Question

Which of the following is not a component of the COSO Enterprise Risk Management Integrated Framework (ERM)?

a. Monitoring.
b. Ethical culture.
c. Risk assessment.
d. Control environment.

Answer 1

b. Ethical culture is not a component of the COSO ERM Integrated Framework.

Step-by-step explanation:

The correct answer is b. Ethical culture.

The COSO Enterprise Risk Management Integrated Framework (ERM) consists of five components:

1. Control environment: This component establishes the tone of an organization, including the integrity and ethical values that guide its operations.
2. Risk assessment: This component involves the identification and analysis of potential risks that may affect an organization's objectives. It helps in developing strategies to manage and mitigate those risks.
3. Control activities: This component encompasses policies, procedures, and activities that are established to ensure that management's directives for risk management are carried out effectively.
4. Information and communication: This component ensures that relevant information is identified, captured, and communicated to appropriate personnel within the organization.
5. Monitoring: This component involves the ongoing assessment of the effectiveness of an organization's risk management processes.

While all the other options mentioned in the question are components of the COSO ERM Integrated Framework, ethical culture is not specifically mentioned as a separate component in the framework.