Risk assessments play an essential role in information security, as they are the primary way organisations identify vulnerabilities and the ways data breaches can occur. The results of the risk assessment dictate defence strategies and are used by senior staff to allocate information security and business continuity budgets.
This shouldn’t be a surprise for organisations that follow the requirements of ISO 27001, the international standard for information security. The Standard emphasises risk assessments to such an extent that the process is likely to be the most time-consuming and resource-heavy part of compliance.
An ISO 27001-compliant risk assessment must:
- Establish and maintain certain information security risk criteria;
- Analyse and evaluate information security risks according to that criteria;
- “Identify risks associated with the loss of confidentiality, integrity and availability for information within the scope of the information security management system”;
- Ensure that repeated risk assessments “produce consistent, valid and comparable results”; and
- Identify the owners of those risks and establish appropriate controls to mitigate them.
We advise organisations approaching the risk assessment process to get help. If you go it alone, you run the risk of making mistakes that will leave you vulnerable to a data breach. But with a tool such as vsRisk Cloud, you can be sure that you’re following the Standard’s requirements completely and efficiently.
What is vsRisk Cloud?
Vigilant Software’s vsRisk Cloud is a streamlined, Cloud-based version of the popular desktop information security risk assessment tool.
- Being hosted in the Cloud means the software is more accessible than ever, allowing multiple users to work simultaneously from anywhere in the world.
- Eliminates the need for spreadsheets, which are prone to user-input errors and can be difficult to set up and maintain.
- Easily produce flawless and repeatable risk assessments year after year.
You can find out more about vsRisk Cloud by speaking to our experts.