The key to development within e-commerce, on line trading and external communications services is the management of risk.

The penetration and compromise of sensitive corporate information using freely downloadable hacking tools are causing serious problems for businesses. Add to this the growing technical complexities of cyberfraud and it is easy to see why companies find they are neither prepared nor equipped to handle incidents correctly when they occur.

Information Risk Management plc addresses the technical and business issues associated with the use of computers in general and the Internet in particular. Strictly product-independent, IRM provides a range of consulting services to address the issues related to the reduction, removal, investigation and management of risks associated with conducting business on line:

• Business issues - including the operation of a Web site, the integration of Internet computer systems with internal resources, the legal and contractual issues on using computers, and the optimisation of order, payment and delivery mechanisms;
• Policy issues - including the establishment of BS7799 security policies, PKI practice statements, and terms and conditions of acceptable use;
• Technical issues - including system security evaluations, data recovery, computer forensics and security incident investigations

With extensive links into law enforcement agencies in the UK and world wide, IRM provides expert pre- and post-incident advice to its customers. This is reflected in our approach to scenario based penetration testing services, our forensic offering and general consultancy services. Such links allow IRM to provide advice and services well in advance of the offerings normally found in the field of information security. All IRM technicians are security cleared. IRM as a matter of policy does not employ contractors.