Control self-assessments (CSAs) can be used to:

Control self-assessment (CSA) is a process that allows business units to evaluate the effectiveness of internal controls. It is primarily used to establish baselines (Option B) for measuring control effectiveness and risk management.

ISACA CISA Reference: CSA is a recognized internal control mechanism that supports risk assessment and control improvement.

Risk Implication: If CSAs are not conducted properly, organizations may lack visibility into weak controls, increasing exposure to risks.

Alternative Choices:

Option A: CSA does not focus on asset valuation.

Option C: Strategic business goals are assessed separately through governance processes.

Option D: CSA complements, but does not replace, formal audits.