Guest post Created: Jan 12, 2016 Last commented: Jan 12, 2016

connection between BCP and security

Dear Mr. Kouti?, our CISO and Organisational Officer both see the close connection between BCP and information security in 27001 Standard. The question is whether to put CISO and BCP together in our organisation (perhaps in Compliance) or not. Do you see the connection between them in 27001 Standard and where (how to argue that) ? I work in a financial institution (bank). Thank you in advance and best regards!

0 0

Assign topic to the user

Select user

Guest

DejanK Jan 12, 2016

Yes, information security and business continuity are very related - the most recent trend in most banks is that the functions of BCP and CISO are merged in one department or one person.

Arguments are these: you can do risk assessment at the same time for both information security and business continuity; incident management is very much related; training and awareness is almost the same, etc.

These materials can also help you:
- ISO 27001 & ISO 22301: Why is it better to implement them together? https://advisera.com/27001academy/webinar/iso-27001iso-22301-certification-process-free-webinar-demand/
- Chief Information Security Officer (CISO) - where does he belong in an org chart? https://advisera.com/27001academy/blog/2012/09/11/chief-information-security-officer-ciso-where-does-he-belong-in-an-org-chart/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jan 12, 2016

Expert Advice Community