Risk assessment aims to identify, assess, and manage risks that could affect the entity’s ability to reach its major objectives. Once risks are identified, management considers the significance of the risks, the probabilities, and ways to manage them. Management may address specific risks or it may decide to accept a risk because of cost or other considerations. Risks can arise or change due to changes in regulatory or operating environment, personnel, or information systems; to rapid growth; and to new technology, lines of business, products, or activities.