Software for managing Documentation for ISO27001:2005
About ISO 27001:2005
ISO 27001:2005 is an International Standard for Information Security Management System.
It is adopted through a PDCA model to all the processes.
Risk Analysis & Mitigation Plan are very important documents in this process.
How Asset Track helps in creating the Risk Assessment plans ?
Asset Identification :Using a template based approach Assettrack allows gathering information about Assets.
Risk Repository: Create a repository of risks and assign various risks to Assets.
Assign Probability & Severity : Assign the probability and severity and calculate the Vulnerability Factor .
Risk Mitigation Plan: Enter the risk treatment plan and also the business continuity plan again every risk.
Other Modules of Asset Track
AMC/Warranty/Insurance Management : Manage the AMC / Warranty / Insurance Dates via software and reduce the residual risks.
Training Details : Online templates for registering the training details.
Incidence Management : Incidence Register Management and feedback loop for increasing of risks.
Issue Returns & Movements : Track the movement of Assets and also the Issues & Returns to different individuals and departments.
Asset Identification using Barcode / RFID Feed-in the details like Asset No , Details , Calibration Details , Warranty / AMC details et c. RFID tag with barcode on pasted on top Assign RFID tag to the Asset for further reference
Movement Tracking Scan the Asset Tag & the location to which this Asset is Transferred. Asset Status would be changed to “In Transit” New Location Scan the Asset Tag for receipt at new location Asset now belongs to new location Original Location
AMC / Insurance Management
Reminder for Inventory not under Insurance.
Auto updation of the AMC Dates
Agency details and contact list management
A Risk Analysis & Management module as per BS 7799 / ISO 27001
Define Risks repository and group risks
Assign Risks to various assets and define the Probability
Calculate the Vulnerability Factor
Define Risk Treatment Plan
Risk Treatment Process Ascertain the Likelihood (probability) , Impact Analysis ( severity) for every risk Determine the vulnerability by Vulnerability = Severity x Probability Is Vulnerability below acceptance level ? Assign a Risk Group to every Asset Yes No Make a Risk Treatment Plan and reduce the probability Stop Repeat the Previous step until the vulnerability comes under acceptable level Stop
Report Incidence online
Impact Analysis and mitigation plan
Analysis of additional new risks added and increase in the VF of risks.