Can you guys help me interprete this question? I am doing the sims for ninja and I am thrown off by this question
The independent auditor has told your company that its risk management process is not adequate. In a written response to the auditor's finding, the company has mentioned that it will consider the following items in its risk management process: risk assessment, control activities, information and communication, and monitoring. As an internal auditor, you are familiar with COSO's Enterprise Risk Management—Integrated Framework, and you realize that there are other components the company should be addressing both in its memo and in its process. Draft a memo to your supervisor suggesting the additional four elements of the ERM framework and provide a definition for each one.
The question is asking for the framework for ERM and but they mention CRIME in the question so I went with SORC mnemonic and that was wrong. Why?
AUD-77
BEC-70,73,68,74 SH##!!!!!, 80
REG-73,76
FAR -74,82
Ethics here I come!!