Ely, England, 13 July 2011 – With more companies becoming aware of the benefits of ISO27001 certification to their business and the overall security of their information assets, IT staff are increasingly facing the challenge of managing the ISO27001 controls.
Maintaining an effective Information Security Management System (ISMS) depends on Project Managers being able to monitor the day-to-day execution and management of the controls as well as generating reports for audit purposes. This explains why many ISMS implementers utilise different tools which can help them do all that and save them time whilst they can focus on other parts of the project. Few software products combine the variety of tasks needed by IT staff responsible for implementing ISMS and for achieving ISO27001 compliance.
vsRisk is a wizard-based application that reduces the time and cost of undertaking an ISO27001-compliant risk assessment. It simplifies each step of an ISO27001 risk assessment, allowing compliance project managers to capture their information security policy and objectives, plus the scope of their information security management system, and undertake a rapid appraisal of all key areas, including groups, assets and owners.
vsRisk offers an in-built audit trail, comparative history, comprehensive reporting and gap analysis that radically reduce the manual record keeping traditionally associated with risk assessments. The tool minimises the need for specialist knowledge and significantly undercuts the cost of generalist risk management tools, thus, making ISO27001 compliance achievable for a far wider range of organisations and professionals.
Alan Calder, Chief Executive of IT Governance, says: “vsRisk has been widely embraced by those involved with ISO27001 because it eliminates so much of the cost and labour involved in risk assessments. This latest version responds to customer feedback with new features that make vsRisk an essential tool for project managers and consultants alike.”
Uniquely, vsRisk can assess the confidentiality, integrity and availability for each of the business, legal and contractual aspects of information assets, as required by the ISO27001 standard. The tool can serve as a day-to-day operational tool, showing at a glance where an organisation stands in its progress towards ISO27001 compliance. A free trial version can be requested here www.itgovernance.co.uk/iso27001-risk-assessment.aspx.
As well as supporting ISO/IEC 27001:2005 and ISO/IEC 27002, vsRisk v1.5 complies with BS7799-3:2006, ISO/IEC 27005, NIST SP 800-30 and the UK’s Risk Assessment Standard.
vsRisk is produced by Vigilant Software, the specialist software subsidiary of IT Governance and can be purchased online from www.itgovernance.co.uk/products/744.