Performing risk assessment for both ISO 27001 and ISO 22301
Assign topic to the user
You shouldn't perform them separately - risk assessment performed according to ISO 27001 is perfectly acceptable for ISO 22301 also. See also this article: Can ISO 27001 risk assessment be used for ISO 22301? https://advisera.com/27001academy/blog/2013/03/11/can-iso-27001-risk-assessment-be-used-for-iso-22301/
You should just follow your Risk assessment methodology for ISO 27001, and since it must take into account risks related to availability, if you comply with such methodology you will perform one risk assessment for both standards.
Comment as guest or Sign in
Jan 12, 2016