Getting the balance right

Control Maturity Assessment

Abriska 27001 has been designed to deliver a pragmatic and cost effective risk assessment solution to those organisations looking to conduct their first risk assessment or repeat risk assessment required by ISO 27001 as part of the continuous improvement cycle (Plan, Do, Check, Act). Part of this assessment is to understand which of the controls within ISO 27001 are applicable to the organisation and how mature/effective those controls are.

The uniqueness of the tool lies in its flexibility and the use of the organisation’s hierarchy to represent how security controls are implemented across the organisation. This ensures that individuals who have responsibility for controls (i.e. HR is responsible for staff screening) can complete a single assessment of this control and all areas of the organisation inherit this effectiveness.

Benefits of Abriska 27001 include:

• Proven methodology which has been endorsed by leading UK certification bodies
• Understandable to "non-risk" professionals
• Follows the best practice of combined security standards
• Focuses on security as a whole rather than a specific technical solution
• Distributes the workload within the organisation.

The controls are assessed using a maturity model, this shows each of the individual levels of maturity and a level of effectiveness. Abriska allows both a current and target maturity to be recorded, therefore allowing potential improvements to be modelled.

• Abriska Introduction
• Information Security (ISO 27001)
  • ISO 27001 Risk Assessment Requirements
  • ISO 27001 Asset Registers
  • ISO 27001 Control Maturity Assessment
  • Risk Assessment
  • ISO 27001 Certification Documents
• Business Continuity (BS 25999 & ISO 22301)
  • Dependency & Relationship Modelling
  • Business Impact Analysis
  • Risk Assessment
• Case Studies & Product Sheet
  • Abriska Product Sheet - 27001
  • Abriska Product Sheet - 25999
  • Abriska Demonstration