An ISMS (information security management system) certified to the international standard ISO 27001 demonstrates that your organisation manages its information security in line with international best practice.
IT Governance’s sister company Vigilant Software aims to make data protection, cyber security, information security and risk management straightforward and affordable for all.
Its integrable, Cloud-based software tools will help your ISO 27001 compliance journey.
Regular risk assessments ensure the security measures you implement are relevant, efficient and cost-effective.
According to Section 6.1.2 of ISO 27001, the information security risk assessment process must:
- Establish and maintain certain information security risk criteria;
- Ensure that repeated risk assessments “produce consistent, valid and comparable results”;
- “Identify risks associated with the loss of confidentiality, integrity and availability for information within the scope of the information security management system”;
- Identify the owners of those risks; and
- Analyse and evaluate information security risks according to certain criteria.
Most importantly, organisations must “retain documented information about the information security risk assessment process” so they can demonstrate that they comply with these requirements.
Manual risk assessment methods are time-consuming and expensive, and often suffer from data and process inconsistencies that undermine the integrity and dependability of their results.
vsRisk Cloud is an online ISO 27001 risk assessment software tool that helps you conduct fast, accurate and consistent ISO 27001-compliant risk assessments.
It delivers the results you need in order to achieve your organisation’s risk management objectives consistently and cost-effectively year after year.
With vsRisk Cloud, you don’t need to spend time developing a risk assessment methodology or on costly trial and error: you can immediately get to work on the actual risk assessment, which means you get actionable results much sooner.
vsRisk Cloud will also save you time maintaining your risk assessment: its robust methodology means that upcoming risk reviews and further risk assessments can be performed quickly, consistently and cost-effectively.
With nearly ten years of development invested in it, vsRisk Cloud incorporates feedback and experience from hundreds of ISO 27001 risk assessments, and is supported by an ongoing investment and user support programme that brings additional useful functionality and features to help you continually improve your ISMS.
Learn more about vsRisk Cloud >>
Compliance Manager is a subscription service that helps you identify the IT laws that are relevant to your organisation and determine what you need to do in order to comply.
With a growing database of IT-related legislation, Compliance Manager enables the busy organisation to pinpoint exactly what actions are necessary to comply with the relevant laws.
Its interactive database lists the relevant clauses from each law and provides guidance on implementing them, mapped against the appropriate best-practice controls from Annex A of ISO 27001, so you can easily determine the actions you need to take to comply – and demonstrate that compliance.
For each law, Compliance Manager includes effective dates, implementation requirements and links to the legislation itself.
You can also add your own requirements or controls that are applicable to your organisation.
Learn more about Compliance Manager >>