The overall aim of this dissertation is to carry out an Information Technology risk management assessment within a hospital. This will form the basis of recommendations for a revised contingency proposal. In this instance St. Vincent's University Hospital (St Vincent's) will provide the basis for this dissertation. Every day a large volume of data is processed throughout the hospital. There are a number of systems of varying importance running on an array of servers of different types and scale and in some instances using different network protocols. Due to the nature of this healthcare organisation, confidential medical files are constantly being generated. It is essential that the hospital's information systems are protected, that data is backed up and adequate security is maintained. Should these systems be compromised, it is essential that they are restored as quickly as possible. The risk management analysis involves all aspects of an organisation, incorporating the Information Technology (IT) Department, and hospital stakeholders including management and staff. This dissertation (in chapter 5) will contain an examination of the current systems that are used for the processing of the organisations information. By examining the flow of information, the study will assess how the information is saved and also the ways it can be protected.