Getting the balance right

Information Security Risk Assessment Tool

Abriska automatically produces the required documentation for certification to ISO 27001.

Risk Treatment Plan

This report should clearly identify to senior management the areas of risk that have been identified during the risk assessment. For each risk that is identified, the organisation should classify the risk according to their risk appetite, then take appropriate actions to either accept, avoid, reduce or transfer/share the risk.

Statement of Applicability

This report shows which of the ISO 27001 controls have been selected as applicable within your organisation, and why they have been included. For example, controls against malicious code are required if the organisation is concerned by viruses. Also if any controls have not been selected by the organisation, these should be justified.

Abriska satisfies these requirements by delivering reports that are easy to understand and analyse, also as the results are stored within a relational database as updates and changes are made these can be immediately reflected within the reporting.

• Abriska Introduction
• Information Security (ISO 27001)
  • ISO 27001 Risk Assessment Requirements
  • ISO 27001 Asset Registers
  • ISO 27001 Control Maturity Assessment
  • Risk Assessment
  • ISO 27001 Certification Documents
• Business Continuity (BS 25999 & ISO 22301)
  • Dependency & Relationship Modelling
  • Business Impact Analysis
  • Risk Assessment
• Case Studies & Product Sheet
  • Abriska Product Sheet - 27001
  • Abriska Product Sheet - 25999
  • Abriska Demonstration