BCMS
ISO22301 (ISO 22301) BCMS Requirements
ISO 22301:2012 specifies
the requirements for a business continuity management system (BCMS). The
requirements for a BCMS can be employed by any organization, no matter their
size, type or location.
Deploying
a BCMS that is ISO 22301-compliant will allow your organization to demonstrate
to stakeholders - employees, customers, suppliers, shareholders - that your organization
is prepared for disruptive incidents that might otherwise affect you achieving
your organizational goals.
ISO
22301 is based on the Plan-Do-Check-Act model as found in other management
system standards.
Organizations
that don't employ a BCMS face being unprepared should a disruptive incident
occur. Organizations suffering a disruptive incident without having a BCMS face
the following consequences of doing so:
·
Loss
of customers
·
Reputational
damage
·
Monetary
loss
·
Potentially
going out of business
The
list of side-effects is endless, do you really want to risk your organization?
Key Features and Benefits:
·
A
standard that specifies the requirements for a BCMS. Deploying a BCMS and
achieving certification against the standard demonstrates an organization is
prepared should a disruptive incident occur, and that your organization should
be able to continue should an incident occur.
·
The
requirements in the standard can be applied in any type or size of organization,
no matter the location, making it widely applicable.
·
Why
risk damage to your organization’s turnover, profits and reputation by not
being prepared should a disruptive incident occur?
What is ISO 22301?
Its official title is, “Societal Security – Business Continuity Management Systems – Requirements”. As the name implies, it’s a standard for implementing a business continuity management system and continuously improving business continuity capabilities based on management priorities and feedback. The purpose and intent of this standard is to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of, occurrence of, prepare for, respond to and recover from a disruptive incident when it arises. ISO 22301 was written in a manner that will allow organizations to pursue organizational certification.
Its official title is, “Societal Security – Business Continuity Management Systems – Requirements”. As the name implies, it’s a standard for implementing a business continuity management system and continuously improving business continuity capabilities based on management priorities and feedback. The purpose and intent of this standard is to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of, occurrence of, prepare for, respond to and recover from a disruptive incident when it arises. ISO 22301 was written in a manner that will allow organizations to pursue organizational certification.
ISO 22301 provides a framework to plan, establish,
implement, operate, monitor, review, maintain and continually improve a
business continuity management system (BCMS). It is expected to help
organizations protect against, prepare for, respond to, and recover when
disruptive incidents arise.
“Organizations
implementing ISO 22301 will be able to demonstrate to legislators, regulators,
customers, prospective customers and other interested parties that they are
adhering to good practice in BCM.
“It may also be used within an organization to measure
itself against good practice, and by auditors wishing to report to management.”
ISO 22301 will assist organizations in the design of a
BCMS that is appropriate to its needs and meets its stakeholders’ requirements.
These needs are shaped by legal, regulatory, organizational and industry
factors, the organization's products and services, its size and structure, its
processes, and its stakeholders.
Dave Austin, the project leader responsible for writing
ISO 22301, explains: “To work well, ISO 22301 will need organizations to have
thoroughly understood its requirements. Rather than being simply about a
project or developing ‘a plan’, BCM is an ongoing management process requiring
competent people working with appropriate support and structures that will
perform when needed.”
ISO 22301 is the first standard published which is
aligned with the new ISO format for writing management systems standards. This
will ease understanding and ensure consistency with other management systems,
such as ISO 9001 (quality management), ISO 14001 (environmental management) and
ISO/IEC 27001 (information security management).