Certified Internal Auditor (CIA) Part 1: Business Acumen — Question 100

Which of the following best describes the underlying premise of the COSO enterprise risk management framework?

Answer options

• A. Management should set objectives before assessing risk.
• B. Every entity exists to provide value for its stakeholders.
• C. Policies are established to ensure that risk responses are performed effectively.
• D. Enterprise risk management can minimize the impact and likelihood of unanticipated events.

Correct answer: B

Explanation

The correct answer, B, emphasizes that the main purpose of any organization is to create value for its stakeholders, which is a core principle of the COSO framework. Options A, C, and D, while relevant to risk management, do not capture the fundamental essence of the framework's purpose as accurately as option B.