Expert Advice Community

Guest

Risk assessment

  Quote
Guest
Guest user Created:   May 07, 2021 Last commented:   May 07, 2021

Risk assessment

I also have questions about risk assessment. I am asking for guidance in relation to the following questions:

1. The risk assessment methodology document is the same for 22301 and 27001? There is no direct reference to ISO 22301 in the sample document, only ISO27001. Is it appropriate in case I'm not only implementing 27001? Let’s suppose I implement ISO 22301 or possibly ISO 22301 + 27001 simultaneously.

2. Do I understand correctly that risk assessment should cover all business processes / activities involved in the business continuity management system?

0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal May 07, 2021

1. The risk assessment methodology document is the same for 22301 and 27001? There is no direct reference to ISO 22301 in the sample document, only ISO27001. Is it appropriate in case I'm not only implementing 27001? Let’s suppose I implement ISO 22301 or possibly ISO 22301 + 27001 simultaneously.

ISO 22301 does not prescribe a risk methodology approach to be used, so you can use the Risk Assessment and Risk Treatment Methodology document defined for ISO 27001 for complying with ISO 22301 requirements.

For further information, see:

2. Do I understand correctly that risk assessment should cover all business processes / activities involved in the business continuity management system?

Your understanding is correct. The risk assessment must be applied to all elements defined in the BCMS scope.

These articles will provide you a further explanation about risk assessment in business continuity:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

May 07, 2021

May 07, 2021

Suggested Topics

Guest user Created:   May 05, 2021 ISO 27001 & 22301
Replies: 1
0 0

Risk assessment treatment

Guest user Created:   Apr 21, 2021 ISO 27001 & 22301
Replies: 1
0 0

ISMS & BCMS risk assessment

Guest user Created:   Mar 26, 2021 ISO 27001 & 22301
Replies: 1
0 0

Risk Assessment Matrix