CRISC Certified in Risk and Information Systems Control – Question220

While considering entity-based risks, which dimension of the COSO ERM framework is being referred?

A.
Organizational levels
B. Risk components
C. Strategic objectives
D. Risk objectives

Correct Answer: A

Explanation:

Explanation: The organizational levels of the COSO ERM framework describe the subsidiary, business unit, division, and entity-levels of aspects of risk solutions.
Incorrect Answers:
B: Risk components includes Internal Environment, Objectives settings, Event identification, Risk assessment, Risk response, Control activities, Information and communication, and monitoring.
C: Strategic objectives includes strategic, operational, reporting, and compliance risks; and not entity-based risks.
D: This is not a valid answer.