CRISC Certified in Risk and Information Systems Control – Question120 - CRISC Certified in Risk and Information Systems Control

Which of the following aspects are included in the Internal Environment Framework of COSO ERM? Each correct answer represents a complete solution. Choose three.

A. Enterprise's integrity and ethical values
B. Enterprise's working environment
C. Enterprise's human resource standards
D. Enterprise's risk appetite

Correct Answer: ACD

Explanation:

Explanation:
The internal environment for risk management is the foundational level of the COSO ERM framework, which describes the philosophical basics of managing risks within the implementing enterprise. The different aspects of the internal environment include the enterprise’s:

Philosophy on risk management
Risk appetite
Attitudes of Board of Directors
Integrity and ethical values
Commitment to competence
Organizational structure
Authority and responsibility
Human resource standards