SecuraStar’s Risk Management services include the use of its ISO 27001 Toolkit and/or ISO 27001 Software.
These products provide a simple, step-by-step solution to meet ISO 27001 Risk Assessment requirements, including methodology, impact and likelihood scales, risk treatment options, and mapping to Annex A controls.
ISO 27001 Risk Assessment Methodology
- Impact & Likelihood Scales
- Risk Calculation Matrix
- Risk Treatment Options
- Risk Acceptance Criteria
ISO 27001 Asset Inventory
- Asset Type
- Asset Category
- Asset
- Asset Owner
- Asset Location
ISO 27001 Risk Assessment
- Catalog of Threats and Vulnerabilities (ISO 27005)
- Risk Owner
- Assesses Raw Risk vs Current Risk (current controls)
- Risk Treatment Options
- Control Selection
ISO 27001 Risk Treatment Plan
- Selected – Risk Treatment Option
- Selected – Controls
- Assigned to Personnel
- Due by Date
- Current Status
ISO 27001 Statement of Applicability
- Mapping low level controls from Risk Assessment to Annex A
- Mapping Annex A controls to Policies, Processes and Procedures
- Mapping Annex A controls to Regulatory, Legal and Contractual Control requirements including HIPAA, PCI, SSAE 16, FISMA, NIST, etc.
