Testing is performed to identify the risks faced from internal staff, consultants, or disgruntled employees, unauthorised physical access or a compromise of the perimeter security. Internal threats comprise more then 60% of the total threat portfolio. When conducting an internal assessment the analyst is located within the perimeter of the private network. Internal analysis include one or more of the following types of assessments depending on the requirement:

• Threat Modelling
• FullView Assessments
• BroadView Assessments
• RealView Assessments
• Firewall and Third Party Assessments
• Remote Access Assessments
• Database Assessments
• Application Assessments