Is ISO 27001 Risk Assessment Methodology applicable to ISO 22301

Answer:

This is certainly a very good question - actually you can use the ISO 27001 risk assessment methodology also for ISO 22301, because this methodology is so called "asset-based" methodology which lists all the assets, then all related vulnerabilities and threats, and finally calculates the level of risk.

But you are right, there are couple of differences:
1) Information security risk assessment must take into account the consequences related to confidentiality, integrity and availability of assets, whereas the business continuity risk assessment must take into account only the consequences related to availability. Therefore, you can delete "confidentiality" and "integrity" when they are mentioned in the document.
2) ISO 22301 does not require you to have a document called Statement of Applicability, so you can avoid it if you see no value in it for your business continuity (t his document is mentioned in the Risk assessment methodology).
3) Instead of asset-based methodology you can decide to go for a methodology that will be based on critical activities and processes - this will be probably quicker than the asset-based methodology mentioned above, but this will also be less accurate.

This article will also help you: Can ISO 27001 risk assessment be used for ISO 22301? https://advisera.com/27001academy/blog/2013/03/11/can-iso-27001-risk-assessment-be-used-for-iso-22301/

These materials will also help you regarding the risk assessment:
- Book ISO 27001 Risk Management in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/
- Free online training ISO 27001 Foundations Course
https://advisera.com/training/iso-27001-foundations-course/