"Management considers how its risk culture affects and aligns with other elements of enterprise risk management. Where misalignment
exists, management may take steps to re-shape the culture – perhaps by rethinking its risk philosophy and risk appetite –
or how it applies enterprise risk management."
COSO