Risk Management Tool
When you decide to design and implement a management system such as ISO 27001 (Information Security) or ISO 9001 (Quality) you need tools to help you manage risks, actions, documents and you need tools to help prepare for management review. We have developed a set of software tools that run within O365 / SharePoint and will help you do just that. These tools will not only help you implement ISO 27001 they will help you collaborate, get certified and stay compliant. Either run on our O365 SharePoint (so you don’t have to have O365) or can be implemented on your own O365.
The risk management tool is based on an asset risk assessment process where you select assets, determine the risk, likelihood, impact, mitigation, treatment plan and residual risk. See the entire risk assessment process here.
O365 SharePoint Modules:
- The Risk Management Module; Helps you manage all your information security or business risks.
- The Action Management Module; Helps you manage actions such as nonconformities, incidents, opportunity for improvement, management review and feedback.
- The Recurring Action Management Module; Helps reminding you of the various recurring ISMS tasks such as user access review, regular restore tests, business continuity tests and the ongoing staff awareness training.
- The Document Management Module; Helps you manage the documents in your ISMS (standard SharePoint functionality).
- The Management Dashboard Module; Helps management to always have an up to date view of information security compliance.
- Email Reminders; The various modules allows you to set due dates and review dates with automatic email reminders to action stakeholders.