COSO Framework- Questions & Answers
Risk Assessment (4) Correct Ans-6. the organization specifies objectives with sufficient
clarity to enable the identification and assessment of risks relating to objectives
7. identifies risks to the achievement of its objectives across the entity and analyzes risks as a
basis for determining how the risks should be managed
8. considers the potential for fraud in assessing risks to the achievement of objectives
9. the organization identifies and assess changes that could significantly impact the system of
internal control
Control Activities (3) Correct Ans-10. selects and develops control activities that contribute
to the mitigation of risks to the achievement of objectives to acceptable levels
11. selects and develops general control activities over technology to support the achievement of
objectives
12. deploys control activities through policies that establish what is expected and procedures that
put policies into action
Information and Communication (3) Correct Ans-13. obtains or generates and uses relevant,
quality info to support the functioning of other components of internal control
14. internally communicates info, including objectives and responsibilities for internal control,
necessary to support the functioning of other components of internal control
15. communicates with external parties regarding matters affecting the functioning of other
components of internal control
Risk Assessment (4) Correct Ans-6. the organization specifies objectives with sufficient
clarity to enable the identification and assessment of risks relating to objectives
7. identifies risks to the achievement of its objectives across the entity and analyzes risks as a
basis for determining how the risks should be managed
8. considers the potential for fraud in assessing risks to the achievement of objectives
9. the organization identifies and assess changes that could significantly impact the system of
internal control
Control Activities (3) Correct Ans-10. selects and develops control activities that contribute
to the mitigation of risks to the achievement of objectives to acceptable levels
11. selects and develops general control activities over technology to support the achievement of
objectives
12. deploys control activities through policies that establish what is expected and procedures that
put policies into action
Information and Communication (3) Correct Ans-13. obtains or generates and uses relevant,
quality info to support the functioning of other components of internal control
14. internally communicates info, including objectives and responsibilities for internal control,
necessary to support the functioning of other components of internal control
15. communicates with external parties regarding matters affecting the functioning of other
components of internal control
