• Save
Maintaining and updating your risk assessment using vsRisk
Upcoming SlideShare
Loading in...5
×
 

Maintaining and updating your risk assessment using vsRisk

on

  • 629 views

 

Statistics

Views

Total Views
629
Views on SlideShare
578
Embed Views
51

Actions

Likes
0
Downloads
0
Comments
0

6 Embeds 51

http://www.vigilantsoftware.co.uk 34
http://www.securitybloggersnetwork.com 8
http://feeds.feedburner.com 3
http://www.newsblur.com 3
http://news.securemymind.com 2
http://cloud.feedly.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Maintaining and updating your risk assessment using vsRisk Maintaining and updating your risk assessment using vsRisk Presentation Transcript

  • “Intelligent, simplified risk assessment”Copyright © Vigilant Software Ltd 2013Phil HareVigilant SoftwareThursday May 30thPLEASE NOTE THAT ALL DELEGATES IN THE TELECONFERENCE ARE MUTED ON JOINING.Q&A IS HANDLED THROUGH THE GOTOWEBINAR QUESTION FUNCTIONMaintaining and updating your riskassessment using vsRisk™
  • “Intelligent, simplified risk assessment”Copyright © Vigilant Software Ltd 2013Phil Hare• An information security professional with many years’ experience ofinformation security risk assessments.• Heavily involved in the specification and creation of one of theleading software tools for ISO 27001 compliant risk assessmentsavailable today.• A broad knowledge of the technical, procedural, methodological andtheoretical aspects of Information Security Risk Assessment.• Instrumental in successful ISMS development projects across awide range of organisations.
  • “Intelligent, simplified risk assessment”Copyright © Vigilant Software Ltd 2013Today’s Webinar in Context• Today’s webinar is #4 in a series of 4 educationalwebinars.• The 4 webinars are designed to take you on a learningjourney:• Webinar 1 - Why IS027001 for my Organisation?• Webinar 2 – The Importance of risk management• Webinar 3 – Carrying out a risk assessment using vsRisk• Webinar 4 (Today) – Maintaining/updating your risk assessmentusing vsRisk.
  • “Intelligent, simplified risk assessment”Copyright © Vigilant Software Ltd 2013Today’s Agenda• A short 20-30 minutes educational and informative talk:• Quick recap of last 3 week’s webinar – Why ISO 27001, theimportance of risk management, and using vsRisk to carry out arisk assessment.• Why maintain and update your risk assessment?• Maintaining and update your risk assessment using vsRisk -software demonstration.• Ample time for Q&A.• Next steps including a special offer for vsRisk.
  • “Intelligent, simplified risk assessment”Copyright © Vigilant Software Ltd 2013Recap – last 3 webinarsIn the last 3 webinars we covered:• What is information security?• What is an information security management system (ISMS)?• What is ISO 27001?• Why should I and my organisation care about ISO 27001?• The importance of risk management.• Carrying out a risk assessment using vsRisk.
  • “Intelligent, simplified risk assessment”Copyright © Vigilant Software Ltd 2013Why maintain/update your risk assessment?Reason 1 – Required by ISO27001 (clause 4.2.3.d)Review risk assessments at planned intervals and review the residual risks and the identified acceptable levelsof risks, taking into account changes to:1. the organization;2. technology;3. business objectives and processes;4. identified threats;5. effectiveness of the implemented controls; and6. external events, such as changes to the legal or regulatory environment, changed contractual obligations,and changes in social climate.
  • “Intelligent, simplified risk assessment”Copyright © Vigilant Software Ltd 2013Why review your risk assessment?Reason 2 – Risks do actually change….Any change to the environment within which theOrganisation operates will mean the ISMS should bereviewed – e.g. change in risk environment, businessgrowth, change in legislation, change in supply chain…
  • “Intelligent, simplified risk assessment”Copyright © Vigilant Software Ltd 2013Why review your risk assessment?Management’s attitude to risk changes – which could reflect changes inthe funding cycle, the business environment, or in management!The Organisation should review its risk acceptance criteria to confirmthat they still reflect the Management’s Risk Appetite
  • “Intelligent, simplified risk assessment”Copyright © Vigilant Software Ltd 2013Why is vsRisk unique?vsRisk is the only tool in its price range that integratesout-of-the-box in to an ISO 27001 management system,allowing users to carry out an automated, robust andextensive cyber security risk assessment of theirorganisation’s assets compliant with ISO 27001.
  • “Intelligent, simplified risk assessment”Copyright © Vigilant Software Ltd 2013How does vsRisk help with review andmaintenance?1. It’s a database – so it stores data exactly as created last timearound;2. It has an automated process, which makes it very easy for a riskreview to produce results comparable to those achieved the lasttime;3. It’s easy to compare and contrast pre- and post- review states;4. There’s even a built-in comment capability and an audit log
  • “Intelligent, simplified risk assessment”Copyright © Vigilant Software Ltd 2013What does vsRisk already do for you?Integrated, out-of-the-box, into an ISO 27001management system – vsRisk employs a risk assessmentmethodology that complies with ISO 27001 and ISO 27005,reducing the risk of non-compliance at audit of an ISO27001 ISMS.Produced key ISO 27001 documentation – Statement ofApplicability and Risk Treatment Plan ensure consistencyin documentation quality and transparency across the riskmanagement process initially and over time.
  • “Intelligent, simplified risk assessment”Copyright © Vigilant Software Ltd 2013vsRisk - DemoSoftware demonstration – maintaining and updating a riskassessment using vsRisk.
  • “Intelligent, simplified risk assessment”Copyright © Vigilant Software Ltd 2013Next Steps – Special May offer of riskassessment software vsRisk• Purchases of vsRisk in May will include 1 years support andupgrades for free (worth £150).• To claim this offer, please visit www.vigilantsoftware.co.uk.• Offer valid until Thursday May 31st.
  • “Intelligent, simplified risk assessment”Copyright © Vigilant Software Ltd 2013Next Steps – Want to know more?• If you would like to know more about ISO 27001,including how to carry out an ISO 27001-compliant riskassessment using vsRisk, please visithttp://www.vigilantsoftware.co.uk or emailservicecentre@vigilantsoftware.co.uk.• Free trial of vsRisk available athttp://www.vigilantsoftware.co.uk
  • “Intelligent, simplified risk assessment”Copyright © Vigilant Software Ltd 2013Questions – we welcome them all!Please type your questions into the Gotowebinar questionbox – responses will be verbal and shared with alldelegates.