Skip to content
Home » How we work

How we work

“Corporations don’t do pentesting, people do”, our consultants have strong industry experience and expert technical ability. We couple this experience with a thorough methodical approach to provide clients with meaningful vulnerability identification.

Our flexible approach helps you gain an understanding of the issues in real time and mitigate critical findings swiftly. Daily debrief sessions to discuss findings and agree testing plans for the next day enable us to guide and amend complex engagements to deliver focused results that are great value to your business.


Whilst every pentest varies due to the scope and nature of the systems involved, penetration testing will follow our custom developed methodologies and checklists which have been designed to exceed recognised industry standards such as NIST, OSSTMM, OWASP and PTES.

We work in line with all industry good practice to deliver consistent results; ISO27001The Cyber SchemeOWASPMITRE ATT&CK

The Cyber Scheme

RM Information Security has chosen The Cyber Scheme as its preferred certification for penetration testing. Our consultants have achieved the senior level Cyber Scheme qualification “Cyber Scheme Team Leader (CSTL) Web Application”.

Cyber Scheme RM Information Security
RM Information Security Cyber Scheme Certified Consultants

ISO27001 and ISO9001 Certified

At RM Information Security, we take the security and confidentiality of our customers’ data very seriously.

We are proud to announce that we have achieved the prestigious ISO 27001 and ISO9001 certifications, demonstrating our unwavering commitment to the highest standards of Information Security and Quality Management.

ISO 9001
ISO 27001

Whilst using a checklist provides comprehensive coverage, we are conscious that penetration testing is an iterative process. Therefore the consultant’s experience and intuition is vital in identifying more complex vulnerabilities. This is where RM Information Security’s human approach to technology is most evident.

How we work

Requirements Gathering

  • Scoping discussion
  • Proposal document
  • Technical walk through

Initiating the project

  • Project initiation
  • Authorisation to test
  • Confirming access credentials

Test phase

  • Testing methodology
  • Test data security
  • Issues and findings notification


  • Report production
  • CVSS risk rating
  • Audit / client facing reports


  • Data destruction
  • Consultation / debrief sessions
  • Retesting / fix testing

Penetration Testing Services

Get in Touch – We’re All Ears!

At RM Information Security we love to chat. Reach out to us however you feel most comfortable. We can’t wait to hear from you.

📞 Give Us a Ring:
Eager to chat? So are we! Call us directly at +44 0161 825 7 939

📧 Drop Us a Line:
More of an email person? We get it. Shoot us an email at, and we’ll get back to you pronto!

📍 Visit Our Headquarters:
Feel like having a face-to-face? You’re always welcome at our cozy office nestled in the heart of Manchester’s tech scene. Here’s where you can find us:

Manchester Technology Centre
Oxford Road
M1 7ED

We’re looking forward to connecting with you!