ISO 22301 is the only auditable international standard which defines the requirements for a Business Continuity System (BMS). In an ever-changing business world, business continuity and planning is more important than ever.
The standard is designed to ensure the selection of adequate and proportionate planning and continuity controls as well as recovery and testing. This can help you to protect your business from disruption events seen and unseen assets and give confidence to any interested parties, particularly your customers and staff that you can continue to meet their needs and expectations. The standard adopts a process approach for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving your BMS.
Who is it relevant to? ISO 22301 is suitable for any company, large or small, in any sector or part of the world who wants to ensure it can cope with incidents and events which may lead to or cause disruption in business continuity.
ISO 22301 can be used to assure customers that their service or product is being protected and maintained.
Benefits? There are various benefits for implementing ISO 23001 these include:
- Identify reduce and manage security events, risk and incidents.
- Third party independent assessment helps to verify that the company’s risks and BMS processes are properly identified and assessed.
- Certification improves the company’s marketing potential by providing assurance to customers and opening up new markets.
- Identify and plan for relevant laws and regulations, ensuring compliance.
- ISO22301 pushes a company to do more than just the minimum and can lead to positive change, improvements and most importantly business continuity.
- Can provide a competitive advantage within the market place by meeting pre-tender requirements.
The implementation process
- Define scope of the management system.
- Perform a business continuity assessment and develop a plan for implementation.
- Define a Business Continuity policy, manual and supporting procedures.
- Manage the identified risks and gaps identified.
- Implementation of system.
- Carry out internal audits and management review .
- Review management practices with a view to obtaining ISO 23001 certification.
- Attendance and support at the certification audit.
- Closure of issues raised and awarding of certification.