CRISC Certified in Risk and Information Systems Control – Question196
Which of the following items is considered as an objective of the three dimensional model within the framework described in COSO ERM? A. Risk assessment B. Financial reporting C. Control environment D. Monitoring
Correct Answer: B
Explanation:
Explanation:
The COSO ERM (Enterprise Risk Management) frame work is a 3-dimensional model. The dimensions and their components include:
Strategic Objectives – includes strategic, operations, reporting, and compliance.
Risk Components – includes Internal Environment, Objectives settings, Event identification, Risk assessment, Risk response, Control activities, Information and communication, and monitoring.
Organizational Levels – include subsidiary, business unit, division, and entity-level.
[/*]
The COSO ERM framework contains eight risk components:
[*]
Internal Environment
Objective Settings
Event Identification
Risk Assessment
Risk Response
Control Activities
Information and Communication Monitoring
Section 404 of the Sarbanes-Oley act specifies a three dimensional model- COSO ERM, comprised of Internal control components, Internal control objectives, and organization entities. All the items listed are components except Financial reporting which is an internal control objective.
Incorrect Answers: A, C, D: They are the Internal control components, not the Internal control objectives.
Please disable your adblocker or whitelist this site!