All organisations face a variety of risks associated with the integrity of their data, their communication networks and their information processing systems. Before these risks can be addressed it is important to understand the severity of these dangers, what threats they pose to the business and how they may best be managed.

To achieve this IRM provides a 'Risk Assessment' service. This service involves the categorising and analysis of each threat and building a scenario from which the real exposure can be determined.

IRM provides a flexible approach to risk assessment with most activities falling into two broad categories:

• Penetration Testing
• System Auditing