Undertaking Risk Assessment – Determining Proactive Internal Control