I was wondering if anyone could recommend a 'cheap' (under $50,000 AUD) 'ISO 27001 / ISMS' software for managing our ISMS? Alternatively, can anyone recommend a 'CyberSecurity Risk Management Software'?
Our primary reasons for needing this software is to use it to undertake, track and manage information security risk assessments. Secondary reasons include an asset register, central repository for our Statement of Applicability, Document Control Register, Security Calendar and to track ISMS Surveillance Audits (but we can manage a lot of that using excel spreadsheets if needed).
I have already looked at a few products, including:
Cyber Security Evaluation Tool (CSET - Homeland Security).
There are other products that are outside of our price range such as RSA Archer and Service Now GRC.
I have no doubt there are others that I have missed. Feel free to add to this list.