The COSO enterprise risk management framework includes several components to help organizations manage risk. Two of these components are objective setting and control activities. Objective setting involves establishing goals that align with the entity's mission and vision, providing a basis for identifying potential events that may affect their achievement. Control activities, on the other hand, are actions established through policies and procedures that help ensure management's directives to mitigate risks to achieving the entity's objectives are carried out. Therefore, the correct answer is 1 and 4 only.