To consider the risk and rearrange internal audit activities.
To set objective and process to use for the control activity.
To set degree of risk.
To set the process to manage the impact that is a result of the risk for acceptable.
To set the effectiveness level of risk manage and control activity.