What We Do

Information Risk Management Plc (IRM) is a vendor-independent information security consultancy with 10 years' experience working with large enterprises, helping our clients identify and mitigate the risks inherent in today's increasingly interconnected business environments. Today our services include a wide range of technical penetration tests, complemented with a wealth of security management and risk assessment options, covering the full spectrum of our clients' information security requirements.

Professional Services


From a simple vulnerability scan to a full application security test incorporating code review and architecture analysis, IRM's range of technical services can help your organisation ensure its security.

Security Management


IRM has an extensive portfolio of information security management expertise, ranging from strategic information risk management to meeting corporate governance and compliance obligations, encompassing technical investigations which impact business risk management.

PCI Compliance


IRM is a Qualified Security Assessor Company (QSAC) and a Qualified Forensics Investigator (QFI) for all payment cards and has specialist consultants with full QSA status available to advise clients on all aspects of their route to PCI DSS compliance as well as conducting formal PCI DSS assessments.