Expert Advice Community

Guest

ISO 20k risk management process for BCMS

  Quote
Guest
Guest user Created:   Aug 22, 2019 Last commented:   Aug 22, 2019

ISO 20k risk management process for BCMS

I currently have a set of Risk Management Process which is written up using the ISO 20K SMS objectives. There is already a risk treatment and risk plan, with the risk methodology based on ISO 31000:2018 standard. Question is:
0 0

Assign topic to the user

ISO 22301 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 22301 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Aug 22, 2019
Am I able to use this same risk document for BCMS?

Answer:

If you consider a BCMS based on ISO 22301 you can use the same risk document based on ISO 20k. You only have to make adjustments to fulfill specific requirements from ISO 22301. For example for a BCMS you have to consider risks that can cause disruption on business services and process in a general manner (i.e., not only related to IT related services)

This article is a little bit off-topic, but can provide you a view of the concept: https://advisera.com/27001academy/blog/2013/03/11/can-iso-27001-risk-assessment-be-used-for-iso-22301/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Aug 22, 2019

Aug 22, 2019