Risk assessments should be enhanced at both the headquarters level by DHS management, and individual Components annually, and updated during the year as needed. Examples of areas that should be analyzed and responded to accordingly to enhance the risk assessments include: procedures to expand fraud risk assessments to include processes with higher risk and a known deficiency in control design, implementation, and effectiveness throughout DHS.