Reducing the risks associated with corporate network vulnerabilities, the potential for attacks by external or internal intruders on information resources and infrastructure by conducting audits and determining areas where protection needs to be strengthened