SlideShare une entreprise Scribd logo

Using vsRisk to carry out a risk assessment

Michael Francis
Michael Francis

Vigilant Software discusses the importance of ISO27001 and ISO27005, including the business benefits of information security risk assessments.

TechnologieBusiness
1  sur  16
Télécharger pour lire hors ligne
Using vsRisk to carry out a risk assessment Phil Hare Information Risk Consultant and Vigilant Software Product Manager Friday March 15th PLEASE NOTE THAT ALL DELEGATES IN THE TELECONFERENCE ARE MUTED ON JOINING. Q&A IS HANDLED THROUGH A COMBINATION OF WEBEX CHAT/TEXT AND VOICE “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
Phil Hare • An information security professional with many years’ experience of information security risk assessments • Heavily involved in the specification and creation of one of the leading software tools for ISO27001 compliant risk assessments available today. • A broad knowledge of the technical, procedural, methodological and theoretical aspects of Information Security Risk Assessment. • Instrumental in successful ISMS development projects across a wide range of organisations. Currently the architect and product manager for the Vigilant Software product suite, focusing on incorporating a broad range of compliance objectives into a usable and efficient software suite. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
Today’s Webinar in Context • Today’s webinar is #3 in a series of 4 educational webinars. • The 4 webinars are designed to take you on a learning journey: • Webinar 1 - Why IS027001? • Webinar 2 – The Importance of risk management. • Webinar 3 (Today) – Using vsRisk to carry out a risk assessment. • Webinar 4 – Maintaining/updating your risk assessment. Registration details of future webinars at the end. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
Today’s Agenda • A short 20-30 minutes educational and informative talk: • Quick recap of last 2 week’s webinar – Why ISO27001 and the importance of risk management. • What is a risk assessment? • Carrying out a risk assessment using vsRisk - software demonstration. • Ample time for Q&A at the end • Next steps including 1 upcoming educational webinar. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
Recap – last 2 webinars In the last 2 webinars we covered: • What is information security? • What is an information security management system (ISMS)? • What is ISO27001? • Why should I and my organisation care about ISO27001? • The importance of risk management. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
What is a risk assessment? • A risk assessment is the core competence of information security management. • ISO27001 explicitly asks for: • a risk assessment to be carried out before any controls are selected and implemented. • every control to be justified by a risk assessment. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
What is a risk assessment? • The risk assessment must: • Identify the threat/vulnerability combinations that have a likelihood of impacting the confidentiality, availability or integrity of each asset within a scope. • This must be done from a business, compliance or contractual perspective. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
What is a risk assessment? • From completing a risk assessment: • Spend on controls is balanced against business harm, likely to result from security failures. • Information security management decisions are entirely made by the outcomes from a risk assessment. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
How do I carry out a risk assessment? • Modern software tools take the pain out of risk assessment. • vsRisk is the industry-leading ISO27001-compliant risk assessment tool. • vsRisk has simplified and automated the information security risk assessment process for many organisations across the globe, both large and small. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
What can vsRisk do for you? • Simplification: minimises the manual hassle and complexity from carrying out an ISO27001 risk assessment, saving time and resources. • Replication: risk assessments can be repeated easily in a standard format year after year. • Generates Reports: for sharing across the business and with auditors. • Automation: the best and most efficient way to carry out a risk assessment. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
vsRisk - Demo Software demonstration – carrying out a risk assessment using vsRisk. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
Questions – we welcome them all! Please type your questions into the Webex chat window – responses will generally be verbal and shared with all delegates. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
Next Steps – Upcoming Educational Webinar • Maintaining and Updating your Risk Assessment - Thursday March 21st, 4pm UK Time • Register at www.vigilantsoftware.co.uk/webinars.aspx “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
Before the next webinar… Read a book… Download a free trial of vsRisk Read the world's first practical e-book The cyber security risk assessment guidance on achieving ISO27001 tool compliant to ISO 27001 that certification and the nine automates and accelerates the risk essential steps to an effective ISMS management process. implementation. 15-day free trial at Available for £29.95 at http://www.vigilantsoftware.co.uk http://www.vigilantsoftware.co.uk/pr oduct/1651.aspx “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
Next Steps – Special March offer of risk assessment software vsRisk • Purchases of vsRisk in March will include for free the information security risk management standard, ISO 27005 (worth £100) and a copy of the book Information Security Risk Management for ISO 27001/ISO 27002 (worth £39.95). • To claim this offer, please visit www.vigilantsoftware.co.uk. • Offer valid until Thursday March 28th. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
Next Steps – Want to know more? • If you would like to know more about IS027001, including how to carry out an ISO27001-compliant risk assessment using vsRisk, please visit http://www.vigilantsoftware.co.uk or email servicecentre@vigilantsoftware.co.uk. • Free trial of vsRisk available at http://www.vigilantsoftware.co.uk “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013

Recommandé

Maintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRiskMaintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRiskMichael Francis
 
Maintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRiskMaintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRiskVigilant Software
 
Introducing vsRisk 2.6
Introducing vsRisk 2.6Introducing vsRisk 2.6
Introducing vsRisk 2.6Vigilant Software
 
Why ISO27001/ISO27005 for my organisation
Why ISO27001/ISO27005 for my organisationWhy ISO27001/ISO27005 for my organisation
Why ISO27001/ISO27005 for my organisationMichael Francis
 
A New Security Management Approach for Agile Environments
A New Security Management Approach for Agile EnvironmentsA New Security Management Approach for Agile Environments
A New Security Management Approach for Agile EnvironmentsPECB
 
Ants and Elephants in the CISO's Office by Paul Rain
Ants and Elephants in the CISO's Office by Paul RainAnts and Elephants in the CISO's Office by Paul Rain
Ants and Elephants in the CISO's Office by Paul RainPriyanka Aash
 
Managing Traceability in an Agile, Safety-critical Development Environment
Managing Traceability in an Agile, Safety-critical Development EnvironmentManaging Traceability in an Agile, Safety-critical Development Environment
Managing Traceability in an Agile, Safety-critical Development EnvironmentIntland Software GmbH
 
2017-07-12 GovLoop: New Era of Digital Security
2017-07-12 GovLoop: New Era of Digital Security2017-07-12 GovLoop: New Era of Digital Security
2017-07-12 GovLoop: New Era of Digital SecurityShawn Wells
 

Recommandé

Maintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRiskMaintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRiskMichael Francis
 
Maintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRiskMaintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRiskVigilant Software
 
Introducing vsRisk 2.6
Introducing vsRisk 2.6Introducing vsRisk 2.6
Introducing vsRisk 2.6Vigilant Software
 
Why ISO27001/ISO27005 for my organisation
Why ISO27001/ISO27005 for my organisationWhy ISO27001/ISO27005 for my organisation
Why ISO27001/ISO27005 for my organisationMichael Francis
 
A New Security Management Approach for Agile Environments
A New Security Management Approach for Agile EnvironmentsA New Security Management Approach for Agile Environments
A New Security Management Approach for Agile EnvironmentsPECB
 
Ants and Elephants in the CISO's Office by Paul Rain
Ants and Elephants in the CISO's Office by Paul RainAnts and Elephants in the CISO's Office by Paul Rain
Ants and Elephants in the CISO's Office by Paul RainPriyanka Aash
 
Managing Traceability in an Agile, Safety-critical Development Environment
Managing Traceability in an Agile, Safety-critical Development EnvironmentManaging Traceability in an Agile, Safety-critical Development Environment
Managing Traceability in an Agile, Safety-critical Development EnvironmentIntland Software GmbH
 
2017-07-12 GovLoop: New Era of Digital Security
2017-07-12 GovLoop: New Era of Digital Security2017-07-12 GovLoop: New Era of Digital Security
2017-07-12 GovLoop: New Era of Digital SecurityShawn Wells
 
Cyber Security testing in an agile environment
Cyber Security testing in an agile environmentCyber Security testing in an agile environment
Cyber Security testing in an agile environmentArthur Donkers
 
Data Consult - Managed Security Services
Data Consult - Managed Security ServicesData Consult - Managed Security Services
Data Consult - Managed Security ServicesJad Bejjani
 
How to Achieve Functional Safety in Safety-Citical Embedded Systems
How to Achieve Functional Safety in Safety-Citical Embedded SystemsHow to Achieve Functional Safety in Safety-Citical Embedded Systems
How to Achieve Functional Safety in Safety-Citical Embedded Systemsevatjohnson
 
Introducing a Security Feedback Loop to your CI Pipelines
Introducing a Security Feedback Loop to your CI PipelinesIntroducing a Security Feedback Loop to your CI Pipelines
Introducing a Security Feedback Loop to your CI PipelinesCodefresh
 
Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11Skybox Security
 
Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...LabSharegroup
 
PECB Webinar: ISO 27001 in the world today. Why you should consider it?
PECB Webinar: ISO 27001 in the world today. Why you should consider it?PECB Webinar: ISO 27001 in the world today. Why you should consider it?
PECB Webinar: ISO 27001 in the world today. Why you should consider it?PECB
 
ISO 27001 definitions
ISO 27001 definitionsISO 27001 definitions
ISO 27001 definitionsMouhammad Esayed
 
The Challenges of Scaling DevSecOps
The Challenges of Scaling DevSecOpsThe Challenges of Scaling DevSecOps
The Challenges of Scaling DevSecOpsWhiteSource
 
KACE End Point Security Update
KACE End Point Security UpdateKACE End Point Security Update
KACE End Point Security Updatekenross15
 
VMUGIT UC 2013 - 03b Trend Micro
VMUGIT UC 2013 - 03b Trend MicroVMUGIT UC 2013 - 03b Trend Micro
VMUGIT UC 2013 - 03b Trend MicroVMUG IT
 
DevSecOps outline
DevSecOps outlineDevSecOps outline
DevSecOps outlineNickleus Jimenez
 
Open Source Security: How to Lay the Groundwork for a Secure Culture
Open Source Security: How to Lay the Groundwork for a Secure CultureOpen Source Security: How to Lay the Groundwork for a Secure Culture
Open Source Security: How to Lay the Groundwork for a Secure CultureWhiteSource
 
CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...
CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...
CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...TI Safe
 
Using IP Cameras and Advanced Analytics to help Protect Critical Infrastructure
Using IP Cameras and Advanced Analytics to help Protect Critical InfrastructureUsing IP Cameras and Advanced Analytics to help Protect Critical Infrastructure
Using IP Cameras and Advanced Analytics to help Protect Critical InfrastructureEnergySec
 
6 steps how to get iso 27000 certification?
6 steps how to get iso 27000 certification?6 steps how to get iso 27000 certification?
6 steps how to get iso 27000 certification?Puneet sharma
 
Qualys Corporate Brochure
Qualys Corporate BrochureQualys Corporate Brochure
Qualys Corporate BrochureQualys
 
Friday Forum ISO 27001: 2013
Friday Forum ISO 27001: 2013Friday Forum ISO 27001: 2013
Friday Forum ISO 27001: 2013APEXMarCom
 
DevSecOps
DevSecOpsDevSecOps
DevSecOpsJoel Divekar
 
20140121 cisec-safety criticalsoftwaredevelopment
20140121 cisec-safety criticalsoftwaredevelopment20140121 cisec-safety criticalsoftwaredevelopment
20140121 cisec-safety criticalsoftwaredevelopmentCISEC
 
Iso27001 Risk Assessment Approach
Iso27001 Risk Assessment ApproachIso27001 Risk Assessment Approach
Iso27001 Risk Assessment Approachtschraider
 
The importance of information security risk management
The importance of information security risk managementThe importance of information security risk management
The importance of information security risk managementMichael Francis
 

Contenu connexe

Tendances

Cyber Security testing in an agile environment
Cyber Security testing in an agile environmentCyber Security testing in an agile environment
Cyber Security testing in an agile environmentArthur Donkers
 
Data Consult - Managed Security Services
Data Consult - Managed Security ServicesData Consult - Managed Security Services
Data Consult - Managed Security ServicesJad Bejjani
 
How to Achieve Functional Safety in Safety-Citical Embedded Systems
How to Achieve Functional Safety in Safety-Citical Embedded SystemsHow to Achieve Functional Safety in Safety-Citical Embedded Systems
How to Achieve Functional Safety in Safety-Citical Embedded Systemsevatjohnson
 
Introducing a Security Feedback Loop to your CI Pipelines
Introducing a Security Feedback Loop to your CI PipelinesIntroducing a Security Feedback Loop to your CI Pipelines
Introducing a Security Feedback Loop to your CI PipelinesCodefresh
 
Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11Skybox Security
 
Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...LabSharegroup
 
PECB Webinar: ISO 27001 in the world today. Why you should consider it?
PECB Webinar: ISO 27001 in the world today. Why you should consider it?PECB Webinar: ISO 27001 in the world today. Why you should consider it?
PECB Webinar: ISO 27001 in the world today. Why you should consider it?PECB
 
The Challenges of Scaling DevSecOps
The Challenges of Scaling DevSecOpsThe Challenges of Scaling DevSecOps
The Challenges of Scaling DevSecOpsWhiteSource
 
KACE End Point Security Update
KACE End Point Security UpdateKACE End Point Security Update
KACE End Point Security Updatekenross15
 
VMUGIT UC 2013 - 03b Trend Micro
VMUGIT UC 2013 - 03b Trend MicroVMUGIT UC 2013 - 03b Trend Micro
VMUGIT UC 2013 - 03b Trend MicroVMUG IT
 
Open Source Security: How to Lay the Groundwork for a Secure Culture
Open Source Security: How to Lay the Groundwork for a Secure CultureOpen Source Security: How to Lay the Groundwork for a Secure Culture
Open Source Security: How to Lay the Groundwork for a Secure CultureWhiteSource
 
CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...
CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...
CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...TI Safe
 
Using IP Cameras and Advanced Analytics to help Protect Critical Infrastructure
Using IP Cameras and Advanced Analytics to help Protect Critical InfrastructureUsing IP Cameras and Advanced Analytics to help Protect Critical Infrastructure
Using IP Cameras and Advanced Analytics to help Protect Critical InfrastructureEnergySec
 
6 steps how to get iso 27000 certification?
6 steps how to get iso 27000 certification?6 steps how to get iso 27000 certification?
6 steps how to get iso 27000 certification?Puneet sharma
 
Qualys Corporate Brochure
Qualys Corporate BrochureQualys Corporate Brochure
Qualys Corporate BrochureQualys
 
Friday Forum ISO 27001: 2013
Friday Forum ISO 27001: 2013Friday Forum ISO 27001: 2013
Friday Forum ISO 27001: 2013APEXMarCom
 
20140121 cisec-safety criticalsoftwaredevelopment
20140121 cisec-safety criticalsoftwaredevelopment20140121 cisec-safety criticalsoftwaredevelopment
20140121 cisec-safety criticalsoftwaredevelopmentCISEC
 

Tendances (20)

Cyber Security testing in an agile environment
Cyber Security testing in an agile environmentCyber Security testing in an agile environment
Cyber Security testing in an agile environment
 
Data Consult - Managed Security Services
Data Consult - Managed Security ServicesData Consult - Managed Security Services
Data Consult - Managed Security Services
 
How to Achieve Functional Safety in Safety-Citical Embedded Systems
How to Achieve Functional Safety in Safety-Citical Embedded SystemsHow to Achieve Functional Safety in Safety-Citical Embedded Systems
How to Achieve Functional Safety in Safety-Citical Embedded Systems
 
Introducing a Security Feedback Loop to your CI Pipelines
Introducing a Security Feedback Loop to your CI PipelinesIntroducing a Security Feedback Loop to your CI Pipelines
Introducing a Security Feedback Loop to your CI Pipelines
 
Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11
 
Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...
 
PECB Webinar: ISO 27001 in the world today. Why you should consider it?
PECB Webinar: ISO 27001 in the world today. Why you should consider it?PECB Webinar: ISO 27001 in the world today. Why you should consider it?
PECB Webinar: ISO 27001 in the world today. Why you should consider it?
 
ISO 27001 definitions
ISO 27001 definitionsISO 27001 definitions
ISO 27001 definitions
 
The Challenges of Scaling DevSecOps
The Challenges of Scaling DevSecOpsThe Challenges of Scaling DevSecOps
The Challenges of Scaling DevSecOps
 
KACE End Point Security Update
KACE End Point Security UpdateKACE End Point Security Update
KACE End Point Security Update
 
VMUGIT UC 2013 - 03b Trend Micro
VMUGIT UC 2013 - 03b Trend MicroVMUGIT UC 2013 - 03b Trend Micro
VMUGIT UC 2013 - 03b Trend Micro
 
DevSecOps outline
DevSecOps outlineDevSecOps outline
DevSecOps outline
 
Open Source Security: How to Lay the Groundwork for a Secure Culture
Open Source Security: How to Lay the Groundwork for a Secure CultureOpen Source Security: How to Lay the Groundwork for a Secure Culture
Open Source Security: How to Lay the Groundwork for a Secure Culture
 
CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...
CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...
CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...
 
Using IP Cameras and Advanced Analytics to help Protect Critical Infrastructure
Using IP Cameras and Advanced Analytics to help Protect Critical InfrastructureUsing IP Cameras and Advanced Analytics to help Protect Critical Infrastructure
Using IP Cameras and Advanced Analytics to help Protect Critical Infrastructure
 
6 steps how to get iso 27000 certification?
6 steps how to get iso 27000 certification?6 steps how to get iso 27000 certification?
6 steps how to get iso 27000 certification?
 
Qualys Corporate Brochure
Qualys Corporate BrochureQualys Corporate Brochure
Qualys Corporate Brochure
 
Friday Forum ISO 27001: 2013
Friday Forum ISO 27001: 2013Friday Forum ISO 27001: 2013
Friday Forum ISO 27001: 2013
 
DevSecOps
DevSecOpsDevSecOps
DevSecOps
 
20140121 cisec-safety criticalsoftwaredevelopment
20140121 cisec-safety criticalsoftwaredevelopment20140121 cisec-safety criticalsoftwaredevelopment
20140121 cisec-safety criticalsoftwaredevelopment
 

En vedette

Iso27001 Risk Assessment Approach
Iso27001 Risk Assessment ApproachIso27001 Risk Assessment Approach
Iso27001 Risk Assessment Approachtschraider
 
The importance of information security risk management
The importance of information security risk managementThe importance of information security risk management
The importance of information security risk managementMichael Francis
 
Why ISO27001 For My Organisation
Why ISO27001 For My OrganisationWhy ISO27001 For My Organisation
Why ISO27001 For My OrganisationVigilant Software
 
Iso27001 Audit Services
Iso27001 Audit ServicesIso27001 Audit Services
Iso27001 Audit Servicesmcloete
 
Iso 27001 metrics and implementation guide
Iso 27001 metrics and implementation guideIso 27001 metrics and implementation guide
Iso 27001 metrics and implementation guidemfmurat
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewShankar Subramaniyan
 
Hazard Identification, Risk Assessment and Risk Control (HIRARC) Malay version
Hazard Identification, Risk Assessment and Risk Control (HIRARC) Malay versionHazard Identification, Risk Assessment and Risk Control (HIRARC) Malay version
Hazard Identification, Risk Assessment and Risk Control (HIRARC) Malay versionNorrazman Zaiha Zainol
 
Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30timmcguinness
 
Risk assessment principles and guidelines
Risk assessment principles and guidelinesRisk assessment principles and guidelines
Risk assessment principles and guidelinesHaris Tahir
 
Risk assessment presentation
Risk assessment presentationRisk assessment presentation
Risk assessment presentationmmagario
 
The treadstone updates 26 july 2014
The treadstone updates 26 july 2014The treadstone updates 26 july 2014
The treadstone updates 26 july 2014aiesechyderabad
 
¿Qué comiste y bebiste ayer?
¿Qué comiste y bebiste ayer?¿Qué comiste y bebiste ayer?
¿Qué comiste y bebiste ayer?HA MFL Department
 

En vedette (20)

Iso27001 Risk Assessment Approach
Iso27001 Risk Assessment ApproachIso27001 Risk Assessment Approach
Iso27001 Risk Assessment Approach
 
The importance of information security risk management
The importance of information security risk managementThe importance of information security risk management
The importance of information security risk management
 
Iso 27001 Audit Evidence Acquisition
Iso 27001 Audit Evidence AcquisitionIso 27001 Audit Evidence Acquisition
Iso 27001 Audit Evidence Acquisition
 
Why ISO27001 For My Organisation
Why ISO27001 For My OrganisationWhy ISO27001 For My Organisation
Why ISO27001 For My Organisation
 
Iso27001 Audit Services
Iso27001 Audit ServicesIso27001 Audit Services
Iso27001 Audit Services
 
Iso 27001 metrics and implementation guide
Iso 27001 metrics and implementation guideIso 27001 metrics and implementation guide
Iso 27001 metrics and implementation guide
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process Overview
 
Hazard Identification, Risk Assessment and Risk Control (HIRARC) Malay version
Hazard Identification, Risk Assessment and Risk Control (HIRARC) Malay versionHazard Identification, Risk Assessment and Risk Control (HIRARC) Malay version
Hazard Identification, Risk Assessment and Risk Control (HIRARC) Malay version
 
risk assessment
risk assessment risk assessment
risk assessment
 
Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30
 
ISO 27005 Risk Assessment
ISO 27005 Risk AssessmentISO 27005 Risk Assessment
ISO 27005 Risk Assessment
 
Risk assessment principles and guidelines
Risk assessment principles and guidelinesRisk assessment principles and guidelines
Risk assessment principles and guidelines
 
Risk assessment presentation
Risk assessment presentationRisk assessment presentation
Risk assessment presentation
 
Oqi
OqiOqi
Oqi
 
The treadstone updates 26 july 2014
The treadstone updates 26 july 2014The treadstone updates 26 july 2014
The treadstone updates 26 july 2014
 
Palladium
PalladiumPalladium
Palladium
 
¿Qué comiste y bebiste ayer?
¿Qué comiste y bebiste ayer?¿Qué comiste y bebiste ayer?
¿Qué comiste y bebiste ayer?
 
Gcdp lc day
Gcdp lc dayGcdp lc day
Gcdp lc day
 
State of marketing 2012
State of marketing 2012State of marketing 2012
State of marketing 2012
 
Excelsiors review
Excelsiors reviewExcelsiors review
Excelsiors review
 

Similaire à Using vsRisk to carry out a risk assessment

The Importance of Risk Management
The Importance of Risk ManagementThe Importance of Risk Management
The Importance of Risk ManagementVigilant Software
 
vsRisk - features and benefits.ppt
vsRisk - features and benefits.pptvsRisk - features and benefits.ppt
vsRisk - features and benefits.pptscribdJobAN
 
Cyber Security and Cloud Security
Cyber Security and Cloud SecurityCyber Security and Cloud Security
Cyber Security and Cloud SecurityIT Governance Ltd
 
The significance of the Shift to Risk Management from Threat & Vulnerability ...
The significance of the Shift to Risk Management from Threat & Vulnerability ...The significance of the Shift to Risk Management from Threat & Vulnerability ...
The significance of the Shift to Risk Management from Threat & Vulnerability ...PECB
 
Neupart webinar 1: Four shortcuts to better risk assessments
Neupart webinar 1: Four shortcuts to better risk assessmentsNeupart webinar 1: Four shortcuts to better risk assessments
Neupart webinar 1: Four shortcuts to better risk assessmentsLars Neupart
 
Cyber-Security Certifications
Cyber-Security CertificationsCyber-Security Certifications
Cyber-Security CertificationsNithin Sai
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingOperational Excellence Consulting
 
we45 - SecDevOps Concept Presentation
we45 - SecDevOps Concept Presentationwe45 - SecDevOps Concept Presentation
we45 - SecDevOps Concept PresentationAbhay Bhargav
 
we45 SecDevOps Presentation - ISACA Chennai
we45 SecDevOps Presentation - ISACA Chennaiwe45 SecDevOps Presentation - ISACA Chennai
we45 SecDevOps Presentation - ISACA ChennaiAbhay Bhargav
 
Cyber security service portfolio of Future Data Ltd
Cyber security service portfolio of Future Data LtdCyber security service portfolio of Future Data Ltd
Cyber security service portfolio of Future Data LtdSabrina Chan
 
Trustworthy Software
Trustworthy SoftwareTrustworthy Software
Trustworthy SoftwareQonex
 
Open text security services catalog
Open text security services catalogOpen text security services catalog
Open text security services catalogMarc St-Pierre
 
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...Tromenz Learning
 
What's Wrong with Vulnerability Management & How Can We Fix It
What's Wrong with Vulnerability Management & How Can We Fix ItWhat's Wrong with Vulnerability Management & How Can We Fix It
What's Wrong with Vulnerability Management & How Can We Fix ItSkybox Security
 
english_bok_ismp_202306.pptx
english_bok_ismp_202306.pptxenglish_bok_ismp_202306.pptx
english_bok_ismp_202306.pptxssuser00d6eb
 
Digital Product Security
Digital Product SecurityDigital Product Security
Digital Product SecuritySoftServe
 
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NA Putra
 
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA
 

Similaire à Using vsRisk to carry out a risk assessment (20)

The Importance of Risk Management
The Importance of Risk ManagementThe Importance of Risk Management
The Importance of Risk Management
 
Cyber Security Management
Cyber Security ManagementCyber Security Management
Cyber Security Management
 
vsRisk - features and benefits.ppt
vsRisk - features and benefits.pptvsRisk - features and benefits.ppt
vsRisk - features and benefits.ppt
 
Cyber Security and Cloud Security
Cyber Security and Cloud SecurityCyber Security and Cloud Security
Cyber Security and Cloud Security
 
The significance of the Shift to Risk Management from Threat & Vulnerability ...
The significance of the Shift to Risk Management from Threat & Vulnerability ...The significance of the Shift to Risk Management from Threat & Vulnerability ...
The significance of the Shift to Risk Management from Threat & Vulnerability ...
 
Cloud Application Security Service
Cloud Application Security ServiceCloud Application Security Service
Cloud Application Security Service
 
Neupart webinar 1: Four shortcuts to better risk assessments
Neupart webinar 1: Four shortcuts to better risk assessmentsNeupart webinar 1: Four shortcuts to better risk assessments
Neupart webinar 1: Four shortcuts to better risk assessments
 
Cyber-Security Certifications
Cyber-Security CertificationsCyber-Security Certifications
Cyber-Security Certifications
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
 
we45 - SecDevOps Concept Presentation
we45 - SecDevOps Concept Presentationwe45 - SecDevOps Concept Presentation
we45 - SecDevOps Concept Presentation
 
we45 SecDevOps Presentation - ISACA Chennai
we45 SecDevOps Presentation - ISACA Chennaiwe45 SecDevOps Presentation - ISACA Chennai
we45 SecDevOps Presentation - ISACA Chennai
 
Cyber security service portfolio of Future Data Ltd
Cyber security service portfolio of Future Data LtdCyber security service portfolio of Future Data Ltd
Cyber security service portfolio of Future Data Ltd
 
Trustworthy Software
Trustworthy SoftwareTrustworthy Software
Trustworthy Software
 
Open text security services catalog
Open text security services catalogOpen text security services catalog
Open text security services catalog
 
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...
 
What's Wrong with Vulnerability Management & How Can We Fix It
What's Wrong with Vulnerability Management & How Can We Fix ItWhat's Wrong with Vulnerability Management & How Can We Fix It
What's Wrong with Vulnerability Management & How Can We Fix It
 
english_bok_ismp_202306.pptx
english_bok_ismp_202306.pptxenglish_bok_ismp_202306.pptx
english_bok_ismp_202306.pptx
 
Digital Product Security
Digital Product SecurityDigital Product Security
Digital Product Security
 
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001
 
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001
 

Dernier

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 

Dernier (20)

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 

Using vsRisk to carry out a risk assessment

  • 1. Using vsRisk to carry out a risk assessment Phil Hare Information Risk Consultant and Vigilant Software Product Manager Friday March 15th PLEASE NOTE THAT ALL DELEGATES IN THE TELECONFERENCE ARE MUTED ON JOINING. Q&A IS HANDLED THROUGH A COMBINATION OF WEBEX CHAT/TEXT AND VOICE “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
  • 2. Phil Hare • An information security professional with many years’ experience of information security risk assessments • Heavily involved in the specification and creation of one of the leading software tools for ISO27001 compliant risk assessments available today. • A broad knowledge of the technical, procedural, methodological and theoretical aspects of Information Security Risk Assessment. • Instrumental in successful ISMS development projects across a wide range of organisations. Currently the architect and product manager for the Vigilant Software product suite, focusing on incorporating a broad range of compliance objectives into a usable and efficient software suite. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
  • 3. Today’s Webinar in Context • Today’s webinar is #3 in a series of 4 educational webinars. • The 4 webinars are designed to take you on a learning journey: • Webinar 1 - Why IS027001? • Webinar 2 – The Importance of risk management. • Webinar 3 (Today) – Using vsRisk to carry out a risk assessment. • Webinar 4 – Maintaining/updating your risk assessment. Registration details of future webinars at the end. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
  • 4. Today’s Agenda • A short 20-30 minutes educational and informative talk: • Quick recap of last 2 week’s webinar – Why ISO27001 and the importance of risk management. • What is a risk assessment? • Carrying out a risk assessment using vsRisk - software demonstration. • Ample time for Q&A at the end • Next steps including 1 upcoming educational webinar. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
  • 5. Recap – last 2 webinars In the last 2 webinars we covered: • What is information security? • What is an information security management system (ISMS)? • What is ISO27001? • Why should I and my organisation care about ISO27001? • The importance of risk management. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
  • 6. What is a risk assessment? • A risk assessment is the core competence of information security management. • ISO27001 explicitly asks for: • a risk assessment to be carried out before any controls are selected and implemented. • every control to be justified by a risk assessment. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
  • 7. What is a risk assessment? • The risk assessment must: • Identify the threat/vulnerability combinations that have a likelihood of impacting the confidentiality, availability or integrity of each asset within a scope. • This must be done from a business, compliance or contractual perspective. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
  • 8. What is a risk assessment? • From completing a risk assessment: • Spend on controls is balanced against business harm, likely to result from security failures. • Information security management decisions are entirely made by the outcomes from a risk assessment. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
  • 9. How do I carry out a risk assessment? • Modern software tools take the pain out of risk assessment. • vsRisk is the industry-leading ISO27001-compliant risk assessment tool. • vsRisk has simplified and automated the information security risk assessment process for many organisations across the globe, both large and small. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
  • 10. What can vsRisk do for you? • Simplification: minimises the manual hassle and complexity from carrying out an ISO27001 risk assessment, saving time and resources. • Replication: risk assessments can be repeated easily in a standard format year after year. • Generates Reports: for sharing across the business and with auditors. • Automation: the best and most efficient way to carry out a risk assessment. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
  • 11. vsRisk - Demo Software demonstration – carrying out a risk assessment using vsRisk. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
  • 12. Questions – we welcome them all! Please type your questions into the Webex chat window – responses will generally be verbal and shared with all delegates. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
  • 13. Next Steps – Upcoming Educational Webinar • Maintaining and Updating your Risk Assessment - Thursday March 21st, 4pm UK Time • Register at www.vigilantsoftware.co.uk/webinars.aspx “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
  • 14. Before the next webinar… Read a book… Download a free trial of vsRisk Read the world's first practical e-book The cyber security risk assessment guidance on achieving ISO27001 tool compliant to ISO 27001 that certification and the nine automates and accelerates the risk essential steps to an effective ISMS management process. implementation. 15-day free trial at Available for £29.95 at http://www.vigilantsoftware.co.uk http://www.vigilantsoftware.co.uk/pr oduct/1651.aspx “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
  • 15. Next Steps – Special March offer of risk assessment software vsRisk • Purchases of vsRisk in March will include for free the information security risk management standard, ISO 27005 (worth £100) and a copy of the book Information Security Risk Management for ISO 27001/ISO 27002 (worth £39.95). • To claim this offer, please visit www.vigilantsoftware.co.uk. • Offer valid until Thursday March 28th. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013
  • 16. Next Steps – Want to know more? • If you would like to know more about IS027001, including how to carry out an ISO27001-compliant risk assessment using vsRisk, please visit http://www.vigilantsoftware.co.uk or email servicecentre@vigilantsoftware.co.uk. • Free trial of vsRisk available at http://www.vigilantsoftware.co.uk “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013