“The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013Alan Calder and Phil...
“The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013Alan Calder• CEO and...
“The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013Today’s Webinar in C...
“The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013Today’s Agenda• A sh...
“The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013Recap – last 2 webin...
“The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013What is a risk asses...
“The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013What is a risk asses...
“The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013What is a risk asses...
“The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013How do I carry out a...
“The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013What can vsRisk do f...
“The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013Phil Hare• An inform...
“The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013vsRisk - DemoSoftwar...
“The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013Questions – we welco...
“The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013Next Steps – Upcomin...
“The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013Before the next webi...
“The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013Next Steps – Want to...
Upcoming SlideShare
Loading in …5
×

Using vsRisk to carry out a Risk Assessment

1,693 views

Published on

These are the slides that were used in a webinar hosted by Alan Calder and Phil Hare. You can view the webinar here - http://www.youtube.com/watch?v=rnMrAS7wyJI

Published in: Business, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,693
On SlideShare
0
From Embeds
0
Number of Embeds
86
Actions
Shares
0
Downloads
35
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Using vsRisk to carry out a Risk Assessment

  1. 1. “The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013Alan Calder and Phil HareVigilant SoftwareFriday May 23rd 2013PLEASE NOTE THAT ALL DELEGATES IN THE TELECONFERENCE ARE MUTED ON JOINING.Q&A IS HANDLED THROUGH A COMBINATION OF WEBEX CHAT/TEXT AND VOICECarrying out a risk assessment usingvsRisk™
  2. 2. “The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013Alan Calder• CEO and founder of Vigilant Software• Acknowledged information security/risk managementthought leader• Managed the world’s first successful ISO 27001 (thenBS 7799) implementation project in 1996• Frequent media commentator on risk managementissues• Co-author of vsRisk™ – the definitive informationsecurity risk assessment tool
  3. 3. “The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013Today’s Webinar in Context• Today’s webinar is #3 in a series of 4 educationalwebinars.• The 4 webinars are designed to take you on a learningjourney:• Webinar 1 - Why ISO 27001?• Webinar 2 – The Importance of risk management.• Webinar 3 (Today) – Carrying out a risk assessment usingvsRisk• Webinar 4 – Maintaining/updating your risk assessment usingvsRisk.Registration details of future webinars at the end.
  4. 4. “The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013Today’s Agenda• A short 20-30 minutes educational and informative talk:• Quick recap of last 2 week’s webinar – Why ISO 27001 and theimportance of risk management.• What is an information security risk assessment?• Carrying out an information security risk assessment usingvsRisk - software demonstration.• Ample time for Q&A at the end (all attendees are onmute to provide a clear line – please ask questions viathe Gotowebinar question panel).• Next steps including 1 upcoming educational webinar.
  5. 5. “The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013Recap – last 2 webinarsIn the last 2 webinars we covered:• What is information security?• What is an information security management system (ISMS)?• What is ISO 27001?• Why should I and my organisation care about ISO 27001?• The importance of risk management.
  6. 6. “The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013What is a risk assessment?• A risk assessment is the core competence ofinformation security management.• ISO 27001 explicitly asks for:• a risk assessment to be carried out before any controls areselected and implemented.• every control to be justified by a risk assessment.
  7. 7. “The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013What is a risk assessment?• The risk assessment must:• Identify the threat/vulnerability combinations that have alikelihood of impacting the confidentiality, availability or integrityof each asset within a scope.• This must be done from a business, compliance or contractualperspective.
  8. 8. “The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013What is a risk assessment?• From completing a risk assessment:• Spend on controls is balanced against business harm, likely toresult from security failures.• Information security management decisions are entirely madeby the outcomes from a risk assessment.
  9. 9. “The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013How do I carry out a risk assessment?• Modern software tools take the pain out of riskassessment.• vsRisk is the industry-leading ISO 27001-compliant riskassessment tool.• vsRisk has simplified and automated the informationsecurity risk assessment process for many organisationsacross the globe, both large and small.
  10. 10. “The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013What can vsRisk do for you?• Simplification: minimises the manual hassle andcomplexity from carrying out an ISO 27001 riskassessment, saving time and resources.• Replication: risk assessments can be repeated easily ina standard format year after year.• Generates Reports: for sharing across the business andwith auditors.• Automation: the best and most efficient way to carry outa risk assessment.
  11. 11. “The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013Phil Hare• An information security professional with many years’ experience ofinformation security risk assessments• Heavily involved in the specification and creation of one of theleading software tools for ISO 27001 compliant risk assessmentsavailable today.• A broad knowledge of the technical, procedural, methodological andtheoretical aspects of Information Security Risk Assessment.• Instrumental in successful ISMS development projects across awide range of organisations. Currently the architect and productmanager for the Vigilant Software product suite, focusing onincorporating a broad range of compliance objectives into a usableand efficient software suite.
  12. 12. “The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013vsRisk - DemoSoftware demonstration – carrying out a risk assessmentusing vsRisk.
  13. 13. “The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013Questions – we welcome them all!Please type your questions into the Gotowebinar chatwindow – responses will generally be verbal and sharedwith all delegates.
  14. 14. “The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013Next Steps – Upcoming Educational Webinar• Maintaining and Updating your Risk Assessment usingvsRisk - Thursday May 30th, 4pm UK Time• Register at www.vigilantsoftware.co.uk/webinars.aspx
  15. 15. “The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013Before the next webinar…Read a book…Read the worlds first practical e-bookguidance on achieving ISO27001certification and the nineessential steps to an effective ISMSimplementation.Available for £25.95 (usually £29.95)athttp://www.vigilantsoftware.co.uk/product/1651.aspxDownload a free trial of vsRiskThe information security riskassessment tool compliant to ISO27001 that automates andaccelerates the risk managementprocess.15-day free trial athttp://www.vigilantsoftware.co.uk
  16. 16. “The definitive risk assessment tool for ISO27001 certification”Copyright © Vigilant Software Ltd 2013Next Steps – Want to know more?• If you would like to know more about IS027001, includinghow to carry out an ISO27001-compliant riskassessment using vsRisk, please visithttp://www.vigilantsoftware.co.uk or emailservicecentre@vigilantsoftware.co.uk.• Free trial of vsRisk available athttp://www.vigilantsoftware.co.uk

×