Evaluating and approving strategic objectives.

Influencing the organization’s risk-taking philosophy.

Providing assurance directly to third parties that the organization’s governance processes are effective.

Establishing broad boundaries of conduct, outside of which the organization should not operate.

I and IV.

II and III.

I, II, and IV.

I, II, III, and IV.

Assess the organization’s governance and risk management processes.

Provide advice about how to improve the organization’s

governance and risk management processes.

Oversee the organization’s governance and risk management

processes.

Coordinate its governance and risk management-related activities with those of the independent outside auditor.

A divisional controller conducts a peer review of compliance with financial control standards.

An accounts payable clerk reviews supporting documents before processing an invoice for payment.

An accounting supervisor conducts a monthly review to ensure all reconciliations were completed properly.

A production line worker inspects finished goods to ensure the

company’s quality standards are met

An accounts payable supervisor conducting a weekly review to ensure all payments were issued by the required payment date.

A divisional compliance and ethics officer conducting a review of employee training records to ensure that all marketing and sales staff have completed the required FCPA training.

The external audit team observes the counting of inventory on December 31.

An internal audit team conducting an engagement to provide assurance on the company’s Sarbanes-Oxley compliance with internal controls over financial reporting.

Part of the first line of defense.

Part of the second line of defense.

Part of the third line of defense.

Not a line of defense.

Support the board in enterprise wide risk assessment.

Ensure the timely implementation of audit recommendations.

Monitor compliance with the corporate code of conduct.

Discuss areas of significant risks.