Risiko365 is an app that will help you manage your Information Security Management System (ISMS). It will help you get ISO 27001 certified – and stay certified.
The app consists of 4 modules:
- The Risk module where you would manage all your risks
- The Incident & Action module where you manage security incidents, nonconformities, corrective actions, opportunity for improvement, management review actions and feedback.
- The Recurring Action Management module where you would manage recurring ISMS actions (an uncomplicated ticket system).
- The Dashboard module where you can see all your data ready for you management review.
Based on an asset risk approach you will determine risks related to your assets. You will score likelihood and impact for the current risk as well as the residual risk. For each risk you can define a risk treatment plan including setting review dates, due dates, link to Annex A controls and recording risk owner approval. Please see the full risk management process for further details.
Incident & Action Module
In this module you will log your information security incidents as well as nonconformities, corrective actions, opportunities for improvement, management review actions, etc.
The module allows you to assign owners, review dates and due dates which would automatically remind owners.
You can also determine root causes and link to risks.
Recurring Action Management Module
This module will help you manage all those recurring tasks that are part of your ISMS. It works like a simple ticket system where you chose the task from the database (business continuity test, internal audit, policy review, pen test, supplier review, user access review, etc.). Then you set a frequency, a due date and an owner. The owner is reminded of the task and record the evidence of the task being done in the ticket and a new ticket will be created based on the frequency selected.
As you use the app you will start building up a lot of data. To help you make sense of this data and to provide you with the information required for your ISO management review the dashboard module will provide information such as:
- Risk Heat Map
- Nonconformity trend
- Incident trend
- OFI trend
- Root cause analysis
- Age of open risk
Click on the graphics below to see screenshots of the Dashboard elements.
Risiko365 comes with a lot of features to support the 4 modules:
- List of typical assets
- List of risks
- List of recurring ISMS tasks
- Easy adding of assets and risks to the database
- Overview of open, closed and overdue items
- Import and Export functionality
- …and more
For further information that might be of interest please also see: