Skip to Main Content
This website uses cookies. View our cookie policy

vsRisk – Information security risk assessments made simple

The leading risk assessment tool for ISO 27001 compliance 

Stay up-to-date with full visibility of your risk assessment with real-time viewing and team collaboration.

Generates audit-ready reports, year after year.


Why use vsRisk?

vsRisk delivers simple, fast accurate and hassle-free risk assessments.

vsRisk is an online risk assessment tool that enables SMEs and larger organisations to conduct privacy and information security risk assessments compliant with ISO 27001. It walks you through the process of identifying the threats, vulnerabilities and corresponding controls associated with your assets in a simple, intuitive manner.

Risk assessments are a core part of ISO 27001 compliance. Organisations must conduct risk assessments annually to maintain compliance, vsRisk provides the framework to ensure that your risk assessment is consistent, compliant and repeatable, all backed up by an audit trail of decisions taken. vsRisk Cloud’s built-in wizard guides you through the process step by step.

Eliminate errors and drive efficiency with the risk assessment wizard

Accelerate risk mitigation actions with built-in controls- and risk libraries

Track and manage key risks with a simple, intuitive dashboard

Make audit day a breeze with preconfigured reports

Identify controls and develop a risk treatment plan

With vsRisk, you don’t need to spend time developing a risk assessment methodology or on costly trial and error: you can immediately get to work on the actual risk assessment.

You can quickly identify applicable information security controls based on descriptive scoring criteria. Associate and track implementation tasks against risks to formulate a risk treatment plan in line with priorities

vsRisk will also save you time maintaining your risk assessment: its robust methodology means that upcoming risk reviews and further risk assessments can be performed quickly, consistently and cost-effectively.

Meet cyber security and privacy risk requirements

The challenges associated with a risk assessment include identifying which information assets (such as hardware, systems, laptops, customer data and intellectual property) may be at risk, and what those risks are.

It is imperative that organisations conduct risk assessments when preparing, maintaining and updating their cyber security policies and programmes. Thorough risk assessments help you identify and address any threats that your organisation may face, allowing you to mitigate them before it’s too late.

No more spreadsheets!

vsRisk eliminates the need to use spreadsheets, which are prone to user input errors and can be difficult to set up and maintain, cutting the time to produce a risk assessment by as much as 80%.


We offer single-user and multi-user access via monthly and annual subscriptions. Being hosted online also means that other invited users can access the tool with a ‘read only’ role and ensures that correct procedures have been followed.

Price guarantee: If you find a tool that does exactly the same, with the same outcomes at the same incredible price or lower, we will refund your first subscription*

*full details on the shopping page

See pricing

Fast and easy to use

You can identify risks by selecting assets, threats and vulnerabilities, and applying controls to reduce the risk to an acceptable level.

Privacy risk add-in

Detail how a risk will impact all parties involved, thereby helping you choose an appropriate risk response.

Aligned with ISO 27001

vsRisk meets the Standard’s requirements for consistent, valid and comparable results.

Streamlined and accurate

Takes human error out of the equation. Simple, fast, accurate and hassle-free risk assessments year after year.

Generate auditable reports

Produces the SoA (Statement of Applicability) and a risk treatment plan to meet ISO 27001’s reporting requirements.

Integrates with other CyberComply products

vsRisk integrates with Compliance Manager and the Data Flow Mapping Tool, giving you full visibility of your compliance progress.


Jeffrey S. Cochran

Information Security Manager, Thompsons Online Benefits

By the way, this vsRisk package rocks!
I do very much like how it is laid out and operates. This is just what I needed.


Nicholas King


Robust have never been so high-profile. The introduction of the EU GDPR (General Data Protection Regulation) in May 2018 put personal data protection firmly in the public consciousness. Cybercrime continues to grab headlines, with attacks causing massive disruption for airlines, hospitals and entire ... read more