The purpose of NSA IEM is to perform methodical hands on testing of a network environment to discover any and all vulnerabilities. Each vulnerability is documented and analyzed for impact criteria, recommendations are then tailored to the goals of the organization, based on the results of the NSA IAM which focused on the organizational aspect.The NSA IEM report outlines the technical perspective of a security evaluation with 10 baseline activities. Both the IAM and IEM methodologies are repeatable and systematized to gain the most value from ongoing security assessments and evaluations.