IT an organization is large enough, a single risk assessment may not be as useful as separate risk assessments. In this case, it is ercommended that a different assessments and team be used for each major business unit, each significant business process that crosses business units, the corporate unit (executives