Conduct risk assessment using industry best-practice methodologies.

Risk assessment covers technology, security, policies, procedures, and operational aspects of the business.

Risks are identified and controls (procedural and/or technological) are assessed for adequacy to mitigate risks recommendations for minimising risks.