All systems, applications and functional elements may introduce a quantity of risk into an environment. The key to successful business operations is enumerating those risks so that threats to the business can be mitigated.

IRM works closely with the client to understand exactly which assets are to be assessed before investigating, identifying and analysing those vulnerabilities that exist within and around an asset and the existence of relevant threats that could exploit those vulnerabilities.

Once the assessment is complete IRM can deliver either a generalised assessment report or adopt the client specific risk matrices to quantify the identified risks in accordance with their measurement criteria.