Guest user Created: Apr 04, 2019 Last commented: Apr 04, 2019

Risks and ISO 22301

I'm from Colombia and I'm trying to do a degree project in a consulting company, my question is what risks can prevent or what risks are found in the company that we control them with the ISO 22301?

0 0

Assign topic to the user

Select user

Expert

Rhand Leal Apr 04, 2019

Answer:

First it is important to note that ISO 22301 does not focus on risk management, but on business continuity. The objective of this standard is to ensure continuity of processes and delivery of services after a disruptive event, and risk management is one approach to achieve this objective, by the identification and treatment of risks that can lead to a disruptive event, but the standard itself does not define which risks to be treated or how to identify and treat them, only that this activity must be performed.

For detailed information about risk management you should consider the ISO 31000 standard

These articles will provide you further explanation about ISO 22301 and ISO 31000:
- What is ISO 22301 https://advisera.com/27001academy/what-is-iso-22301/
- ISO 31000 and ISO 27001 – How are they related? https://advisera.com/27001academy/blog/2014/03/31/iso-31000-and-iso-27001-how-are-they-related/

Although the last article mentions ISO 27001, the concepts of ISO 31000 included in the article are also applicable to ISO 22301.

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Apr 04, 2019

Expert Advice Community