SlideShare a Scribd company logo

Bsi Acp Iso 22301 Tg 2012

Sergey Romanovskiy
Sergey Romanovskiy

To support the implementation of the latest international requirements standard for business continuity management systems, this guide has been designed to make it easier for you to meet the requirements of the new BS ISO 22301 BS ISO 22301 specifies the requirements for setting up and managing an effective business continuity management system (BCMS) for any organization, regardless of type or size. BSI recommends that every business has a plan in place to avoid excessive downtime and reduced productivity in the event of an interruption Meeting the requirements of the new international standard has never been easier. This presentation helps and supports organizations to implement BS ISO 22301, which will supersede BS 25999-2. It consists of an extract from John Sharp’s latest book ‘The Route Map to Business Continuity Management’ which provides practical guidance on how to meet the requirements of BS ISO 22301 and is available for purchase through the BSI shop This transition guide will help you understand your organization’s needs and obligations and how to implement an effective BCMS. Whether you are planning to certify against the new standard or simply want to benefit from BCM best practice, this guide will help you put in place the necessary requirements

1 of 11
Business Development BSI CIS ACP Moving from BS 25999-2 to ISO 22301 The new international standard for business continuity management systems
2 That’s why organizations need strong business continuity planning To support the implementation of the latest international requirements standard for business continuity management systems, this guide has been designed to make it easier for you to meet the requirements of the new BS ISO 22301 BS ISO 22301 specifies the requirements for setting up and managing an effective business continuity management system (BCMS) for any organization, regardless of type or size. BSI recommends that every business has a plan in place to avoid excessive downtime and reduced productivity in the event of an interruption Meeting the requirements of the new international standard has never been easier. This presentation helps and supports organizations to implement BS ISO 22301, which will supersede BS 25999-2. It consists of an extract from John Sharp’s latest book ‘The Route Map to Business Continuity Management’ which provides practical guidance on how to meet the requirements of BS ISO 22301 and is available for purchase through the BSI shop This transition guide will help you understand your organization’s needs and obligations and how to implement an effective BCMS. Whether you are planning to certify against the new standard or simply want to benefit from BCM best practice, this guide will help you put in place the necessary requirements
3 Why adopt a business continuity standard? As business continuity management (BCM) has developed worldwide, there has been a convergence in the methodologies being promoted. It became apparent following the Year 2000 problem or ‘millennium bug’, when organizations were deluged with requests for compliance statements from their customers and clients, that there was a need for a uniform approach to BCM It is undesirable for major customers to enforce their own approach to BCM down their supply chains, as happened with other management systems, notably quality. While a supplier can run different quality systems to meet the requirements of its customer base, it cannot run different, and possibly conflicting, BCM systems, which will be used during a disruption at a time when tensions are high. This was one of the principal drivers for establishing BCM standards In the UK
4 Why adopt a business continuity standard? BS 25999 was created to set out a uniform benchmark in good practice, satisfying the needs of customers, clients, government, regulators and all other interested parties. BS 25999 has been accepted worldwide and has formed the basis of many other BCM standards, including the US ASIS/BSI BCM.01 standard adopted by ANSI. BS 25999 and other BCM standards from across the globe provided the source material for the creation of two new international standards: ISO 22301 (requirements) and ISO 22313 (guidance) By adopting a standard approach to BCM as set out in ISO 22301, organizations can offer their customers and clients greater assurance that they will be capable of maintaining continuity of operations if they suffer disruptive incidents For those already certified to BS 25999-2 there will be a transition period to allow them to update their BCM systems to ISO 22301. For those certified, and those organizations working towards certification, the additional requirements are not onerous
5 Implementing ISO 22301 The international standard for BCM, ISO 22301:2012 specifies requirements for setting up and managing an effective business continuity management system (BCMS). It is for use by internal and external parties, including certification bodies, to assess the organization’s ability to meet regulatory and customer requirements as well as the organization’s own requirements. ISO 22301 contains only those requirements that can be objectively audited and a demonstration of successful implementation can therefore be used by an organization to assure interested parties that an appropriate BCMS is in place. During the latter part of 2012 or early in 2013, ISO will issue a guidance document ISO 22313. This document will take the form of good practice guidance and recommendations, indicating what practices an organization should, or may, undertake to implement effective BCM. Organizations may choose to follow all or part of the guidance, which may be used for self-assessment or between organizations. The guidance is not a specification for BCM.
6 Comparing ISO 22301:2012 with BS 25999-2:2007 When news of an ISO standard for BCM emerged, business continuity managers expressed concern that they might have to radically rework their BCM procedures and processes once ISO 22301 was introduced. BS 25999-2 had been, and continues to be, used by many organizations across the world as the basis of their BCM procedures and processes. The good news is that BS 25999-2 has provided the main foundation of the new ISO standard. There are some important additions and a few elements that have been omitted. The additions have added greater depth and clarity while the omissions do not detract from the overall good BCM practices and principles. The new standard is entitled ‘Societal security – Business continuity management systems – Requirements.’ This is one of a suite of standards being developed by ISO/TC 223 designed to achieve greater societal security. Societal security can be defined as providing protection of society from, and the ability to respond to, incidents, emergencies and disasters caused by intentional and unintentional human acts, natural hazards, and technical failures.
7 Comparing ISO 22301:2012 with BS 25999-2:2007 The way in which ISO 22301 can be used is detailed in Clause 1 Scope. It states that the standard is applicable to all types and sizes of organizations that wish to • establish, implement, maintain and improve a BCMS • ensure conformity with stated business continuity policy • demonstrate conformity to others • seek certification/registration of its BCMS by an accredited third party certification body • make a self-determination and self-declaration of conformity with this International Standard [ISO 22301:2012]. The standard can also be used by an organization to assess its suppliers’ ability to meet continuity needs and obligations.
8 New concepts and activities … New Concept Explanation Context of the organization The environment in which the organization operates Interested parties Replaces «stakeholders» Leadership Requirements specific to top management Maximum acceptable outage (MAO) «time it would take for adverse impacts, which might arise as a result of not providing a product/service or performing an activity, to become unacceptable» This is the same as «maximum tolerable period of disruption (MTPD)» Minimum business continuity «minimum level of services and/or products that is acceptable to the objective (MBCO) organization to achieve its business objectives during a disruption» Performance evaluation Covers the measurement of BCMS and BCM effectiveness Prioritized timeframes Order and timing of recovery for critical activities Warning and communication Activities undertaken during an incident There have been many other additions and some slight alterations to the terms and definitions listed in the standard. The additions and changes reflect terms and definitions commonly used by BCM practitioners today
9 The major additions to ISO 22301:2012
10
11 Sergey Romanovsky Certification & Partner Programme Director, CIS Lead Auditor | ACP Manager British Standards Institution 24/2 Radio Str. 105005 Moscow Russia T: +7 495 9816507 F: +7 495 9816508 E: sergey.romanovsky@bsigroup.com W: www.bsigroup.com | www.bsi-russia.ru

Recommended

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
Skeleton Technologies
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
contently
 

Recommended

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
Skeleton Technologies
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Lily Ray
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
Rajiv Jayarajah, MAppComm, ACC
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
Christy Abraham Joy
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
Vit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
MindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
RachelPearson36
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Applitools
 
12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work
GetSmarter
 
ChatGPT webinar slides
ChatGPT webinar slidesChatGPT webinar slides
ChatGPT webinar slides
Alireza Esmikhani
 
More than Just Lines on a Map: Best Practices for U.S Bike Routes
More than Just Lines on a Map: Best Practices for U.S Bike RoutesMore than Just Lines on a Map: Best Practices for U.S Bike Routes
More than Just Lines on a Map: Best Practices for U.S Bike Routes
Project for Public Spaces & National Center for Biking and Walking
 
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
DevGAMM Conference
 
Barbie - Brand Strategy Presentation
Barbie - Brand Strategy PresentationBarbie - Brand Strategy Presentation
Barbie - Brand Strategy Presentation
Erica Santiago
 
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them wellGood Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Saba Software
 
Introduction to C Programming Language
Introduction to C Programming LanguageIntroduction to C Programming Language
Introduction to C Programming Language
Simplilearn
 

More Related Content

Featured

Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Applitools
 
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them wellGood Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Saba Software
 
Introduction to C Programming Language
Introduction to C Programming LanguageIntroduction to C Programming Language
Introduction to C Programming Language
Simplilearn
 

Featured (20)

How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
 
12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work
 
ChatGPT webinar slides
ChatGPT webinar slidesChatGPT webinar slides
ChatGPT webinar slides
 
More than Just Lines on a Map: Best Practices for U.S Bike Routes
More than Just Lines on a Map: Best Practices for U.S Bike RoutesMore than Just Lines on a Map: Best Practices for U.S Bike Routes
More than Just Lines on a Map: Best Practices for U.S Bike Routes
 
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
 
Barbie - Brand Strategy Presentation
Barbie - Brand Strategy PresentationBarbie - Brand Strategy Presentation
Barbie - Brand Strategy Presentation
 
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them wellGood Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
 
Introduction to C Programming Language
Introduction to C Programming LanguageIntroduction to C Programming Language
Introduction to C Programming Language
 

Bsi Acp Iso 22301 Tg 2012

  • 1. Business Development BSI CIS ACP Moving from BS 25999-2 to ISO 22301 The new international standard for business continuity management systems
  • 2. 2 That’s why organizations need strong business continuity planning To support the implementation of the latest international requirements standard for business continuity management systems, this guide has been designed to make it easier for you to meet the requirements of the new BS ISO 22301 BS ISO 22301 specifies the requirements for setting up and managing an effective business continuity management system (BCMS) for any organization, regardless of type or size. BSI recommends that every business has a plan in place to avoid excessive downtime and reduced productivity in the event of an interruption Meeting the requirements of the new international standard has never been easier. This presentation helps and supports organizations to implement BS ISO 22301, which will supersede BS 25999-2. It consists of an extract from John Sharp’s latest book ‘The Route Map to Business Continuity Management’ which provides practical guidance on how to meet the requirements of BS ISO 22301 and is available for purchase through the BSI shop This transition guide will help you understand your organization’s needs and obligations and how to implement an effective BCMS. Whether you are planning to certify against the new standard or simply want to benefit from BCM best practice, this guide will help you put in place the necessary requirements
  • 3. 3 Why adopt a business continuity standard? As business continuity management (BCM) has developed worldwide, there has been a convergence in the methodologies being promoted. It became apparent following the Year 2000 problem or ‘millennium bug’, when organizations were deluged with requests for compliance statements from their customers and clients, that there was a need for a uniform approach to BCM It is undesirable for major customers to enforce their own approach to BCM down their supply chains, as happened with other management systems, notably quality. While a supplier can run different quality systems to meet the requirements of its customer base, it cannot run different, and possibly conflicting, BCM systems, which will be used during a disruption at a time when tensions are high. This was one of the principal drivers for establishing BCM standards In the UK
  • 4. 4 Why adopt a business continuity standard? BS 25999 was created to set out a uniform benchmark in good practice, satisfying the needs of customers, clients, government, regulators and all other interested parties. BS 25999 has been accepted worldwide and has formed the basis of many other BCM standards, including the US ASIS/BSI BCM.01 standard adopted by ANSI. BS 25999 and other BCM standards from across the globe provided the source material for the creation of two new international standards: ISO 22301 (requirements) and ISO 22313 (guidance) By adopting a standard approach to BCM as set out in ISO 22301, organizations can offer their customers and clients greater assurance that they will be capable of maintaining continuity of operations if they suffer disruptive incidents For those already certified to BS 25999-2 there will be a transition period to allow them to update their BCM systems to ISO 22301. For those certified, and those organizations working towards certification, the additional requirements are not onerous
  • 5. 5 Implementing ISO 22301 The international standard for BCM, ISO 22301:2012 specifies requirements for setting up and managing an effective business continuity management system (BCMS). It is for use by internal and external parties, including certification bodies, to assess the organization’s ability to meet regulatory and customer requirements as well as the organization’s own requirements. ISO 22301 contains only those requirements that can be objectively audited and a demonstration of successful implementation can therefore be used by an organization to assure interested parties that an appropriate BCMS is in place. During the latter part of 2012 or early in 2013, ISO will issue a guidance document ISO 22313. This document will take the form of good practice guidance and recommendations, indicating what practices an organization should, or may, undertake to implement effective BCM. Organizations may choose to follow all or part of the guidance, which may be used for self-assessment or between organizations. The guidance is not a specification for BCM.
  • 6. 6 Comparing ISO 22301:2012 with BS 25999-2:2007 When news of an ISO standard for BCM emerged, business continuity managers expressed concern that they might have to radically rework their BCM procedures and processes once ISO 22301 was introduced. BS 25999-2 had been, and continues to be, used by many organizations across the world as the basis of their BCM procedures and processes. The good news is that BS 25999-2 has provided the main foundation of the new ISO standard. There are some important additions and a few elements that have been omitted. The additions have added greater depth and clarity while the omissions do not detract from the overall good BCM practices and principles. The new standard is entitled ‘Societal security – Business continuity management systems – Requirements.’ This is one of a suite of standards being developed by ISO/TC 223 designed to achieve greater societal security. Societal security can be defined as providing protection of society from, and the ability to respond to, incidents, emergencies and disasters caused by intentional and unintentional human acts, natural hazards, and technical failures.
  • 7. 7 Comparing ISO 22301:2012 with BS 25999-2:2007 The way in which ISO 22301 can be used is detailed in Clause 1 Scope. It states that the standard is applicable to all types and sizes of organizations that wish to • establish, implement, maintain and improve a BCMS • ensure conformity with stated business continuity policy • demonstrate conformity to others • seek certification/registration of its BCMS by an accredited third party certification body • make a self-determination and self-declaration of conformity with this International Standard [ISO 22301:2012]. The standard can also be used by an organization to assess its suppliers’ ability to meet continuity needs and obligations.
  • 8. 8 New concepts and activities … New Concept Explanation Context of the organization The environment in which the organization operates Interested parties Replaces «stakeholders» Leadership Requirements specific to top management Maximum acceptable outage (MAO) «time it would take for adverse impacts, which might arise as a result of not providing a product/service or performing an activity, to become unacceptable» This is the same as «maximum tolerable period of disruption (MTPD)» Minimum business continuity «minimum level of services and/or products that is acceptable to the objective (MBCO) organization to achieve its business objectives during a disruption» Performance evaluation Covers the measurement of BCMS and BCM effectiveness Prioritized timeframes Order and timing of recovery for critical activities Warning and communication Activities undertaken during an incident There have been many other additions and some slight alterations to the terms and definitions listed in the standard. The additions and changes reflect terms and definitions commonly used by BCM practitioners today
  • 9. 9 The major additions to ISO 22301:2012
  • 10. 10
  • 11. 11 Sergey Romanovsky Certification & Partner Programme Director, CIS Lead Auditor | ACP Manager British Standards Institution 24/2 Radio Str. 105005 Moscow Russia T: +7 495 9816507 F: +7 495 9816508 E: sergey.romanovsky@bsigroup.com W: www.bsigroup.com | www.bsi-russia.ru