Compliance risk assessments are complicated processes with many moving parts. The first article in our series on tackling risk assessments looked at the DOJ’s new guidance in its Evaluation of Corporate Compliance Programs and also discussed the different types of assessment a company could choose to undertake. The remainder of the series will focus on just one of the many types of risk assessments – periodic compliance risk assessments – though many of the considerations and techniques are the same for both broader and narrower assessments. In this article, we examine how companies can choose a team for the undertaking and the techniques that can be used for gathering information. A future article will examine where to look for risks, how to present findings to management and pitfalls to avoid. See our series on conducting effective anti-corruption risk assessments: “An Interview With David Simon, Partner at Foley & Lardner” (Nov. 20, 2013); and “An Interview With Kevin Bennett, Managing Director, Forensic and Valuation Services, at Grant Thornton” (Dec. 4, 2013).