Generators→ISO 27001 Risk Assessment

ISO 27001 Risk Assessment Template Generator

Generate a clause 6.1.2 ISO 27001:2022 information security risk assessment — pre-loaded with common SaaS risks, 5×5 risk matrix, and treatment decisions mapped to Annex A controls. Required before ISO 27001 certification.

ISO 27001:2022Clause 6.1.2ISO 27005Risk Register5×5 Matrix

What this generates: A full ISO 27001:2022 Clause 6.1.2 risk assessment document with a 5×5 risk matrix, pre-populated information asset register, threat and vulnerability analysis, risk scoring, treatment decisions, and Annex A control mappings. Required for ISO 27001 certification.

Company & Scope→

Risk Register

Company & ISMS Details

Company Name *

Company Website

Country / Jurisdiction *

Team Size

ISMS Scope Statement * (ISO 27001 clause 4.3)

Company Profile

Cloud-native SaaS — no physical office or self-hosted infrastructureSaaS company with a physical officeHybrid cloud + on-premises infrastructurePrimarily on-premises / data centre hostedFully remote company — no office premises

Data Types In Scope

Select all data types your ISMS protects — this tailors the risk register.

Personal data (names, emails, contact details)Special category data (health, biometric, financial)Payment card data (PCI DSS in scope)Authentication credentials (passwords, API keys, tokens)Business confidential / trade secretsCustomer-owned data (SaaS tenant data)Employee / HR dataSource code / IPInfrastructure credentials (cloud keys, SSH, certificates)Audit logs / security event data

Risk Assessment Details

Risk Owner Name *

Risk Owner Title

Risk Owner Email

Version

Assessment Date

Next Review Date

Risk Methodology

Risk Appetite

Risk Acceptance Criteria

Likelihood Scale

Impact Scale

Additional Context