The framework to be used by management in its internal control assessment under requirements of SOX is the:
A)COSO internal control framework.
B)COSO enterprise risk management framework.
C)COBIT framework.
D)All of the choices are correct.

Question

Quizplus · Accepted Answer

The Sarbanes-Oxley Act (SOX) does not specify a particular framework to be used for internal control assessments, allowing companies to choose the most appropriate framework for their circumstances. The COSO Internal Control Framework, COSO Enterprise Risk Management Framework, and COBIT (Control Objectives for Information and Related Technologies) Framework are all recognized and widely used frameworks for internal control and risk management that companies can use to comply with SOX requirements.

The Framework to Be Used by Management in Its Internal