IRM Security Testing Services is a suite of professional cybersecurity testing services delivered by IRM, a UK-based security firm founded in 1998. The company holds accreditations from NCSC's CHECK and Tailored Assurance schemes, as well as CREST membership. The service offering is divided into three primary areas: **Penetration Testing** Emulates threat actor attacks to evaluate an organisation's cybersecurity posture. Testing is conducted by CREST and Cyber Scheme certified professionals. Specialist testing is available for operational technology (OT) environments, including IoT, SCADA, hardware device reviews, embedded systems, and industrial control systems. **Security Assessments and Reviews** Comprehensive assessments of hardware and operating systems to identify misconfigurations and vulnerabilities across components such as services, network devices, laptops, and mobile devices. Findings are delivered via a full report with remediation guidance. **Scenario-Based Testing** Real-world attack simulations benchmarking an organisation's security posture across applications, networks, physical locations, processes, and personnel. Testing is tailored to likely threat actors and includes red teaming and social engineering exercises.