(B)  Event identification
                    The Company analyzes, searches, or identifies situations of risks that may originate from internal or external
             factors and may affect the organization’s achievement of its objectives and goals.

      70
                    (C)  Risk assessment
                    The Company analyzes the likelihood of risks and impact criteria of said risks, for both before and after the
             implementation of the current risk control measure. The Company implements both quantitative and qualitative
             risk assessment tools and after the assessment it deems that the risks are still over the acceptable level, the Company
             will initiate additional risk management procedures, in order to reduce the level of risk to the level that is acceptable
             to the Company.


                    (D)  Risk response
                    After identifying significant risks, and the underlying causes and the acceptable level of such risks, the
             Company will specify and create the risk management guideline, measures, and policies, as necessary.
                    The Company respond to or manage risks by choosing:
                    1.  Risk acceptance; this means the acceptance of the potential risks of its operation, under the acceptable
                       level of risks for the organization.
                    2.  Risk reduction; this means additional  operations for reducing the possibility or the effects of those risks
                       to the acceptable level.
                    3.  Risk avoidance; this means additional operations for canceling or avoiding activities that create risks.
                    4.  Risk transfer; this means collaborative risk management where risks are partially divided with other
                       individuals or organizations.