BLACK FRIDAY DISCOUNT
Get 30% off on toolkits, course exams, Conformio, and Company Training Academy yearly plans.
Limited-time offer – ends December 2, 2024
Use promo code:
30OFFBLACK

Expert Advice Community

Guest

Differences between ISO 22301 & ISO 31000

  Quote
Guest
Guest user Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

Differences between ISO 22301 & ISO 31000

 Thank you for your email. Can you kindly tell me the difference between ISO 22301 & ISO 31000 2009, this is quite new to me  (all l know is that they are both Risk Based)
0 0

Assign topic to the user

ISO 22301 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 22301 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Guest
AntonioS Jan 12, 2016

thank you.

 

Answer:

Both standards have different objectives. ISO 31000 is a standard that gives you a guide of best practices for the risk management (any type of risks: information security, environmental, financial, etc). On the other hand, ISO 22301 establishes requirements for the implementation of a Business Continuity Management System, where you need to management risks to avoid interruptions of the business continuity. So, for the implementation of the ISO 22301, you can use the ISO 31000 (but it is not mandatory). Anyway, there is another ISO also related to risks: ISO 27001, which core is the risk management (although only for information security), and in this case there is another guide of best practices focused on information security: ISO 27005 (has the same structure that the ISO 31000).
 
Finally, this article about ISO 31000 and ISO 27001 can be i nteresting for you “ISO 31000 and ISO 27001 – How are they related?” : https://advisera.com/27001academy/blog/2014/03/31/iso-31000-and-iso-27001-how-are-they-related/

Quote
0 2

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics