ISO 27001 and ISO 27002 2022 updates
ISO/IEC 27001:2022 – the newest version of ISO 27001 – was published in October 2022.
Organisations that are certified to ISO/IEC 27001:2013 have a three-year transition period to make the necessary changes to their ISMS (information security management system).
For more information about ISO 27001:2022 and its companion standard, ISO 27002:2022, and what they mean for your organisation, please visit ISO 27001 and ISO 27002: 2022 updates
Download your copy of ISO 27001:2022 here
Download your copy of ISO 27002:2022 here
Information security risk assessments – software versus spreadsheets
Organizations starting out with an information security program often resort to spreadsheets when tackling the risk assessment phase.
Despite being trusted by professionals for more than 20 years, Excel spreadsheets were initially built for accountants and are not designed to deliver a risk assessment.
Experienced information security and risk management practitioners will be fully aware of the dangers of using spreadsheets, so they will always use purpose-built ISO 27001 risk assessment software tools instead.
Fully aligned with ISO 27001, vsRisk Cloud eliminates the need to use spreadsheets, which are prone to errors, and significantly cuts the consultancy costs that are typically associated with tackling an information security risk assessment.
Error-free and ISO 27001-compliant risk assessments
vsRisk is the leading information security risk assessment tool that helps you complete accurate, auditable and hassle-free risk assessments year after year.
With more than ten years of development behind its success, vsRisk was created specifically to help organizations improve their risk assessment capabilities and support an ISO 27001 compliance project.
View vsRisk or request a demo
How vsRisk can help you:
- Conduct risk assessments following a step-by-step process
- Customizable settings, including likelihood and impact values
- Select risks and controls from prepopulated libraries, including ISO 27001 and PCI DSS
- Easily import assets from your asset register (or create your own)
- One-click reporting, including the Statement of Applicability (SoA) and Risk Treatment Plan
- Reduce the risk of errors and ensure a consistent and repeatable risk assessment process.
With vsRisk, you can immediately get to work – no prior knowledge of risk assessments is necessary.
“By the way, this vsRisk package rocks! I do very much like how it is laid out and operates. This is just what I needed.“
- Jeffrey S. Cochran, Information Security Manager, Thompsons Online Benefits
Watch our short video to find out why you should use vsRisk
Compared to Excel, vsRisk™ has an easy to use interface ... vsRisk™ is a great way to manage and report your risks and present the acceptance criteria to the board for eventual sign off.
James Ellis, Secure and Confidential Documents Ltd (SCD)
Speak to an expert
One of our qualified ISO 27001 lead implementers is ready to offer you practical advice about the best approach to take for implementing an ISO 27001 project and discuss different options to suit your budget and business needs.