Oct 07 2008

vsRisk and security risk assessment

Category: ISO 27k,Security Risk AssessmentDISC @ 3:18 pm

Information Security Risk Management for ISO27001 / ISO27002

The State of California has adopted ISO/IEC 27002 as its standard for information security and recommends other organizations and vendors to use this standard as guidance in their efforts to comply with California law.

To achieve an ongoing compliance, major organizations require tools to comply with standard such as ISO 27002/ISO27001. vsRisk is an easy to use Information Security Risk Assessment tool which makes risk assessment process consistent, easier and produces required documentation to achieve ISO 27001 certification . vsRisk also aligns seamlessly with standards like ISO 27002, ISO 27005 and NIST SP 800-30.

vsRisk helps organizations to develop an Information Security Management System (ISMS) asset inventory and capture business, legal and contractual requirements against each asset. vsRisk is customizable to meet specific needs when introducing new risks, vulnerabilities and controls without any additional help from a consultant. vsRisk helps you focus on assets rather than on threats and vulnerabilities. This is an approach which works by treating business processes as an asset, which is examined for their criticality, lack of security and consequences of failed process can be examined. In this regards, vsRisk is an effective and efficient tool by identifying most important points and key issues right away, which focusing on threats doesnā€™t.

Major benefits of vsRisk tool:
1. It is the definitive ISO27001 risk assessment tool, compliant
with all the key information security standards – which means that
you can be certain that a vsRisk risk assessment will help you
achieve ISO27001 certification.
2. It is designed to be usable – your lead risk assessor and any
asset owners involved in your risk assessment are going to find
their task made easier
3. Unique features include the risk assessment wizard, which
standardizes the risk assessment process and guides asset owners
through the risk assessment process.
4. vsRisk creates a baseline from which future risk assessments can
easily be made.
5. vsRisk integrates with ISMS documentation toolkit, for even
greater usability.

ā€œvsRiskā„¢- the Definitive ISO 27001: 2005-Compliant Information Security Risk Assessment Tool, which automates and delivers an ISO/IEC 27001-compliant risk assessment and can assess confidentiality, integrity and availability for each of business, legal and contractual aspects of information assets – as required by ISO 27001. Providing a comprehensive best-practice alignment, it supports ISO 27001 and 27002 (ISO/IEC 17799) disciplines, and is ISO/IEC 27005 and NIST SP 800-30 compliant. It also offers a wizard-based approach that simplifies and accelerates the risk assessment process, plus integrates and regularly updates BS7799-3 compliant threat and vulnerability databases.ā€

The key to successful Risk Management is to protect your most important/critical assets. The importance/criticality of an asset might change over time. That is another reason to automate security risk assessment process to recalibrate your risks based on current state of security.

Risk Management to ISO27001/NIST Wizard-based risk assessment tool Simplifies compliance – To buy vsRisk tool!

Meet Stringent California Information Security Legislation with Comprehensive Toolkit

ISO27001 EXPERTS CAN HELP COMPANIES MEET STRINGENT CALIFORNIAN …
EIN News (press release) – Netherlands
vsRiskā„¢- the Definitive ISO 27001: 2005-Compliant Information Security Risk Assessment Tool, which automates and delivers an ISO/IEC 27001-compliant risk …

Tags: asset owner, automate security risk assessment, baseline, california, isms, iso 17799, iso 27001, iso 27001 certification, iso 27002, iso 27005, nist sp 80-30, sb 1386, vsrisk

6 Responses to “vsRisk and security risk assessment”

  1. Š˜Š½Ń‚ŠµŃ€ŠµŃŠ½Ń‹Šµ фŠ°Šŗты says:
    October 12th, 2008 4:32 am

    Š”ŠŗŠ°Š¶ŠøтŠµ, Š³Š“Šµ Š½Š°Š¹Ń‚Šø хŠ¾Š·ŃŠøŠ½Š° blog.deurainfosec.com.

    Š” Š¼ŠµŠ½Ń ŠæыŠ²Š¾)
    ———
    Š˜Š½Ń‚ŠµŃ€ŠµŃŠ½Ń‹Šµ фŠ°Šŗты

  2. blog.deurainfosec.com says:
    October 29th, 2008 4:06 am

    Š—Š“рŠ°Š²ŃŃ‚Š²ŃƒŠ¹Ń‚Šµ!

    ŠŠµŠ¾Š±Ń…Š¾Š“ŠøŠ¼Š¾ сŠ“ŠµŠ»Š°Ń‚ŃŒ сŠ°Š¹Ń‚. Š¤Š¾Ń€ŃƒŠ¼Ń‹, чŠ°Ń‚Ń‹ Šø тŠ¾Š¼Ńƒ ŠæŠ¾Š“Š¾Š±Š½Š¾Šµ Š½Šµ Š½ŃƒŠ¶Š½Š¾. Š„Š¾Ń‡Ńƒ ŠæŠ¾Š»ŃƒŃ‡Šøть ŠŗŠ°Ń‡ŠµŃŃ‚Š²ŠµŠ½Š½ŃƒŃŽ Š²Ń‘рстŠŗу, ŠøŠ¼ŠµŠ½Š½Š¾ ŠŗŠ°Ń‡ŠµŃŃ‚Š²ŠµŠ½Š½ŃƒŃŽ, Š° тŠ¾ Š² Š“рŠøŠ¼Š²ŠøŠ²ŠµŃ€Šµ Šø сŠ°Š¼Š° Š¼Š¾Š³Ńƒ. Š”ŠøŠ·Š°Š¹Š½ Š³Š¾Ń‚Š¾Š², Š° Š¾ŃŃ‚Š°Š»ŃŒŠ½Š¾Šµ Š·Š° Š²Š°Š¼Šø.

    ŠžŃ‡ŠµŠ½ŃŒ хŠ¾Ń‚ŠµŠ»Š¾ŃŃŒ Š±Ń‹ усŠ»Ń‹ŃˆŠ°Ń‚ŃŒ ŠæŠ°Ń€Ńƒ Š“ŠµŠ»ŃŒŠ½Ń‹Ń… сŠ¾Š²ŠµŃ‚Š¾Š² Š¾ тŠ¾Š¼, ŠŗŠ°ŠŗŠ¾Š¹ ŠŗŠ¾Š“ Š²Ń‹Š±Ń€Š°Ń‚ŃŒ, Š³Š“Šµ Š»ŃƒŃ‡ŃˆŠµ рŠµŠ³Šøть Š“Š¾Š¼ŠµŠ½ Šø тŠ°Šŗ Š“Š°Š»ŠµŠµ…

    Š±ŃŽŠ“Š¶ŠµŃ‚ = Š¾ŠŗŠ¾Š»Š¾ 150 – 200 Š“Š¾Š»Š».

  3. BiilYBonnYU says:
    November 13th, 2008 5:27 pm

    As it seems to me, article actual for today. I wish the author of a blog to publish more interesting articles!

  5. NABH says:
    May 24th, 2011 4:13 am

    I really appreciate your post and you explain each and every point very well.Thanks for sharing this information.And Iā€™ll love to read your next post too.
    Regards:
    NABH

  6. ISO 27k and CMMI says:
    February 27th, 2019 1:40 pm

    […] vsRisk and security risk assessment (deurainfosec.com) […]

Leave a Reply

You must be logged in to post a comment. Login now.