CRISC Certified in Risk and Information Systems Control – Question099 - CRISC Certified in Risk and Information Systems Control

Which of the following are risk components of the COSO ERM framework? Each correct answer represents a complete solution. Choose three.

A. Risk response
B. Internal environment
C. Business continuity
D. Control activities

Correct Answer: ABD

Explanation:

Explanation: The risk components defined by the COSO ERM are internal environment, objective settings, event identification, risk assessment, risk response, control objectives, information and communication, and monitoring.
Incorrect Answers:
C: Business continuity is not considered as risk component within the ERM framework.