6 steps to an effective ISO 27001 risk assessment | Vanta