ISO 27001 and ISO 22301
Assign topic to the user
Answer:
First it is important to note that it is not mandatory to implement ISO 27001 to implement and get certified against ISO 22301.
Regarding performing BIA complaint with ISO 22301 you need:
- to identify activities that support the products or services you want to ensure the continuity
- to assess the impact over time in case these activities are disrupted
- to define prioritized timeframes for returning these activities
- to identify dependencies and supporting resources
These materials will provide you further explanation about performing BIA:
- How to implement business impact analysis (BIA) according to ISO 22301 https://advisera.com/27001academy/knowledgebase/how-to-implement-business-impact-analysis-bia-according-to-iso-22301/
- Implementing Business Impact Analysis according to ISO 22301 [free webinar on demand] https://advisera.com/27001academy/webinar/implementing-business-impact-analysis-according-to-iso-22301-free-webinar-on-demand/
- Risk assessment vs. business impact analysis https://advisera.com/27001academy/knowledgebase/risk-assessment-vs-business-impact-analysis/
Comment as guest or Sign in
Aug 15, 2019