SecuraStar’s Risk Management services includes the use of it’s ISO 27001 Toolkit and/or ISO 27001 Software. These products provide a simple step-by-step solution to the generic ISO 27001 Risk Assessment requirements including:
ISO 27001 Risk Assessment Methodology
- Impact & Likelihood Scales
- Risk Calculation Matrix
- Risk Treatment Options
- Risk Acceptance Criteria
ISO 27001 Asset Inventory
- Asset Type
- Asset Category
- Asset
- Asset Owner
- Asset Location
ISO 27001 Risk Assessment
- Catalog of Threats and Vulnerabilities (ISO 27005)
- Risk Owner
- Assesses Raw Risk vs Current Risk (current controls)
- Risk Treatment Options
- Control Selection
ISO 27001 Risk Treatment Plan
- Selected – Risk Treatment Option
- Selected – Controls
- Assigned to Personnel
- Due by Date
- Current Status
ISO 27001 Statement of Applicability
- Mapping low level controls from Risk Assessment to Annex A
- Mapping Annex A controls to Policies, Processes and Procedures
- Mapping Annex A controls to Regulatory, Legal and Contractual Control requirements including HIPAA, PCI, SSAE 16, FISMA, NIST, etc.
