Which of the following is an internal audit team's function within risk management?

This task typically falls under the responsibilities of risk management or risk assessment teams rather than internal audit teams. Defining an organization's exposure posture involves evaluating the potential risks the organization faces, which is outside the scope of the internal audit's primary focus on compliance and controls.

While the internal audit team may assess compliance with regulatory requirements, the implementation of these requirements is generally the responsibility of operational management and compliance teams. The internal audit’s role is more about evaluating adherence rather than executing the regulatory mandates.

Defining and updating control monitoring processes is typically a function of management and internal control frameworks. The internal audit team may review these processes for effectiveness but does not usually take the lead in their definition or updates, as this is more aligned with a proactive management role.