1. There is a question that the external auditor of ISO 27001 asked me, what is the reference or basis used for the risk assessment methodology that you have in your table? See point 3 of the attached document.
2. Another question, do you know where I can buy the ISO 27001: 2013 standard in Spanish?