Select regional store:

Free Download: Risk assessment and ISO27001

An ISO 27001-compliant information security management system (ISMS) developed and maintained according to risk acceptance/rejection criteria is an extremely useful management tool, but the risk assessment process is often the most difficult and complex aspect to manage, and often requires external assistance.

This green paper seeks to explain and unravel some of the issues surrounding the risk assessment process.



  • The three stages of the ISO 27005 risk assessment process: risk identification, analysis and evaluation

  • Risk assessment and the ISO 27001 Statement of Applicability

  • How to use risk assessments to achieve maximum benefits from minimum security costs

  • How risk assessments fit into the continuous improvement cycle

  • Request a free demonstration of vsRisk risk assessment software to discover how it can save you time and money, the demonstration will be provided by Vigilant Software, manufacturer of vsRisk, click here to find out more >



ISO 27001 explicitly requires compliant organisations to carry out risk assessments based on agreed risk acceptance criteria that must be used when analysing risk.

Risk assessment enables expenditure on controls to be balanced against the business harm likely to result from security failures.


Download Your Free Risk assessment and ISO27001 Green Paper Today!

This website uses cookies. View our cookie policy