Security Risk Analysis & Assessment, and ISO 27000 Compliance






This is widely considered to be the ulitmate toolset for security risk professionals.

It can now be viewed on its own dedicated website:





Main Page
COBRA Benefits
COBRA Knowledge
ISO 17799
Module Manager
Evaluation Copy
COBRA Purchase
Contact Page



Buy It Here!


The Leading Security Risk Analysis and ISO 27000 Compliance Tool





Automatic Customization

No two enterprises are the same, and neither are their security requirements. Risk Consultant will therefore dynamically generate questionnaires from 'knowledge base' modules that are specifically suited to the organization, environment and system under review.


Self Analysis

Risk Consultant is designed to be truly self analytical. It can be used without the need for detailed security knowledge or expertise in using risk management software. There is no need to employ expensive consultants to 'back-up' the system.



A major design feature is the modularization of the Risk Consultant 'knowledge base' questionnaires. This enables modules to be targeted at personnel with the appropriate expertise and knowledge, and fully supports scheduling. For new developments, it also allows stage by stage assessment (design, development, acceptance testing and implementation).



The reports produced by Risk Consultant are NOT standard computer output. They are in the form of professional business reports and are suitable for interpretation by both technical and non-technical management.


Knowledge Base Customization

Through the separately shipped Module Manager component all elements of the knowledge base can be changed, including question modules, weightings, recommendations, and output assessment text. This facility is important where an organization wishes to alter the system to fit its own culture, or where a very specialist and possibly unique risk element has to be assessed.


What If ... ? Solution Testing

Risk Consultant fully supports 'hypothesis testing'. The impact that specific additional controls would have on the system's risk level can be dynamically ascertained.


Help Text

On-line help is essential to enable full 'self analysis'. Risk Consultant provides help at both system level (to guide the user through the exercise) and question level to offer further explanation when addressing complex areas).



business continuity plan   COBRA Purchase Page business continuity plan




Return to Main Page


Main Page ]