Which of the following are risk components of the COSO ERM framework?
Each correct answer represents a complete solution. Choose three.
A.
Risk response
B.
Internal environment
C.
Business continuity
D.
Control activities
Explanation:
The risk components defined by the COSO ERM are internal environment, objective settings,
event identification, risk assessment, risk response, control objectives, information and
communication, and monitoring.
Answer C is incorrect. Business continuity is not considered as risk component within the ERM
framework.