The framework of COSO's Enterprise Risk Management can best be characterized as:
A) Incorporate enhanced internal control principles into enhanced corporate governance
B) Incorporate enhanced audit sampling procedures in the testing of internal controls
C) Incorporate enhanced corporate governance into internal control principles
D) Incorporate enhanced audit sampling procedures in substantive testing

Question

Quizplus · Accepted Answer

The COSO Enterprise Risk Management framework is designed to incorporate enhanced corporate governance into internal control principles, rather than the other way around. The framework provides a comprehensive approach to managing risks within an organization, utilizing principles such as creating a risk-aware culture, defining risk appetite, and assessing risks across the organization, among others. It is not focused on incorporating enhanced audit sampling procedures or substantive testing.

The Framework of COSO's Enterprise Risk Management Can Best Be