CIS-DF Exam Dumps : Certified Implementation Specialist - Data Foundations (CMDB and CSDM)

In Data Foundations, “Govern” is about putting repeatable, controlled mechanisms in place to keep CMDB data healthy over time. Duplicate CI cleanup is a governance activity because duplicates degrade trust, break reporting, create incorrect service impacts, and cause operational confusion (for example, incidents linked to the wrong CI). The preferred approach is to use the guided and purpose-built de-duplication experience designed for CMDB administrators rather than relying on generic task lists or ad-hoc work.

The de-duplication dashboard in CMDB Workspace is the preferred place because it centralizes duplicate identification, prioritization, and remediation in a single operational experience. It typically provides visibility into suspected duplicates, helps users review records side-by-side, and supports controlled actions (such as merge/retire workflows, depending on configuration) while maintaining auditability. This aligns with Data Foundations’ emphasis on standard processes and consistent remediation patterns rather than one-off manual fixes.

“My Tasks” is a generic work queue and does not provide the purpose-built context or tooling required to confidently resolve duplicates in a safe, repeatable way. A standalone “de-duplication task module” may exist as a navigation entry, but the recommended operational method is to use the workspace dashboard where duplicate remediation is organized and guided as part of CMDB health and governance. Therefore, the correct answer is the de-duplication dashboard on CMDB Workspace.

The Run tab in the CSDM Data Foundations Dashboard focuses on enabling operationalized, risk-aware use cases, including Integrated Risk Management (IRM) and Entity Scoping. These use cases require organizations to understand what data is processed, where it resides, and which technical components are involved, rather than only service impact for ITSM.

Information Objects play a central role at this stage.

Option A is correct because Business Applications related to Information Objects allow organizations to identify what types of data (PII, PCI, PHI, regulated data) are processed by each business application. This relationship is essential for risk classification, regulatory compliance, and audit scoping in IRM. Without it, risk assessments lack data sensitivity context.

Option D is also correct because Logical CIs (such as databases, schemas, or data stores) related to Information Objects establish where sensitive data is stored or processed at a technical level. This enables IRM to trace risk from business context down to technical exposure, supporting control testing, issue management, and remediation prioritization.

Option B (Location hierarchy) supports foundational data quality but does not directly enable risk or entity scoping. Option C (Business Applications to Application Services) is critical for service impact and Change/Incident Management, but it is more aligned to service operations rather than risk and data-centric scoping, which is the focus of the Run playbooks for IRM.

Therefore, the correct answers are A and D, as they directly support IRM entity scoping, regulatory analysis, and risk visibility through CSDM-aligned data modeling.

In the Common Service Data Model (CSDM), the Incident form is designed to capture operational impact and enable effective incident routing, prioritization, and communication. To achieve this, CSDM prescribes using classes that represent how services are delivered and consumed, not how they are planned or governed.

Application Service (Option A) is an appropriate class on the Incident form because it represents the technical service that is running in production and is directly impacted during an incident. Application Services are service-mapped, relate to underlying infrastructure, and support impact analysis, root cause investigation, and automated assignment. This makes them ideal for associating incidents with technical outages or degradations.

Service Offering (Option C) is also appropriate because it represents how a service is consumed by users or business units. Service Offerings allow Incident Management to understand who is affected, enable targeted communications, and support SLA/OLA alignment. For example, an email service offering for a specific department clearly identifies the impacted consumer group.

Business Application (Option B) is not recommended on the Incident form. Business Applications are logical representations used for portfolio, ownership, and governance purposes, not day-to-day operational incident handling. Using them directly on incidents can reduce precision and automation.

Service Portfolio (Option D) is a strategic construct used for service lifecycle management and is never associated with operational incidents.

Therefore, according to CSDM best practices, the correct classes used on the Incident form are Application Service and Service Offering, making Options A and C the correct answers.