Our organization ERM & BCMS risk is 5 (impact) x 5 (likelihood), however the ISMS is 4 (impact) x 4 (likelihood), can we use both or it should be aligned. based on your audit experience, is it nonconformity or not.
ISO 27001 does not prescribe how to evaluate risks, so you can choose the approach that better fits your needs.
Considering that, you can use different scales for your ERM & BCMS and ISMS. This difference is not a reason to raise a nonconformity, but the auditor may inquire the reason for using a different scale, since using a single scale can make your risk management process easier (you wouldn’t need to convert values to compare risks from different frameworks).