Business Continuity Question
Assign topic to the user
I'm not really sure what is required by SOC 2, but in ISO 22301 the Business continuity policy has a very different function from the Business continuity plan, and therefore these two documents are normally separated.
However, merging those two documents is not forbidden in ISO 22301 - therefore you could theoretically do it although it would be a bit strange and impractical.
See also this article: The purpose of Business continuity policy according to ISO 22301 https://advisera.com/27001academy/blog/2013/06/04/the-purpose-of-business-continuity-policy-according-to-iso-22301/
Comment as guest or Sign in
Jan 12, 2016