Clearwater IRM|Pro is an enterprise cyber risk management and healthcare compliance software platform designed for healthcare providers, payers, and business associates. The platform consists of multiple modules that address different aspects of healthcare security and compliance. IRM|Analysis provides enterprise-wide, NIST-based risk analysis across ePHI assets and medical devices. It evaluates vulnerabilities and threats, assesses risk, and manages risk remediation with an enterprise view of exposures and actionable insights. IRM|Security is a compliance assessment tool for performing periodic Security Assessments as required by the HIPAA Security Rule. It assesses compliance with all standards and implementation specifications, identifies gaps in compliance programs, and manages remediation actions. IRM|Privacy manages compliance with the HIPAA Privacy and Breach Notification Rules. It assesses organizational compliance with these rules, identifies gaps, and organizes remediation plans. IRM|405(d) HICP is a specialized tool for assessing 405(d) Health Industry Cybersecurity Practices, providing a streamlined approach to evaluating these specific healthcare cybersecurity standards. The platform addresses the limitations of spreadsheet-based approaches by accounting for the unique threats, vulnerabilities, and risks specific to each healthcare organization.