Risk analysis

It's our policy not to make recommendations about technologies or products, but from our experience with small and midsized businesses, the excel base tool is still the best solution balancing cost and effectiveness.

To make a usability benchmark, I suggest you see the free demo of our Risk Assessment table (it has been widely used by small and midsized businesses all around the world in their certified ISO 27001 ISMSs). This template used the approach asset-threat, vulnerability.

You can see a demo of this template at this link: https://advisera.com/27001academy/documentation/risk-assessment-table/

These articles will provide you a further explanation about risk assessment according to ISO 27001:

• ISO 27001/ISO 27005 risk assessment & treatment – 6 basic steps https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-treatment-6-basic-steps/
• How to organize initial risk assessment according to ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2014/04/29/how-to-organize-initial-risk-assessment-according-to-iso-27001-and-iso-22301/
• ISO 27001 risk assessment: How to match assets, threats, and vulnerabilities https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-how-to-match-assets-threats-and-vulnerabilities/
• How to assess consequences and likelihood in ISO 27001 risk analysis https://advisera.com/27001academy/iso-27001-risk-assessment-treatment-management/#assessment
• The basics of risk assessment and treatment according to ISO 27001 [free webinar on demand] https://advisera.com/27001academy/webinar/basics-risk-assessment-treatment-according-iso-27001-free-webinar-demand/