CIMP Cheat Sheet 2026

The 30 highest-yield CIMP facts, distilled from real exam questions. Print it, save it as a PDF, or study it here — free, no sign-up.

100 questions
120 min time limit
70.00% to pass
  1. What characterizes a high-performing team? Clear goals, mutual trust, open communication, and shared accountability
  2. What is the primary risk associated with orphaned accounts in an identity management system? Unauthorized access by former employees or attackers
  3. What is a Separation of Duties (SoD) conflict in identity governance? A situation where one user has access rights that together could enable fraud or error
  4. What should an effective professional report include? Clear objectives, methodology, findings, analysis, and actionable recommendations
  5. How should conflicts within a team be addressed? Promptly and directly, focusing on issues rather than personalities
  6. Why is data visualization important in professional reporting? It makes complex data more accessible and easier to understand quickly
  7. What should be the first action when a new regulation is enacted that affects your practice? Review the regulation, assess its impact, and develop an implementation plan
  8. What is 'birthright access' in the context of identity provisioning? The baseline set of entitlements automatically granted to all new users upon joining
  9. Which approach to compliance is considered most effective? A proactive approach that integrates compliance into daily operations
  10. What should be considered before implementing new technology? Cost, compatibility with existing systems, training needs, and security implications
  11. What should be done when strategic implementation encounters unexpected obstacles? Assess the situation, adjust the plan as needed, and communicate changes to stakeholders
  12. What is the appropriate action when discovering a colleague has violated professional standards? Report through proper channels as outlined in the code of ethics
  13. What is a dashboard in the context of data reporting? A visual display that consolidates key metrics and indicators in real-time
  14. How often should compliance procedures be reviewed and updated? Regularly, and whenever regulations change or new risks are identified
  15. What is the purpose of a risk register? To document, track, and manage all identified risks throughout a project or operation
  16. What is an audit trail in the context of documentation? A chronological record that allows tracing of changes and decisions back to their source
  17. Which process ensures that user access rights remain accurate and aligned with current job roles over time? Access certification/attestation
  18. What should a communication plan include at minimum? Stakeholder list, message content, channels, frequency, and responsible parties
  19. How should negative or difficult information be communicated to stakeholders? Honestly and promptly, with proposed solutions or mitigation steps
  20. What are the key characteristics of effective documentation? Accurate, complete, timely, legible, and objective
  21. When an employee transfers from the finance department to the IT department, which identity lifecycle best practice should be applied? Remove finance entitlements and grant IT entitlements
  22. Why is continuous improvement important in quality management? Because standards evolve, competitors improve, and customer expectations change
  23. In identity lifecycle management, what is a 'Joiner' workflow typically initiated by? An HR system event such as a new hire record being created
  24. What does "informed consent" require in professional practice? Providing complete, understandable information so individuals can make voluntary decisions
  25. What is the primary goal of Identity Governance and Administration (IGA) in an enterprise? Ensure the right individuals have appropriate access to the right resources
  26. What is delegation in the context of team management? Assigning tasks and authority to team members while maintaining accountability
  27. When communicating with diverse stakeholders, what approach is recommended? Adapt communication style and detail level to each stakeholder group
  28. The 'joiner-mover-leaver' model in identity lifecycle management refers to which three phases? Hire, Transfer, Terminate
  29. What is the purpose of an Identity Provider (IdP) in a federated identity model? To authenticate users and issue identity assertions that are trusted by service providers
  30. Which foundational principle is most critical to professional practice in this field? Evidence-based decision making and continuous improvement
Turn these facts into recall: