ISO 27001 Risk Assessment Tool

vsRisk, the ISO 27001 risk assessment software tool

ISO 27001 and ISO 27002 2022 updates

ISO/IEC 27001:2022 – the newest version of ISO 27001 – was published in October 2022.

Organisations that are certified to ISO/IEC 27001:2013 have a three-year transition period to make the necessary changes to their ISMS (information security management system).

For more information about ISO 27001:2022 and its companion standard, ISO 27002:2022, and what they mean for your organisation, please visit ISO 27001 and ISO 27002: 2022 updates

Download your copy of ISO 27001:2022 here

Download your copy of ISO 27002:2022 here

Information security risk assessments – software versus spreadsheets

Organisations starting out with an information security programme often resort to spreadsheets when tackling the risk assessment phase.

Despite being trusted by professionals for more than 20 years, Excel spreadsheets were initially built for accountants and are not designed to deliver a risk assessment.

Experienced information security and risk management practitioners will be fully aware of the dangers of using spreadsheets, so they will always use purpose-built ISO 27001 risk assessment software tools instead.

Fully aligned with ISO 27001, vsRisk eliminates the need to use spreadsheets, which are prone to errors, and significantly cuts the consultancy costs that are typically associated with tackling an information security risk assessment.

View our packages

Error-free and ISO 27001-compliant risk assessments

vsRisk is the leading information security risk assessment tool that helps you complete accurate, auditable and hassle-free risk assessments year after year.

With more than ten years of development behind its success, vsRisk was created specifically to help organisations improve their risk assessment capabilities and support an ISO 27001 compliance project.

How vsRisk can help you

  • Conduct risk assessments following a step-by-step process
  • Customisable settings, including likelihood and impact values
  • Select risks and controls from prepopulated libraries, including ISO 27001 and PCI DSS  
  • Easily import assets from your asset register (or create your own)
  • One-click reporting, including the Statement of Applicability (SoA) and Risk Treatment Plan
  • Reduce the risk of errors and ensure a consistent and repeatable risk assessment process.

With vsRisk, you can immediately get to work – no prior knowledge of risk assessments is necessary.

View vsRisk or request a demo

vsRisk risk assessment tool example

“By the way, this vsRisk package rocks! I do very much like how it is laid out and operates. This is just what I needed.

- Jeffrey S. Cochran, Information Security Manager, Thompsons Online Benefits

Watch our short video to find out why you should use vsRisk cloud

Compared to Excel, vsRisk has an easy to use interface ... vsRisk is a great way to manage and report your risks and present the acceptance criteria to the board for eventual sign off.

James Ellis, Secure and Confidential Documents Ltd (SCD)