Control Environment - the organization's governance principles, integrity, ethical values, and the tone set by its leadership.
Risk Assessment - the procedure for identifying and evaluating the risks confronting the organization.
Control Activities - the measures, policies, and procedures implemented to ensure the achievement of the organization's goals.
Information and Communication - the systems and processes in place to provide essential information for informed decision-making and to guarantee that appropriate individuals have timely access to pertinent information
Monitoring - the ongoing process of evaluating the internal control system's effectiveness and making necessary modifications.
