Gap analysis for ISO27001 and ISO 22301
Assign topic to the user
Answer: As though ISO 27001:2013 and ISO 22301:2013 share the same basic structure, based on Annex SL, they have some slightly text differences in chapters 5,6,7,9 and 10, and are totally different in chapter 8, which makes it unpractical to use the Advisera's Free ISO 27001 Gap Analysis Tool to perform a gap analisys for ISO 22301.
2 - Can the "ISO 27001/ISO 22301 Internal Audit Toolkit" be used as a GAP analysis as well?
Answer: In general, an internal audit toolkit can act as a gap analysis tool, because one of its contents is the internal audit checklist. Especifically about the ISO 27001/ISO 22301 Internal Audit Toolkit you mentioned, it has sections dedicated to both ISO 27001 and ISO 22301 requirements (sections 1 and 2, respectively), and you can use these sections to perform a gap analisys regarding an ISMS or BCMS.
This material will also help you regardi ng ISO 22301:
- Book Becoming Resilient: The Definitive Guide to ISO 22301 Implementation https://advisera.com/books/becoming-resilient-the-definitive-guide-to-iso-22301-implementation/
Comment as guest or Sign in
Nov 11, 2016