Skip to Main Content
This website uses cookies. View our cookie policy

vsRisk – The leading risk assessment tool for ISO 27001 compliance

- “By the way, this vsRisk package rocks!”

- Jeffrey S. Cochran

  • Conduct quick and hassle-free information security risk assessments.
  • Reduce errors and improve completeness.
  • Follow a proven process to ensure compliance with ISO 27001.
  • Reduce the time spent on risk assessments by up to 80%.
  • Generate audit-ready reports, year after year.
  • Cloud-based tool.
  • On-demand and unlimited support.

Simple, fast, accurate and hassle-free risk assessments

  • Conduct data security risk assessments using a proven methodology.
  • Developed by leading information security specialists.
  • Customisable settings and risk acceptance criteria.
  • Supports compliance with ISO 27001.
  • Deliver consistent, compliant and repeatable results that you can’t achieve with a spreadsheet.
  • Intuitive and interactive dashboard that offers a real-time overview of your project that you can personalise to see what's important to you.
  • Live chat with our product developers who will help you navigate the tool, address any technical issues and advise on how to get the most out of the software.

Aligned with best-practice requirements

The software includes control sets from ISO 27001, ISO 27002:2022, ISO 27017, ISO 27018, ISO 27701, ISO 22301, ISO 27032, NIST, CSA CCM, the PCI DSS, SOC 2, CCPA, CPRA, ECC 2018, CSCC 2019, CCC 2020 and Cyber Essentials.

Fast and easy to use

  • Identify risks by selecting assets, threats and vulnerabilities from predefined lists.
  • Apply controls from predefined lists to treat and manage risks.
  • View risks and actions taken with the simple, intuitive dashboard.
  • Flag up and prioritise key risks based on impact and likelihood scores.
  • On-demand and unlimited support.
  • Get started quickly and easily with our new task-based landing page to guide you through the initial set-up.
  • Integrates with DocumentKits*, the Cloud-based platform that manages all your supporting compliance documentation in one place.

Privacy risk add-in

  • Detail how a risk to personal data will impact parties involved.
  • Conduct privacy risk assessments to protect personal data.
  • Choose an appropriate risk response to treat risks.
  • Improve compliance with Article 32 of the GDPR (General Data Protection Regulation).

Aligned with ISO 27001

  • Produce consistent, valid and comparable results according to Clause 6.1.2 of ISO 27001.
  • Generate a risk treatment plan and SoA (Statement of Applicability), ready for review by auditors.
  • Choose from a list of built-in controls from Annex A to treat specific risks.

Streamlined and accurate

  • Eliminate errors associated with using spreadsheets.
  • Accelerate risk mitigation actions with built-in control and risk libraries.
  • Choose specific risks that apply to your environment from databases.
  • Track implementation tasks against risks.

“User-friendly tool which made risk assessments easy and helped us achieve ISO 27001 certification. Responsive and knowledgeable support team. Absolutely worth your time and money.”

- Natalia Li Sundheim

“Using vsRisk has been a business enabler whereby we have been able to move away from clunky and ineffective Excel spreadsheets to manage our risks. Our risks are now clearly detailed in a graphical layout where we are able to drill down into our risks and produce meaningful risk assessments which can be presented to the board. The on-line assistance has been first class and any help that’s needed, be it a how to do something on the platform or assistance with account details and billing, the assistance is prompt, effective and faultless. I’d highly recommend Cyber Comply to anyone looking for a value for money risk management and compliance platform.”

- Stephen Hurren

“This tool is comprehensively the best!”

- A. Smith, IT Services

“The tool was amazing for doing the job it said it would.”

- Carol McCarthy, dsicmm Ltd

“vsRisk was instrumental in helping us achieve our ISO27001:2013 certification.”

- Greig Robertson, IT Project Manager, Aberdein Considine

How does vsRisk work?

  • Import assets or create your own.
  • Establish your risk acceptance criteria and customise the likelihood and impact scales of individual risks.
  • Once the settings have been configured, the built-in wizard guides you through each step of the risk assessment process.
  • Identify risks by selecting threats and vulnerabilities from built-in databases.
  • Record how you plan to respond to each risk.
  • Apply the necessary controls from built-in libraries to treat risks.
  • Generate audit-ready reports, including the SoA and risk treatment plan.

Affordable and flexible pricing

We offer single-user and multi-user access via monthly and annual subscriptions. Being hosted online also means that other invited users can access the tool with a ‘read only’ role and ensures that correct procedures have been followed.

Price guarantee: If you find a tool that does exactly the same, with the same outcomes at the same incredible price or lower, we will refund your first subscription.**

*Access to DocumentKits requires a separate subscription

**Full details on the shopping page

Technical specifications

  • Hosted on CyberComply, our online cyber security and compliance platform.
  • Accessible via an Internet connection and a compatible browser – the latest version of Chrome, Edge, Firefox or Internet Explorer.
  • Available on a monthly or annual subscription basis.
  • Supported by Microsoft Azure data centres, which have industry-leading security measures and policies.
  • Includes regular updates to content and functionality.
  • Includes on-demand and unlimited support.

Upgrade to CyberComply

vsRisk is one of five fully integrated modules of the CyberComply platform, making cyber security risk management and privacy compliance easy and affordable for all.

Providing complete control over your data privacy and information security compliance progress, CyberComply comprises the following modules:

Effortlessly meet your data security and data privacy obligations with one powerful tool.


Jeffrey S. Cochran

Information Security Manager, Thompsons Online Benefits

By the way, this vsRisk package rocks!
I do very much like how it is laid out and operates. This is just what I needed.


Nicholas King


Robust have never been so high-profile. The introduction of the EU GDPR (General Data Protection Regulation) in May 2018 put personal data protection firmly in the public consciousness. Cybercrime continues to grab headlines, with attacks causing massive disruption for airlines, hospitals and entire ... read more