This website uses cookies. View our cookie policy
United Kingdom
Select regional store:

Free Download: Risk Assessment and ISO 27001

An ISO 27001-compliant information security management system (ISMS) developed and maintained according to risk acceptance/rejection criteria is an extremely useful management tool. However, the risk assessment process is often difficult, complex to manage and requires external assistance.

This green paper explains some of the issues about the information security risk assessment process.



  • The five stages of the risk assessment process

  • The importance of risk assessment to the ISO 27001 Statement of Applicability (SoA)

  • The purpose and benefits of information security risk assessments

  • How to use risk assessments to achieve maximum benefits from minimum security costs

  • Why too much security is as bad for your business as too little

  • The relationship between ISO 27001 and ISO 31000

If you want to find out more about information security risk assessments and how the vsRisk™ risk assessment software tool can help you produce reliable and robust results, please download this green paper today.


ISO 27001 explicitly requires compliant organisations to carry out risk assessments based on agreed risk acceptance criteria.

A risk assessment enables expenditure on controls to be balanced against the business harm likely to result from security failures.


Download your free Risk Assessment and ISO 27001 green paper now