser can act as firefighter and can be used to perform tasks outside of their normal role or profile in an emergency situation?

A - True

B - False

Answer : A

Q 8 - Which of the following standard role under super user privilege management has the ability to configure Firefighter?




D - None of the above

Answer : A



  • Ability to configure Firefighter
  • Assign Firefighter role owners and controllers to Firefighter IDs
  • Run Reports

Q 9 - An SoD risk is comprised of two or more conflicting functions, while a critical action risk is comprised of one function?

A - True

B - False

Answer : A

Q 11 - Global Trade Services allows you to automate and smooth the trade processes and helps you to control the cost and reduce the risk of penalties and also to manage inbound and outbound processes?

A - True

B - False

Answer : A

Q 12 - While maintaining connection types under GRC, which of the following are used for external partner data sources?

A - Local Connector

B - Web service connectors

C - SAP System Connectors

D - None of these

Answer : B


  • Local system connectors are used to integrate with the SAP BusinessObjects Access Control application for monitoring segregation of duty violations.

  • Web service connectors are used for external partner data sources.

  • SAP system connectors are used in all other cases.

Q 13 - The business rule type purely depends on?

A - Business Rule Assignment

B - KRI Templates

C - Data Sources

D - None of these

Answer : C


In SAP GRC 10.0, you can use Business rules to filter the data stream that is coming from the data sources and you can apply the user configured conditions/calculations against that data to determine if there is a problem which requires attention.

The business rule type purely depends on the data source type.

Answer Sheet

Question Number Answer Key
1 B
2 B
3 D
4 C
5 B
6 A
7 A
8 A
9 A
10 D
11 A
12 B
13 C
Kickstart Your Career

Get certified by completing the course

Get Started