Expert Advice Community

Home / ISO 27001 & 22301 / ISO 20k risk management process for BCMS

Guest

ISO 20k risk management process for BCMS

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Aug 22, 2019 Last commented:   Aug 22, 2019

ISO 20k risk management process for BCMS

ISO 27001 & 22301
I currently have a set of Risk Management Process which is written up using the ISO 20K SMS objectives. There is already a risk treatment and risk plan, with the risk methodology based on ISO 31000:2018 standard. Question is:
0 0

Assign topic to the user

ISO 22301 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 22301 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Expert
Rhand Leal Aug 22, 2019

Am I able to use this same risk document for BCMS?

Answer:

If you consider a BCMS based on ISO 22301 you can use the same risk document based on ISO 20k. You only have to make adjustments to fulfill specific requirements from ISO 22301. For example for a BCMS you have to consider risks that can cause disruption on business services and process in a general manner (i.e., not only related to IT related services)

This article is a little bit off-topic, but can provide you a view of the concept: https://advisera.com/27001academy/blog/2013/03/11/can-iso-27001-risk-assessment-be-used-for-iso-22301/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Aug 22, 2019

Aug 22, 2019

Suggested Topics
Atheer AlMartan Created:   Feb 11, 2024 ISO 27001 & 22301
Replies: 1
0 0

Statement of Acceptance of Residual Risks
Ash Created:   Jan 21, 2024 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 Internal Audits
Garry Created:   Dec 10, 2023 ISO 27001 & 22301
Replies: 3
0 0

Understanding the core concepts of RPO & RTO - ISO 22301