With vsRisk, information security risk assessments have never been faster, simpler or easier.
“I found it easy to use… the tool was amazing for doing the job it said it would. I would love a similar tool for other ISO management systems - say for ISO 25999”.
Carol McCarthy, Manager, dsicmm Ltd
vsRisk is fully compliant with ISO 27001:2013 and provides a framework for delivering automated, consistent and repeatable information security risk assessments.
- Includes six pre-populated control sets:
- ISO/IEC 27001:2013 and ISO/IEC 27001:2005
- PCI DSS v3
- NIST SP 800-53
- Cloud Controls Matrix
- ISO/IEC 27032.
- Fully compatible with ISO 27001:2013.
- Includes integrated, searchable databases of threats, vulnerabilities and risk scenarios.
- Produces a set of exportable, reusable and audit-ready ISO 27001-compliant reports.
- a controls console that provides a quick view of the status of controls and actions planned.
- Includes 12 months of free support and version updates.
Download the 15-day free trial now
vsRisk is packed with powerful features, giving you full control of the risk assessment process.
- Select and apply the controls needed for business, legal or contractual reasons before embarking on your risk assessment.
- Link and track controls back to specific documents to record your implementation details.
- Apply either an asset-based or scenario-based risk assessment methodology.
- Review how selected controls map between different standards.
- Easily review all risk actions taken and manage the justification of controls selected.
vsRisk helps you customise your risk assessment requirements.
- Customise your risk acceptance criteria and risk calculation formula.
- Create and add your own assets, risk scenarios and controls.
- Create customised views based on risks, owners, assets, groups and sub-groups.
- Apply and edit the four risk response types: treat, tolerate, transfer or terminate.
- Produce, manage, customise and edit reports.
Additional product information
vsRisk is trusted by leading risk practitioners as the ultimate information security risk assessment tool.
- Integrated security supports single sign-on.
- vsRisk Lite (free, unlicensed product) enables other teams to provide risk information about assets or divisions in their control.
- Helps you assess the confidentiality, integrity and availability (CIA) of assets for business, legal and contractual requirements.
- Features a back up and restore functionality.
- Includes a detailed user manual to take you step by step through the process.
- Includes a conversion tool for current vsRisk users, which helps to quickly map existing controls based on ISO 27001:2005 to ISO 27001:2013 controls.
(Click on the images to enlarge.)
Assign controls to assets
Produce a Statement of Applicability and other audit reports
Manage the status of controls and implementation details from the base controls console
Purchase the Multi-user version
The new vsRisk Multi-user enables up to ten risk assessors in an organization to conduct a comprehensive risk assessment of the assets in their control simultaneously.
Free trial of vsRisk
Download the 15-day free trial of vsRisk and try it for yourself.
- Supports Windows Vista and above.
- Supports Windows 8.
- Windows Excel for reporting and imports where needed.
- The Network-enabled versions require a database server: MS SQL server 2008 R2 and above.
The 2.4 video demonstration is coming soon.
Format: Network enabled