ERM must define the overall risk appetite and communicate it throughout the firm. Objectives must be clearly defined and aligned with the risk appetite. The management must determine strategies to identify risks and opportunities, and strategy setting should be continuous through reassessment. Strategic objectives on operations, reporting, and compliance should be measurable, understood by employees, and supportive of the entity's strategy. The management should regularly monitor achievement of objectives, employee commitment, and customer satisfaction. Monitoring ensures all ERM components continue functioning through ongoing management, separate evaluations, or both.