Stellar's website use cookies to improve and personalize your experience and to display advertisements (if any). Our website may also include cookies from third parties like Google Adsense, Google Analytics, YouTube.

Privacy Policy

Follow Us:

Stellar

Home ISO 22301:2019 – Business Continuity Management System (BCMS)
ISO 22301:2019 Security and resilience — Business continuity management systems

ISO 22301 was developed as the first international standard for Business Continuity Management (BCM). The adoption of a Business Continuity Management system helps organizations prepare and ensure their business can continue in the face of external threats such as a natural disaster or information security breaches.

The work on ISO 22301 started in 2006 when an ISO workshop on “Emergency preparedness” was held in Florence, Italy. In May 2012, ISO technical committee ISO/TC 223 on societal security published this Standard after several deliberations. In June 2014 ISO’s Technical Board decided to form a new Technical Committee ISO/TC 292 by merging ISO/TC 223 Societal security, ISO/TC 247 Fraud countermeasures and controls and ISO/PC 284 Management system for quality of PSC operations.

To align with the High Level Structure of the of ISO’s Annex SL, ISO/TC 292 published the 2nd edition of ISO 22301 in October 2019. Thus ISO 22301:2019 is the current version of the Standard.

Ever-growing threats, such as terrorist attacks, virus attacks (COVID-19) and catastrophic weather events can cause interruption in service delivery, the supply chain, displacement/harm of personnel, or damage to company inventory and property affects the companies financials.

The adoption of a Business Continuity Management system prepares an organization to display resilience, assuring customers and stakeholders of a continuous operation, even if incidents occur. Implementing ISO 22301 means that an organization has a management plan developed with the right people in place and determined preparedness to respond to a business threatening incident.

The requirements of ISO 22301 are applicable to all organizations of all sizes in all industries and focusses proactively on assessing Risks and Opportunities for visualizing threats.

Benefits of ISO 22301

  • Protect against unforeseen threats such as natural disasters, terrorist threats, IT failures, and more.
  • Provides you with the framework to assess your workforce and suppliers and their associated risks.
  • Reduces downtime in an emergency, allowing your organization to fix the situation against predetermined time-frames as an issue arises.
  • Gives you the confidence that you can withstand any threat your organization faces, with drills and desktop exercises.
  • Maximize quality and efficiency
  • Flexibility during disruptions
  • Competitive advantage
  • Organisational improvement
  • Continuous internal improvement via audits
  • Legal and Regulatory Compliance
  • Cost savings
  • Maintain Optimum Client Delivery levels
  • Strengthen your internal Management
  • Reputational Management

Requirements for ISO 22301

  • Establish and maintain a sound Business Continuity Management structure that is supported by top management
  • Understand the organization by identifying its’ resources and critical activities
  • Define the Business Continuity Strategies which are employed to meet the organization’s objectives
  • Create and implement a Business Continuity Management Response plan
  • Have a documented structure and Response Plan to enable effective response and recovery from disruption
  • Set a Business Continuity Management in the organization
  • Test your organization’s Business Continuity Plan
  • Systematically review, plan and update the Business Continuity Plan
  • Increase employees’ awareness by properly communicating the BC Plan
  • Identifying the context of the organisation
  • Carrying out Business Impact analysis
  • Carrying out a Risk analysis
  • Identification of Maximum Tolerable period of disruption
  • Fixing an appropriate Recovery time objective