Assigning impact and likelihood values in an asset-based information security risk assessment

Assigning impact and likelihood values in an asset-based information security risk assessment

Organisations that are looking to improve their information security posture are probably familiar with ISO 27001. It’s the international standard that describes best practice for an ISMS (information security management system), and it provides a framework for implementing appropriate processes and technologies. At the heart of ISO 27001 is the ... Read More
Conduct simple, fast and accurate risk assessments with vsRisk

ISO 27005 and the risk assessment process

ISO 27005 describes the risk management process for information and cyber security. It’s part of the ISO 27000 series, which means its advice is part of a wider set of best practices for to protect your organisation from data breaches. As with every standard in the series, ISO 27005 doesn’t outline a specific approach ... Read More

Conducting an Asset-Based Risk Assessment in ISO 27001

One of the core principles of ISO 27001 is that the information security measures you adopt must be relevant to the threats your organisation faces. Every business is unique – in its structure, the types of information it processes and the way it operates – so its approach to data ... Read More