Monitoring and controlling We carry out a risk assessment of our data security arrangements every year. Any issues identified by a risk assessment are reviewed by the Managing Director and any actions required are addressed.