Companies starting out with an information security programme often resort to spreadsheets when tackling the risk assessment.
There are, however, a number of reasons spreadsheets aren’t the best way to go:
- They’re prone to user input errors.
- Setting up and maintaining them for a risk assessment is difficult and slow.
- Finding relevant data in multiple tabs is cumbersome.
- Sharing documents and methodologies between departments causes errors.
- You can’t generate various audit reports for ISO 27001 compliance.
- They don’t include built-in databases of threats, vulnerabilities and risks.
- They don’t automatically conform to ISO 27001 – you need expert knowledge to apply the requirements.
That’s why smart organisations tend to switch to a software solution where most of the work is already done for them.
vsRisk™ presents a simpler, better and faster way to conduct cyber security risk assessments, and ensures compliance with the information security standard ISO 27001:2013.
Spreadsheet-based assessments take time to complete and analyse, and the risk of getting it wrong is pretty big.
With vsRisk you are assured of consistent, valid and comparable results that can be repeated year after year.
In fact, vsRisk is so straightforward and quick to use that your consultant probably won’t tell you about it!
vsRisk 2.6 features a sample risk assessment allowing the user to quickly get started by customising and applying the example.
The sample provides a prepopulated list of assets, assigned to a standard set of asset owners, for a typical organisation. Each asset further features a series of potential preassigned risks, as well as the corresponding controls from ISO 27001.
vsRisk helps you identify all the relevant threats and vulnerabilities, enabling you to have greater visibility of the potential information security risks you face.
A built-in ISO 27001 documentation toolkit enables you to upload and customise policies and procedures against the selected threat response.
vsRisk Multi-user allows you to collaborate with multiple asset or risk owners across the organisation, thereby further speeding up the task of the risk assessor.
vsRisk’s simple and user-friendly interface, combined with a new dashboard and multiple types of reports, enables you to see critical risks that require immediate attention, due dates for the implementation of controls, and graphical charts about risk responses taken and controls applied.
vsRisk includes seven control sets, including ISO 27001:2013, PCI DSS, NIST SP 800-53, Cloud Controls Matrix and Cyber Essentials, in addition to six audit-ready, customisable reports.