COSO has this to say about control activities: The organization selects and develops control activities that contribute to the mitigation of risks to the achievement of objectives to acceptable levels. Internal control activities include assigning decision rights, ratifying decisions, and monitoring activities. We described two examples of ratifying activities. Example 1. COSO states approvingly that the audit committee confirms or rejects "the basis for management estimates and proposed accounting policy changes before approving. " Example 2. A capital budgeting committee accepts or rejects proposals for new projects. Required. 1. What are the three objectives that control activities are intended to mitigate the risk of? 2. Pick one of the examples. Describe how the ratifying process works. For full credit, describe (1) who might engage in risk behavior in the absence of the control, (2) what the risk behavior might be in the absence of the control, (3) what the behavior will be in the presence of the control activity