Gavin (Guang) Duan, (IRCA certified ISMS Auditor), is a compliance specialist at a division of an international automated sortation technology company that employs over 4,000 employees in 70 countries.
One of Gavin’s responsibilities, along with a team of four others, is to help the company achieve certification to ISO 27001 (due to a customer request). He has been involved in information security and ISO 27001 certifications for the past seven years, and is also a firm supporter of the information security risk assessment tool, vsRisk™.
Before choosing vsRisk, Gavin was considering using Excel to manage the organisation’s information security management risk assessments but he found the process time-consuming and frustrating.
Why choosing vsRisk made sense
“Choosing vsRisk was a great move”, says Gavin. “Compared to other software solutions, vsRisk is very straight-forward, and provides the full risk assessment framework from the very first step right up to the last step”.
vsRisk also allows you to customise aspects of the risk assessment, which Gavin found particularly helpful.
“vsRisk was designed in such a way that it helps you to understand exactly what you are doing, and why you are doing it, in accordance with ISO 27001” he says. “Other software might give you boxes to tick but it doesn’t offer you full insight into the risk assessment in line with what ISO 27001 requires.”
Finally, Gavin found vsRisk to be cost-effective. “The pricing of vsRisk delivered very good value”, he says.
Are you looking for a better information security risk assessment tool that will save you time and money?