ISMS.online, the secure cloud software for information security management, has released new risk and interested party ‘banks’. This latest service complements the existing solution set and offers another significant time saving for organisations who are new to, or improving their approach towards, the 27001:2013 standard.
Mark Darby, CEO of Alliantist, the organisation behind ISMS.online commented,
“It’s our mission to help organisations of all sizes demonstrate effective information security management but we also recognise the strain achieving something like 27001:2013 can place on resources. ISMS.online reduces the time taken to implement an ISMS and makes it easy for ongoing management too.
Giving our customers a proven risk management methodology, and the tools to evaluate, treat, evidence and review risk, securely and collaboratively in the cloud, already saved weeks of work. Now we’ve taken that one huge step further by providing banks of common risks to draw from and evaluate according to the organisation’s risk appetite. And, to help show treatment of the risks, we’ve included standard treatment plans to evidence actions and alignment with the relevant Annex A policies and .”
Existing customers have been the first to benefit from the new risk banks. agent3 is currently working towardscertification and Kirsty Wallace, Head of Technical Process, commented,
“We subscribed to ISMS.online knowing that it would make it easier to reach our goal of achieving the. Having the 27001 policies to adopt, adapt or add to gave us a huge head-start but the introduction of the risk banks has been really helpful and is yet another feature that will help us reach our goal more quickly.
Addressing risk management has been quite a big struggle for us but seeing examples of them helps visualise what is actually required and has saved us loads of management time”.
Risk banks are now included in all new subscriptions to ISMS.online’s risk management tools. They can be taken as part of a wider online ISMS solution that provides collaborative workspaces, and tools for implementing and managing multiple and compliance regimes, such as EU GDPR.