Effective risk management is the key to achieving ISO 27001 certification, and to maintaining and improving an ISMS (information security management system), but this can be time-consuming, daunting and complex.
ISO 27001 risk assessments must give consistent, valid and comparable results. Our experience as an ISO 27001 consultancy has shown that it can be difficult to define a robust and effective risk assessment methodology that is inexpensive to maintain over the term of your ISMS certification.
ISO 27001 risk management can be:
- Time consuming –
requiring days of recording and cross-referencing information assets, threats and impacts, and applying mitigating controls.
- Daunting and complex –
requiring practical skills and knowledge to ensure that risk assessment, risk treatment and monitoring/review are carried out effectively.
The solution is to deploy vsRisk, the specialist ISMS risk assessment tool, AND to get properly trained as an effective risk assessor.
For a short time only, IT Governance is making it easier and more cost-effective than ever before to do both.
Purchase any version of vsRisk AND book a place on the ISO 27005 Certified ISMS Risk Management training course on 20-22 July, and we will take £500 off the cost of either of these products.
Ensure you have the right skills and tools for the job and buy vsRisk software and ISO 27005 Certified ISMS Risk Management training now