Focuses on the auditor's role in evaluating the effectiveness of the organization's ERM framework, auditing strategic risks, and integrating ERM with the internal audit plan.