Getting the balance right

Information Security Risk Assessment Tool

Abriska calculates the individual levels of risk that each of an organisation assets are exposed to by combining together the asset BIA values, threats, vulnerabilities and controls. This uses the maturity values that have been assessed within the control maturity assessment and relating these controls through to the appropriate threats. For example, suppose an organisation has no anti-virus controls then its exposure to virus would be high.

Abriska benefits from URM's experience of completing ISO 27001 risk assessments so comes preloaded with lists of threats, controls, linking between them and also example vulnerabilities. This means that the an organisation can get a "jump start" on completing the risk assessment.

A typical risk matrix produced by Abriska

• Abriska Introduction
• Information Security (ISO 27001)
  • ISO 27001 Risk Assessment Requirements
  • ISO 27001 Asset Registers
  • ISO 27001 Control Maturity Assessment
  • Risk Assessment
  • ISO 27001 Certification Documents
• Business Continuity (BS 25999 & ISO 22301)
  • Dependency & Relationship Modelling
  • Business Impact Analysis
  • Risk Assessment
• Case Studies & Product Sheet
  • Abriska Product Sheet - 27001
  • Abriska Product Sheet - 25999
  • Abriska Demonstration