Is your organisation compliant with the ISO27001:2005 Information Security Management standard? If yes, then you will know that effective risk management is at the heart of the maintenance and continual improvement to the management of information security in your organisation.
How will you ‘review risk assessments at planned intervals and review the residual risks’ as required by ISO27001?
As an experienced ISO27001 consultancy, we always recommend that our customers use an automated risk assessment tool to initially achieve compliance with this standard. The real value in using such a software tool is that all data such as assets, threats, vulnerabilities and controls are retained to support future reviews. Ensure that residual risk remains exactly where you want it – beneath the risk acceptance criteria.
|vsRisk™ 1.5 from Vigilant Software is a database tool that delivers ISO27001 risk assessment and support for the Best Practice methodology as outlined in ISO27002. It has been specifically designed for supporting the initial risk assessment required for compliance AND the subsequent regular reviews of risk assessments which are essential to maintain compliance.|
This software toolkit offers the following features:
- Asset-by-asset identification of threats and vulnerabilities
- Assess confidentiality, integrity & availability against each asset
- Process to assign all relevant ISO27001 Annex A controls
- Integrated threat and vulnerability databases updated at regular intervals
- Produces an audit-ready Statement of Applicability.
vsRisk™ provide the complete ISO27001 risk assessment solution ensuring that you not only achieve compliance to ISO27001 but also maintain full compliance and continually improve the management of information security in your organisation.
For further information or to arrange to receive a free evaluation version of vsRisk, please email our Service Centre team (email@example.com ) or call direct on 0845 070 1750.
PS. For a more detailed understanding of risk assessment and how the vsRisk software tool is used, we can recommend the purchase of ‘Information Security Risk Management for ISO27001 / ISO27002’ by Alan Calder and Steve Watkins which is available exclusively from the ITGP Book Store.