MorganHill offers information security risk assessments in accordance with ISO/IEC 27001: 2022 - 6.1.2 - Information Security Risk Assessment - for helping organizations establish an information security management system (ISMS).  Per ISO/IEC 27001: 2022, the organization is to define and apply an information security risk assessment process that:

• Establishes and maintains information security risk criteria.
• Ensures that repeated information security risk assessments produce consistent, valid, and comparable results.
• Identifies the information security risks.
• Analyses the information security risks.
• Evaluates the information security risks.

  ---

With MorganHill, we’ve developed a highly useful and adaptable Information Security Risk Assessment Program that covers all areas as required by sections 6.1.2 and 6.1.3 of ISO/IEC 27001: 2022. As you start your journey towards ISO/IEC 27001, it’s important to perform an information security risk assessment, and to document, and retain the results of such an assessment. 

Begin your ISO/IEC 27001 journey today with our industry leading ISMS 27001 Scoping & Gap Assessment Workbook.  Our comprehensive, in-depth ISMS 27001 Scoping & Gap Assessment Workbook will help organizations clearly define the scope of their Information Security Management System (ISMS) as required by ISO/IEC 27001.

Also, we offer industry leading security documentation for helping organizations develop all required Information Security Management System (ISMS) policies, procedures, programs, and plans in accordance with ISO/IEC 27001 & 27002.

Additional documentation offered includes a wide range of ISO specific InfoSec, cybersecurity and data privacy documents, along with an industry leading Risk Assessment Program, Statement of Applicability Workbook, Internal Audit Program, Continuous Monitoring Program, and so much more.