Final answer:
The COSO Internal Control framework focuses on internal controls for operations, financial reporting, and compliance, whereas the Enterprise Risk Management framework offers a comprehensive approach to risk that includes strategy alignment and influences on decision-making.
Step-by-step explanation:
The primary difference between the Committee of Sponsoring Organizations (COSO) Internal Control - Integrated Framework (IC) and Enterprise Risk Management - Integrated Framework (ERM) lies in their scope and depth of risk management strategy. The IC framework is mainly focused on internal control with objectives that include effective and efficient operations, reliable financial reporting, and compliance with laws and regulations.
In contrast, the ERM framework provides a more comprehensive risk management approach. It expands on the IC framework to include risk strategy alignment, risk in decision-making processes, and broader risk coverage impacting the organization's strategic objectives.
While both frameworks aim at mitigating risk and ensuring organizational control, ERM encompasses a broader view that accommodates all types of risk affecting an organization's strategy and operations. Therefore, organizations seeking a more holistic approach to risk management often gravitate towards adopting the ERM framework.