Risk management is at the heart of any good information security management system
But managing it can be time consuming and cumbersome. We deliver a pragmatic and logical business approach to 6.1 of the ISO 27001:2013 standard.
Unlike many other risk management tools on the market, our decision support tools make it easy, with a modern and accredited approach that addresses the requirements of the latest, 2013, version of ISO 27001. We make it simple to meet the full requirements of 6.1, 18.1 and 4.2, with tools and policies that include:
- Information security risk management
- Applicable legislation management
- Interested parties management
We’ve even provided banks of common risks, applicable legislation* and interested parties to draw from and evaluate according to your organisation’s risk appetite. And, to help show treatment, we’ve included standard treatment plans to evidence actions and alignment with the relevant Annex A policies and controls.