ISO 27001 and ISO 22301
Assign topic to the user
Answer: ISO 27001 is no predecessor for ISO 22301. These standards fulfill different purposes (business continuity for 22301 and information security for 27001), but there is a set of controls in ISO 27001, in Annex A section A.17 - Information security aspects of business continuity management, that can be covered by ISO 22301 requirements.
Since that these standards have different purposes, we cannot say which one is better. This perception will depend upon the organizational context and its purposes, what can tell you which one is more appropriate.
This article will provide you further explanation about the relationship between ISO 27001 and ISO 22301:
- What to implement first: ISO 22301 or ISO 27001? https://advisera.com/27001academy/blog/2017/04/03/what-to-implement-first-iso-22301-or-iso-27001/
These materials will also help you regarding ISO 27001 and ISO 22301:
- Book Becoming Resilient: The Definitive Guide to ISO 22301 Implementation https://advisera.com/books/becoming-resilient-the-definitive-guide-to-iso-22301-implementation/
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- ISO 27001 & ISO 22301: Why is it better to implement them together? [free webinar on demand] https://advisera.com/27001academy/webinar/iso-27001iso-22301-certification-process-free-webinar-demand/
Comment as guest or Sign in
Apr 09, 2017