In partnership with CESG, IRM is an IT Health CHECK service provider approved to supply IT Health CHECK services and consulting aligned with HMG policy and CESG guidelines.

IRM is a CHECK approved company. All CESG CHECK Team Leaders and Team Members are vetted to Security Check (SC) level and Team Leaders must successfully complete the CESG technical assault course. Please click here for more details.

CLAS is the acronym for CESG Listed Advisor Scheme. CLAS was started in 1998 by CESG to vet external consultants delivering information security advice and assistance to government departments and clients. IRM's CLAS consultants provide best practice advice aligned with HMG Information Security Standards and Procedures.

IRM is a member of The Council of Registered Ethical Security Testers (CREST), which is a standards-based organisation for penetration test suppliers that incorporates a best practice technical certification programme for individual consultants. For more information please visit the CREST website

IRM have passed the MasterCard SDP Program which is designed to help members, merchants and Service Providers - Third Party Processors (TPPs) and Data Storage Entities (DSEs) - proactively protect themselves and their overall payment system against the threat of compromises. The SDP Program certifies selected security consultancies that pass a series of vigorous tests, measuring their ability to identify vulnerabilities in security processes, procedures and website configurations. The programme automatically accredits IRM with all the major credit cards shown here. For more information on the SDP Program, please visit the MasterCard website

IRM has been certified by the PCI Security Standards Council as a: Qualified Security Assessor Company (QSAC), Payment Application Best Practice (PABP, soon to be PA-DSS), Qualified Forensic Investigator (QFI) and many IRM consultants hold Qualified Security Assessor (QSA) status. For more information on PCI DSS please visit www.pcisecuritystandards.org 

CVE stands for Common Vulnerabilities and Exposures and is a dictionary of common names for publicly known information security vulnerabilities. The goal of CVE is to make it easier to share data across separate vulnerability databases and security tools. IRM is fully certified for CVE compatibility, offering CVE protocol in all the IRM security services. To view IRM's CVE certificate, please click here. For more information on CVE, please visit the CVE website

IRM provides technical support and technical training to police officers who work within regional computer crime squads for the National Policing Improvement Agency (NPIA, formerly Bramshill Police Staff College).

The National Computing Centre is the UK's foremost independent IT membership organisation. IRM have a cooperative agreement to define and promote practical standards, best practice guidelines and user awareness of information security to industry, government and academia.

The Institute of Internal Auditors (IIA) is the primary international professional association dedicated to the promotion and development of the practice of internal auditing. IRM holds a cooperative agreement with IIA to provide advice and guidance on information security auditing and governance issues. 

IRM is a member of the Information Systems Audit and Control Association (ISACA), the recognised global leader in IT governance, control and assurance. IRM complies with IS auditing and IS control standards and provides advice on Certified Information Systems Auditor (CISA) and Certified Information Seurity Manager (CISM) qualifications.

IRM is a founding member and contributor to best practice in information security for the Institute for Communications Arbitration and Forensics. IRM provides 'expert witness' testimony in forensics cases, including cases of mobile phone fraud. 

IRM was the first accredited UK training partner for the Open Source Security Testing Methodology Manual (OSSTMM), which is a peer-reviewed methodology for performing security tests and metrics.