How are organizational policies defined?
How is risk assessment materiality defined?
What is risk assessment precision?
Based on the COSO internal control framework, how is control activities defined?