"Vulnerability assessment is the process of identifying and quantifying vulnerabilities in a system. The system being studied could be a physical facility like a nuclear power plant, a computer system, or a larger system (for example the communications infrastructure or water infrastructure of a region).
Vulnerability assessment has many things in common with risk assessment. Assessments are typically performed according to the following steps:
1. Cataloging assets and capabilities (resources) in a system
2. Assigning quantifiable value and importance to the resources
3. Identifying the vulnerabilities or potential threats to each resource
4. Mitigating or eliminating the most serious vulnerabilities for the most valuable resources
When dealing with computers, vulnerability assessment is also known as "white hat hacking"
When setting up a new business, or fixing an old one, you need to assess the whole business for holes, so that competitors or clients do not take you for a ride. A Vulnerabilty Assessment is VERY important, and must be done thoroughly.
Also look at Risk Assessment/Management