Protecting the critical assets of our businesses is the goal of information security and knowing what the risks to these assets are is crucial. Sometimes the executives are blissfully unaware of or ignoring risks to their business information. Sometimes IT or security professionals in the organisation know the risks and maybe have a difficult time getting the message across to executive level, especially when there is a cost involved. Often what is needed is an external viewpoint – an independent voice. Integrity360's GRC Practice can assist with this. We can provide that independent assessment, together with a business impact analysis and communicate this in a meaningful business language that will be understood by the business.