Home › CA Final › auditing › Special Aspects of Auditing in an Automated Environment › COSO ERM places "Risk Assessment" as part of whi…
COSO ERM places "Risk Assessment" as part of which component group?
AInternal Environment & Objective Setting
BControl Environment
CInformation & Communication
DMonitoring Activities
Answer & Solution
Correct answer: B. Control Environment
1. Under COSO 2017 ERM, Risk Assessment sits with strategy-and-objective setting.
2. Control environment and monitoring are separate components.
3. Information & communication supports but does not contain risk assessment.
_Source: ICAI BoS CA Final Paper 3, Ch 4 "Special Aspects of Auditing in an Automated Environment"_
Related questions
When evaluating an "Information Produced by the Entity" (IPE) report used as audit evidencA "single ID with admin privileges shared across the IT operations team" is a classic violA robotic process automation (RPA) bot performs three-way matching of PO/GRN/Invoice in thIn data-driven audit, the False-Positive Rate of an exception flag is HIGH. The auditor's Which of the following findings would most likely indicate a Material Weakness in IT generWhich is the BEST control to detect ghost employees in an automated payroll system?A cloud-based accounting application is hosted by a third-party SaaS provider. Under SA 40For Big Data analytics on the audit of a bank's loan portfolio, the MOST informative analy