VERISCAN IRM - vRISK

Risk assessment - vRISKA tool that focuses on ”DO”

VERISCAN vRISK - VS OTHER TOOLS FOR RISK ASSESSMENTSThere are many tools for risk assessments on the market. However, many times, they are described by customers as too complex to be user-friendly.

Other tools can be too complex and hard to learn or provide too narrow a use for a risk management tool, where, for example, the tool only supports information security risks and no others.

Veriscan vRISK is a web-based, easy to use, flexible and transparent risk management tool. Several major, global orga-nizations with a mature attitude towards riskmanagement have contributed in the development of the tool.

With Veriscan vRISK your risk management process becomes more efficient and you get a better traceability and follow-up than by using traditional Excel templates with limited user-friendliness and lack of ability for overall summaries.

A TOOL FOR RISK MANAGEMENTThe tool is an aid for planning and performing risk assessments, decisions for risk measures and support for follow-up of agreed remediate actions. Veriscan vRISK is suitable for any size of organization and can handle various types of risks such as:• Operational risks• Information Security Risks• Quality risks etc.

TOOL FOR RISK ASSESSMENT

Veriscan vRISK is a web-based tool for managing different types of risks.

A three step approach

• Define and evalutate

• Treat

• Follow up

With Veriscan vRISK;

• You can add your own user instructions

• You can easily connect many risk-reducing activities to a risk and follow them up

• You can set your own risk scales

• It is easy to extract clear graphical reports

The tool is aligned with ISO/IEC 27005 – Information technology – Security techniques – Information security risk management and ISO 31000 Risk management – Principles and guidelines.

Veriscan vRISK is part of Veriscan IRM (Information Risk Management) to support conducting risk assessments as part of the Risk Management procedure.

TOOL FOR RISK ASSESSMENT

VERISCAN IRM - vRISK

THE PROCESS FOR RISK ASSESSMENT

The workflow follows the logical process for any risk assessment.

It goes from risk assessment setup (planning and preparation), risk analysis (risk identification and evaluation), risk treatment (acceptance, risk reduction, transfer of risk or avoidance of risk) and risk follow-up (where progress reports are made on determined activities).

THE RISK CARD

The “Risk card” is the core of Veriscan vRISK, and is the item where most information is added and to which most links are made. Each risk has its own risk card, where it will be possible to see e.g. how the risk has been evaluated, who is the risk owner, which assets, controls and/or objectives have been linked to it, which risk treatment activities will be performed as risk reduction, etc.

FLEXIBLE TOOL

How do you want it? What levels and how many, what names, what colours, what placements? The tool provides complete flexibility. In addition, the tool is role based. The organization may itself connect their own user instructions and set their own risk scales etc.

The estimated learning time for anyone who is used to performing risk assessments is 15 minutes. This flexible tool can be used as web application in your laptop, tablet, or mobile phone.

GRAPHICAL REPORTS

Even the reports are flexible; you may choose to display charts or not, the risk list or not, the status of the activities or not. You can also group and filter! Reports may be sent out to the persons responsible for performing the activities, in order to request for progress reports.

The report shows:

• Risk levels from start

• Target level after risk treatment

• Status of activities, etc.

Example of report. Use your own risk scales and terms. Above is just an example.

Veriscan Security Sweden - info@veriscan.se Norway - contact@veriscan.no United Kingdom - info-uk@veriscansecurity.comwww.veriscan.se www.veriscan.no www.veriscansecurity.com

The “Risk card” is the core of Veriscan vRISK.