CRISC Certified in Risk and Information Systems Control – Question120

Which of the following aspects are included in the Internal Environment Framework of COSO ERM? Each correct answer represents a complete solution. Choose three.

A.
Enterprise's integrity and ethical values
B. Enterprise's working environment
C. Enterprise's human resource standards
D. Enterprise's risk appetite

Correct Answer: ACD

Explanation:

Explanation:
The internal environment for risk management is the foundational level of the COSO ERM framework, which describes the philosophical basics of managing risks within the implementing enterprise. The different aspects of the internal environment include the enterprise’s:

  • Philosophy on risk management
  • Risk appetite
  • Attitudes of Board of Directors
  • Integrity and ethical values
  • Commitment to competence
  • Organizational structure
  • Authority and responsibility
  • Human resource standards