ISO 27001 controls and ISO 20000
Assign topic to the user
ISO 20000 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 20000 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 20000 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
Answer:
ISO 20000, different than in ISO 27001, does not have defined (explicit) security controls, like Annex A in ISO 27001. However, There is Information Security Management process in ISO 20000 and that process requires that risk assessment has to be performed and controls should be determined, implemented and operated. But, it doesn't define any particular controls, yet it refers to ISO 27001 for further details.
Meaning, if you have ISO 27001 in place, you can use controls applied in scope of the implementation.
See more details about relation between ISO 20000 and ISO 27001 in the article "Similarities and differences between ISO 27001 and ISO 20000" https://advisera.com/20000academy/blog/2018/05/09/similarities-and-differences-between-iso-27001-and-iso-20000/
Comment as guest or Sign in
Mar 12, 2019