Guest
Calculating ROI for ISO 27001 ISMS implementation program
How the best way to calculate the ROI for a ISO27001 ISMS implementation program?
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
Expert
Rhand Leal
Feb 26, 2021
The best way to calculate the Return on Security Investment (ROSI) is to relate the investment in information security with the economic benefits that this will bring to the business. The calculation of the ROSI can be based on:
- Costs of incidents by taking into account all the relevant costs if an incident occurs and the probability of an incident. These are some types of incidents: Malicious activity (virus, trojan horses, etc.), unintentional human error (delete critical information by error, etc.), system errors/malfunctions (hardware failure, etc.), natural disaster & force majeure (earthquake, flood, etc.)
- Costs of security measures/controls and the level to which the risk of this incident would decrease because of such mitigation
This free tool can be very useful to give you an idea of how to calculate ROSI:
- Free Return on Security Investment Calculator: https://advisera.com/27001academy/free-tools/free-return-security-investment-calculator/
This article can be also interesting for you:
- Is it possible to calculate the Return on Security Investment (ROSI)? https://advisera.com/27001academy/blog/2011/06/13/is-it-possible-to-calculate-the-return-on-security-investment-rosi/
Comment as guest or Sign in
Feb 26, 2021
Feb 26, 2021
Feb 26, 2021