vsRisk

vsRisk is a software solution designed to streamline the information security risk assessment process and facilitate compliance with ISO 27001. It caters to organizations of all sizes, from small businesses to large enterprises. According to the vendor, IT professionals, information security managers, risk managers, compliance managers, and data protection officers from various industries rely on vsRisk to conduct efficient risk assessments, generate reports, and expedite the risk assessment process.

Key Features

According to the vendor, vsRisk offers the following features:

Asset Import and Creation: Users can import existing assets or create new ones within the software, providing a comprehensive view during the risk assessment process.

Customizable Risk Acceptance Criteria: Users can define their risk acceptance criteria within vsRisk, tailoring the risk assessment process to their specific needs and setting thresholds for acceptable risk levels.

Flexible Likelihood and Impact Scales: vsRisk allows users to customize the likelihood and impact scales for each individual risk, aligning the risk assessment process with their unique risk appetite and priorities.

Built-in Tutorials: vsRisk provides built-in tutorials that guide users through each step of the risk assessment process, offering clear instructions and support for effective risk assessments.

Threats and Vulnerabilities Database: vsRisk includes a comprehensive built-in database of threats and vulnerabilities, assisting users in identifying and selecting relevant risks during the assessment process.

Response Planning: Users can document their planned responses to each identified risk within vsRisk, facilitating the development and tracking of risk mitigation strategies.

Built-in Control Libraries: vsRisk offers built-in libraries of controls that can be applied to treat identified risks, aiding in effective risk mitigation.

Audit-ready Reports: vsRisk enables users to generate audit-ready reports, such as Statements of Applicability (SoA) and risk treatment plans, providing evidence for ISO 27001 compliance.

Alignment with ISO 27001: According to the vendor, vsRisk is aligned with ISO 27001 requirements and incorporates control sets from various standards, ensuring adherence to best-practice standards during risk assessments.

Privacy Risk Add-in: vsRisk includes a privacy risk add-in that allows organizations to assess the impact of risks to personal data and comply with GDPR requirements, safeguarding personal data.