ISO 31000 and ISO 27005
Assign topic to the user
Answer:
From my point of view no, because ISO 27005 is specially developed to provide guidelines on how to organize information security risk management, and ISO 31000 is developed to provide guidelines on how to organize global risk management, so if you have an ISMS (Information Security Management System) and you have information security risks, the best way (and the logic way) is to use ISO 27005. Anyway, remember that both standards are only code of best practices, you cannot certify them. For more information, please read this article “ISO 31000 and ISO 27001 – How are they related?” : https://advisera.com/27001academy/blog/2014/03/31/iso-31000-and-iso-27001-how-are-they-related/
And if you are interested in ISO 27001, our online course can be also interesting for you “ISO 27001:2013 Foundations Course” : https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Apr 14, 2016