SlideShare a Scribd company logo
ISO 22301 Societal Security –
Business Continuity
Management Systems
CAW CONSULTANCY BUSINESS SOLUTIONS LTD
Contents
 Introduction
 Comparison between ISO 22301 and BS 25999-2
 Basic terms used in the standard
 Content of ISO 22301
 ISO 22301 explained
 Mandatory documentation
 Related standards
 Societal security content
 Projects under development
 Benefits of ISO 22301 business continuity management
Copyrighted by CAW Consultancy Business Soltions Ltd
Introduction
 The full name of the standard is:
“ISO 22301 Societal security – Business continuity management systems – Requirements”
 The standard was fashioned by leading experts on this area to deliver the best framework for business
continuity management in an organisation.
 Object: ISO 22301 :2012 specifies requirements to plan, establish, operate, monitor, implement, review,
maintain and continually improve a documented management system to protect against, reduce the
likelihood of occurrence, prepare for, respond to, and recover from the disruptive incidents when they
arise.
 Scope: The requirements identified in ISO 22301 :2012 are generic and projected to be appropriate for all
organisations, or parts thereof, regardless of type, size and nature of the organisation. The extent of
application of these requirements depends on the organisation’s operating environment and complexity.
 Who can implement this standard? Any organisation, with or non-profit, big or small, private or public.
The standard is formulated in such a was that it is applicable to any size or type of organisation.
Copyrighted by CAW Consultancy Business Soltions Ltd
Comparison between ISO 22301
and BS 2599-2
The ISO 22301 has replaces 25999-2. These are quite similar standards, but the ISO 22301 is
often regarded as an update.
Copyrighted by CAW Consultancy Business Soltions Ltd
ISO 22301 BS 25999-2
Complete name ISO 22301:2012 Societal security –
Business continuity management
systems – Requirements
BS 25999-2 Business Continuity
Management – Part 2: Specification
Published by International Organisation for
standardisation
British standards Institution
Published date 15/05/2012 20/11/2007
Total number of minimum pages 24 28
Official recommendations Internationally accepted by standards
institutes on 163 countries
Accepted only in the United Kingdom,
but implemented worldwide
 ISO 22301 is not that different from BS 25990-2 in most businesses continuity sections
such as business impact, analysis, strategy or planning; the greatest changes are in the
management areas of the standard
 ISO 22301 places particular emphasis on understanding requirements, constructing
objectives and measuring performance. Therefore, it will be more easily accepted by top
management. In turn this will contribute to the widespread adoption of this standard like
ISO 27001, ISO 9001 or ISO 14001.
Copyrighted by CAW Consultancy Business Soltions Ltd
Comparison between ISO 22301
and BS 2599-2 (continuation)
Basic terms used within the standard
 Business Continuity Management System (BCMS) – part of an overall management system that
ensures business continuity is planned, implemented, maintained, and continually improved
 Maximum Acceptable Outage (MAO) – the maximum amount of time an activity can be disrupted
without incurring unacceptable damage (also Maximum Tolerable Period of Disruption – MTPD)
 Recovery Time Objective (RTO) – the specified time at which an activity must be resumed, or
resources must me recovered
 Recovery Point Objective (RPO) – maximum data loss, i.e., minimum amount of data that needs to
be restored
 Minimum Business Continuity Objective (MBCO) – the minimum level of services or products an
organisation needs to produce after resuming it business operations.
Copyrighted by CAW Consultancy Business Soltions Ltd
Content of ISO 22301
 Introduction
 0.1 General
 0.2 The Plan-Do-Check-Act (PDCA) model
 0.3 Components of PDCA in this International
Standard
 1. Scope
 2. Normative references
 3. Terms and definitions
 4. Context of the organisation
 4.1 Understanding of the organisation and its
context
 4.2 Understanding the needs and expectations
of the interested parties
 4.3 Determining the scope of the management
system
 4.4 Business continuity management system
Copyrighted by CAW Consultancy Business Soltions Ltd
 5. Leadership
 5.1 General
 5.2 Management commitment
 5.3 Policy
 5.4 Organisational roles, responsibility and
authorities
 6. Planning
 6.1 Actions to address risks and opportunities
 6.2 Business continuity objectives and plans to
achieve them
 7. Support
 7.1 Resources
 7.2 Competence
 7.3 Awareness
 7.4 Communication
 7.5 Documented information
 8. Operation
 8.1 Operational planning and control
 8.2 Business impact analysis and risk assessment
 8.3 Business continuity strategy
 8.4 Establish and implement business continuity
procedures
 8.5 Exercising and testing
 9. Performance evaluation
 9.1 Monitoring, measurement, analysis and
evaluation
 9.2 Internal audit
 9.3 Management review
 10. Improvement
 10.1 Non conformity and corrective action
 10.2 Continual improvement
 Bibliography
ISO 22301 explained
 ISO 22301 is the second published
management system standard that has
recognised the new high-level structure and
standardised text agreed in ISO
 This will guarantee consistency with all
future and revamped management system
standards and make integrated use easier,
for example, ISO 9001 (quality), ISO 1400
(environmental) and ISO/IEC 27001
(information security).
 The standard is separated into main clauses,
starting with scope, typical references, and
terms and definitions. Following these are
the standard’s requirements.
Copyrighted by CAW Consultancy Business Soltions Ltd
ISO 22301 explained
 Clause 4 – Context of the organisation
The first step involves an understanding of the organisation, both the internal and external needs, and setting clear
guidelines for the scope of the management system. In particular, this requires the organisation to understand the
obligations of the relevant interested parties, such as regulators, customers and staff. It must in particular understand
the appropriate legal and regulatory requirements. This enables it to determine the scope of the business continuity
management system (BCMS).
 Clause 5 – Leadership
ISO 22301 places specific emphasis on the need for suitable leadership of BCM. This is so that top management
ensures appropriate resources are provided, establishes policy and appoints people to implement and maintain the
BCMS.
 Clause 6 – Planning
This requires the organisation to identify risks to the implementation of the management system and set clear
objectives, goals and criteria that can be used to measure its success.
Copyrighted by CAW Consultancy Business Soltions Ltd
ISO 22301 explained
 Clause 7 – Support
Resources are compulsory for implementation, Clause 7 introduces the important concept of competence. For business
continuity to be successful, people with appropriate knowledge, skills and experience must be in place to both aid the BCMS
and respond to incidents when they occur. It is also essential that all staff are aware of their own role in reacting to incidents
and this clause deals with all of these areas. The need for communication about the BCMS – for instance in telling customers
that the organisation has suitable BCM in place – and preparedness to communicate subsequent an incident (when normal
channels may be disrupted) is also covered here.
 Clause 8 – Operations
This section contains the main body of business continuity-specific expertise. The organisation must assume business impact
analysis to comprehend how its business is affected by disruption and how this changes over time. Risk assessment sorts to
understand the risks to the business in a structured way and these form the progress and expansion of business continuity
strategy. Steps to avoid or reduce the likelihood of incidents are advanced alongside a guideline of steps to be taken when
incidents occur. As it is impossible to completely predict and prevent all incidents, the approach of balancing risk reduction and
planning for all eventualities is complementary. It might be said “hope for the best, plan for the worst”
Copyrighted by CAW Consultancy Business Soltions Ltd
ISO 22301 explained
 Clause 9 – Evaluation
For any management system, it is crucial to evaluate performance against plan. ISO 22301
therefore involves the organisation selecting and measuring itself against appropriate performance
metrics. Internal audits must be carried out and there is a requirement that management review
the BCMS and act upon these reviews.
 Clause 10 – Improvement
No management system is perfect initially, organisations and their environments are constantly
transforming. Clause 10 defines actions to take to improve the BCMS over time and confirm that
corrective actions arising from audits, reviews, exercise and so on are tackled.
Copyrighted by CAW Consultancy Business Soltions Ltd
Mandatory documentation
If an organisation wants to implement this standard, the following documentation is mandatory:
Copyrighted by CAW Consultancy Business Soltions Ltd
 List of applicable legal, regulatory and other
requirements
 Scope of the BCMS
 Business Continuity Policy
 Business continuity objectives Evidence of
personnel competences
 Records of communication with interested
parties
 Business impact analysis
 Risk assessment, including risk appetite
 Incident response structure
 Business continuity plan
 Recovery procedures
 Results of preventative actions
 Results of monitoring and measurement
 Results of internal audit
 Results of Management review
 Results of corrective actions
Related standards
Other standards that are helpful in implementation of business continuity are:
 ISO/IEC 27031 – Guidelines for information and communication technology readiness for
business continuity
 PAS 200 – Crisis management – guidance and good practice
 PD 25666 – Guidance on exercising and testing for continuity and contingency programs
 PD 25111 – Guidance on human aspects of business continuity
 ISO/IEC 24762 – Guidelines for information and communications technology disaster recovery
services
 ISO/PAS 22399 – Guidelines for incident preparedness and operational continuity
management
 ISO/IEC 27001 – Information security management systems - Requirements
Copyrighted by CAW Consultancy Business Soltions Ltd
Societal security context
ISO 22301 has been developed by ISO/TC 223, societal security
The committee has previously published the following standards
and other documents:
 ISO 22300:2012, Societal security – Terminology
 ISO 22300:2012, Societal security – Emergency management –
requirements for incident response
 ISO/TR 22312:2011, Societal security – Technological capabilities
 ISO/PAS 22399:2007, Societal security – Guideline for incident
preparedness and operational continuity management
Copyrighted by CAW Consultancy Business Soltions Ltd
Projects under development
 ISO 22311, Societal security – Video-surveillance – Export interoperability
 ISO 22313, Societal security – Business continuity management systems - Guidance
 ISO 22315, Societal security – Mass evacuation
 ISO 22322, Societal security – Emergency management – Public warning
 ISO 22323, Organisational resilience management systems – Requirements with guidance for use
 ISO 22325, Societal security – Guidelines for emergency capability assessment for organisations
 ISO 22351, Societal security – Emergency management – Shared situation awareness
 ISO 22397, Societal security – Public Private Partnership – Guidelines to set up partnership agreements
 ISO 22398, Societal security – Guidelines for exercising and testing
 ISO 22324, Societal security – Emergency management – Color-coded alert.
Copyrighted by CAW Consultancy Business Soltions Ltd
The benefits of ISO 22301 business
continuity management
What are the benefits of ISO 22301 business continuity management?
 Identify and manage current and future threats to your business
 Take a proactive approach to minimizing the impact of incidents
 Keep critical sections of the business up and running during times of crisis
 Minimise interruption during incidents and improve recovery time
 Exhibit resilience to customers, suppliers and for tender requests
Copyrighted by CAW Consultancy Business Soltions Ltd
Do you have any questions?
Thank you for listening
Get in touch now on 07427535662 or email craig@cawconsultancy.co.uk
Copyrighted by CAW Consultancy Business Soltions Ltd

More Related Content

What's hot

ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
Operational Excellence Consulting
 
Societal Security – the new standard ISO 22301 for Business Continuity Manage...
Societal Security – the new standard ISO 22301 for Business Continuity Manage...Societal Security – the new standard ISO 22301 for Business Continuity Manage...
Societal Security – the new standard ISO 22301 for Business Continuity Manage...
Global Risk Forum GRFDavos
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentation
Midhun Nirmal
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
Awareness iso 22301 danang suryo
Awareness iso 22301 danang suryoAwareness iso 22301 danang suryo
Awareness iso 22301 danang suryo
Danang suryo Wardhono
 
ISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemISO 27001 - Information Security Management System
ISO 27001 - Information Security Management System
Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
NQA ISO 22301 Business Continuity Checklist
NQA ISO 22301 Business Continuity ChecklistNQA ISO 22301 Business Continuity Checklist
NQA ISO 22301 Business Continuity Checklist
NQA
 
business-continuity-management-awareness-presentation-for-mampu2929
business-continuity-management-awareness-presentation-for-mampu2929business-continuity-management-awareness-presentation-for-mampu2929
business-continuity-management-awareness-presentation-for-mampu2929
Andy Willams
 
ISO 27001 ISMS MEASUREMENT
ISO 27001 ISMS MEASUREMENTISO 27001 ISMS MEASUREMENT
ISO 27001 ISMS MEASUREMENT
Gaffri Johnson
 
Compliance framework
Compliance frameworkCompliance framework
Compliance framework
Manoj Agarwal
 
Risk based internal auditing
 Risk based internal auditing Risk based internal auditing
Risk based internal auditing
Frederick Altum Pokoo-Aikins
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001
Imran Ahmed
 
ISO 27001 - IMPLEMENTATION CONSULTING
ISO 27001 - IMPLEMENTATION CONSULTINGISO 27001 - IMPLEMENTATION CONSULTING
ISO 27001 - IMPLEMENTATION CONSULTING
Arul Nambi
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness Training
Dr Madhu Aman Sharma
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation Guide
NQA
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance framework
Ceyeap
 
Governance risk and compliance
Governance risk and complianceGovernance risk and compliance
Governance risk and compliance
Magdalena Matell
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentation
Pranay Kumar
 
Risk and Business Continuity Management
Risk and Business Continuity ManagementRisk and Business Continuity Management
Risk and Business Continuity Management
Continuity and Resilience
 
ISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdfISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdf
ControlCase
 

What's hot (20)

ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
 
Societal Security – the new standard ISO 22301 for Business Continuity Manage...
Societal Security – the new standard ISO 22301 for Business Continuity Manage...Societal Security – the new standard ISO 22301 for Business Continuity Manage...
Societal Security – the new standard ISO 22301 for Business Continuity Manage...
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentation
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 Introduction
 
Awareness iso 22301 danang suryo
Awareness iso 22301 danang suryoAwareness iso 22301 danang suryo
Awareness iso 22301 danang suryo
 
ISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemISO 27001 - Information Security Management System
ISO 27001 - Information Security Management System
 
NQA ISO 22301 Business Continuity Checklist
NQA ISO 22301 Business Continuity ChecklistNQA ISO 22301 Business Continuity Checklist
NQA ISO 22301 Business Continuity Checklist
 
business-continuity-management-awareness-presentation-for-mampu2929
business-continuity-management-awareness-presentation-for-mampu2929business-continuity-management-awareness-presentation-for-mampu2929
business-continuity-management-awareness-presentation-for-mampu2929
 
ISO 27001 ISMS MEASUREMENT
ISO 27001 ISMS MEASUREMENTISO 27001 ISMS MEASUREMENT
ISO 27001 ISMS MEASUREMENT
 
Compliance framework
Compliance frameworkCompliance framework
Compliance framework
 
Risk based internal auditing
 Risk based internal auditing Risk based internal auditing
Risk based internal auditing
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001
 
ISO 27001 - IMPLEMENTATION CONSULTING
ISO 27001 - IMPLEMENTATION CONSULTINGISO 27001 - IMPLEMENTATION CONSULTING
ISO 27001 - IMPLEMENTATION CONSULTING
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness Training
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation Guide
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance framework
 
Governance risk and compliance
Governance risk and complianceGovernance risk and compliance
Governance risk and compliance
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentation
 
Risk and Business Continuity Management
Risk and Business Continuity ManagementRisk and Business Continuity Management
Risk and Business Continuity Management
 
ISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdfISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdf
 

Viewers also liked

Screening in security
Screening in securityScreening in security
Screening in security
Craig Willetts ISO Expert
 
£999 package
£999 package£999 package
ISO & ACS Power Point
ISO & ACS Power PointISO & ACS Power Point
ISO & ACS Power Point
Craig Willetts ISO Expert
 
How to write a Business Plan
How to write a Business Plan How to write a Business Plan
How to write a Business Plan
Craig Willetts ISO Expert
 
Reduce admin time by 60% - Here is how
Reduce admin time by 60% - Here is how Reduce admin time by 60% - Here is how
Reduce admin time by 60% - Here is how
Craig Willetts ISO Expert
 
Iso 17025
Iso 17025Iso 17025
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 isms
Craig Willetts ISO Expert
 

Viewers also liked (7)

Screening in security
Screening in securityScreening in security
Screening in security
 
£999 package
£999 package£999 package
£999 package
 
ISO & ACS Power Point
ISO & ACS Power PointISO & ACS Power Point
ISO & ACS Power Point
 
How to write a Business Plan
How to write a Business Plan How to write a Business Plan
How to write a Business Plan
 
Reduce admin time by 60% - Here is how
Reduce admin time by 60% - Here is how Reduce admin time by 60% - Here is how
Reduce admin time by 60% - Here is how
 
Iso 17025
Iso 17025Iso 17025
Iso 17025
 
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 isms
 

Similar to Iso 22301

Business Continuity Management System ISO 22301:2012 An Overview
Business Continuity Management System ISO 22301:2012 An OverviewBusiness Continuity Management System ISO 22301:2012 An Overview
Business Continuity Management System ISO 22301:2012 An Overview
Ahmed Riad .
 
iso22301businesscontinuitymanagement-140207090550-phpapp01.pdf
iso22301businesscontinuitymanagement-140207090550-phpapp01.pdfiso22301businesscontinuitymanagement-140207090550-phpapp01.pdf
iso22301businesscontinuitymanagement-140207090550-phpapp01.pdf
VictorNagesparan
 
Iso 22301 2012 bcm
Iso 22301 2012 bcmIso 22301 2012 bcm
Iso 22301 2012 bcm
faisal_ss
 
what is Business Continuity Management System?
what is Business Continuity Management System?what is Business Continuity Management System?
what is Business Continuity Management System?
Ascent World
 
Business Continuity Audit
Business Continuity AuditBusiness Continuity Audit
What are the steps for ISO 22301 certification
What are the steps for ISO 22301 certificationWhat are the steps for ISO 22301 certification
What are the steps for ISO 22301 certification
himalya sharma
 
Transition bs25999-to-iso22301
Transition bs25999-to-iso22301Transition bs25999-to-iso22301
Transition bs25999-to-iso22301
Cambridge Risk Solutions
 
Bcm in oil&gas industry
Bcm in oil&gas industryBcm in oil&gas industry
Bcm in oil&gas industry
Eduardo Teixeira Neto
 
ISO 22301 Certification What You Need to Know.pdf
ISO 22301 Certification What You Need to Know.pdfISO 22301 Certification What You Need to Know.pdf
ISO 22301 Certification What You Need to Know.pdf
OFFICE
 
ISO 22301 Lead Auditor Training Course1
ISO 22301  Lead Auditor Training Course1ISO 22301  Lead Auditor Training Course1
ISO 22301 Lead Auditor Training Course1
lylacolton542
 
ISO9001_2015_Frequently_Asked_Questions.docx
ISO9001_2015_Frequently_Asked_Questions.docxISO9001_2015_Frequently_Asked_Questions.docx
ISO9001_2015_Frequently_Asked_Questions.docx
Sunil Arora
 
Everything You Need To Know About ISO 22301 Certification in Oman.pdf
Everything You Need To Know About ISO 22301 Certification in Oman.pdfEverything You Need To Know About ISO 22301 Certification in Oman.pdf
Everything You Need To Know About ISO 22301 Certification in Oman.pdf
Anoosha Factocert
 
tuvsud-ISO-9001-2015-guidance.pdf
tuvsud-ISO-9001-2015-guidance.pdftuvsud-ISO-9001-2015-guidance.pdf
tuvsud-ISO-9001-2015-guidance.pdf
HalaGhaziAyoub
 
Creating an Effective Business Continuity Plan
Creating an Effective Business Continuity PlanCreating an Effective Business Continuity Plan
Creating an Effective Business Continuity Plan
PECB
 
PECB Webinar: Rethinking Business Continuity: Applying ISO 22301 to improve r...
PECB Webinar: Rethinking Business Continuity: Applying ISO 22301 to improve r...PECB Webinar: Rethinking Business Continuity: Applying ISO 22301 to improve r...
PECB Webinar: Rethinking Business Continuity: Applying ISO 22301 to improve r...
PECB
 
Building a strong BC programme with ISO 22301
Building a strong BC programme with ISO 22301Building a strong BC programme with ISO 22301
Building a strong BC programme with ISO 22301
PECB
 
Comparison of ISO 22301 with BS 25999
Comparison of ISO 22301 with BS 25999Comparison of ISO 22301 with BS 25999
Comparison of ISO 22301 with BS 25999
Steelhenge
 
ISO 22000 2018 -- what has changed
ISO 22000   2018 -- what has changedISO 22000   2018 -- what has changed
Iso 9001 quality manual example
Iso 9001 quality manual exampleIso 9001 quality manual example
Iso 9001 quality manual example
johnfabianski333
 
ISO 22301:2019 (Business Continuity Management Systems) Awareness Training
ISO 22301:2019 (Business Continuity Management Systems) Awareness TrainingISO 22301:2019 (Business Continuity Management Systems) Awareness Training
ISO 22301:2019 (Business Continuity Management Systems) Awareness Training
Operational Excellence Consulting
 

Similar to Iso 22301 (20)

Business Continuity Management System ISO 22301:2012 An Overview
Business Continuity Management System ISO 22301:2012 An OverviewBusiness Continuity Management System ISO 22301:2012 An Overview
Business Continuity Management System ISO 22301:2012 An Overview
 
iso22301businesscontinuitymanagement-140207090550-phpapp01.pdf
iso22301businesscontinuitymanagement-140207090550-phpapp01.pdfiso22301businesscontinuitymanagement-140207090550-phpapp01.pdf
iso22301businesscontinuitymanagement-140207090550-phpapp01.pdf
 
Iso 22301 2012 bcm
Iso 22301 2012 bcmIso 22301 2012 bcm
Iso 22301 2012 bcm
 
what is Business Continuity Management System?
what is Business Continuity Management System?what is Business Continuity Management System?
what is Business Continuity Management System?
 
Business Continuity Audit
Business Continuity AuditBusiness Continuity Audit
Business Continuity Audit
 
What are the steps for ISO 22301 certification
What are the steps for ISO 22301 certificationWhat are the steps for ISO 22301 certification
What are the steps for ISO 22301 certification
 
Transition bs25999-to-iso22301
Transition bs25999-to-iso22301Transition bs25999-to-iso22301
Transition bs25999-to-iso22301
 
Bcm in oil&gas industry
Bcm in oil&gas industryBcm in oil&gas industry
Bcm in oil&gas industry
 
ISO 22301 Certification What You Need to Know.pdf
ISO 22301 Certification What You Need to Know.pdfISO 22301 Certification What You Need to Know.pdf
ISO 22301 Certification What You Need to Know.pdf
 
ISO 22301 Lead Auditor Training Course1
ISO 22301  Lead Auditor Training Course1ISO 22301  Lead Auditor Training Course1
ISO 22301 Lead Auditor Training Course1
 
ISO9001_2015_Frequently_Asked_Questions.docx
ISO9001_2015_Frequently_Asked_Questions.docxISO9001_2015_Frequently_Asked_Questions.docx
ISO9001_2015_Frequently_Asked_Questions.docx
 
Everything You Need To Know About ISO 22301 Certification in Oman.pdf
Everything You Need To Know About ISO 22301 Certification in Oman.pdfEverything You Need To Know About ISO 22301 Certification in Oman.pdf
Everything You Need To Know About ISO 22301 Certification in Oman.pdf
 
tuvsud-ISO-9001-2015-guidance.pdf
tuvsud-ISO-9001-2015-guidance.pdftuvsud-ISO-9001-2015-guidance.pdf
tuvsud-ISO-9001-2015-guidance.pdf
 
Creating an Effective Business Continuity Plan
Creating an Effective Business Continuity PlanCreating an Effective Business Continuity Plan
Creating an Effective Business Continuity Plan
 
PECB Webinar: Rethinking Business Continuity: Applying ISO 22301 to improve r...
PECB Webinar: Rethinking Business Continuity: Applying ISO 22301 to improve r...PECB Webinar: Rethinking Business Continuity: Applying ISO 22301 to improve r...
PECB Webinar: Rethinking Business Continuity: Applying ISO 22301 to improve r...
 
Building a strong BC programme with ISO 22301
Building a strong BC programme with ISO 22301Building a strong BC programme with ISO 22301
Building a strong BC programme with ISO 22301
 
Comparison of ISO 22301 with BS 25999
Comparison of ISO 22301 with BS 25999Comparison of ISO 22301 with BS 25999
Comparison of ISO 22301 with BS 25999
 
ISO 22000 2018 -- what has changed
ISO 22000   2018 -- what has changedISO 22000   2018 -- what has changed
ISO 22000 2018 -- what has changed
 
Iso 9001 quality manual example
Iso 9001 quality manual exampleIso 9001 quality manual example
Iso 9001 quality manual example
 
ISO 22301:2019 (Business Continuity Management Systems) Awareness Training
ISO 22301:2019 (Business Continuity Management Systems) Awareness TrainingISO 22301:2019 (Business Continuity Management Systems) Awareness Training
ISO 22301:2019 (Business Continuity Management Systems) Awareness Training
 

More from Craig Willetts ISO Expert

BS7858:2019 - Screening of individuals working in a secure environment
BS7858:2019 - Screening of individuals working in a secure environmentBS7858:2019 - Screening of individuals working in a secure environment
BS7858:2019 - Screening of individuals working in a secure environment
Craig Willetts ISO Expert
 
Provision of Security Services - BS 10800:2020 - training slides
Provision of Security Services - BS 10800:2020 - training slidesProvision of Security Services - BS 10800:2020 - training slides
Provision of Security Services - BS 10800:2020 - training slides
Craig Willetts ISO Expert
 
CAW Business Matters & Directories 2018
CAW Business Matters & Directories 2018CAW Business Matters & Directories 2018
CAW Business Matters & Directories 2018
Craig Willetts ISO Expert
 
CAW Newsletter Including ISO & Legislation Updates
CAW Newsletter Including ISO & Legislation Updates CAW Newsletter Including ISO & Legislation Updates
CAW Newsletter Including ISO & Legislation Updates
Craig Willetts ISO Expert
 
Caw Consultancy Business Solutions - Company Information
Caw Consultancy Business Solutions - Company Information Caw Consultancy Business Solutions - Company Information
Caw Consultancy Business Solutions - Company Information
Craig Willetts ISO Expert
 
Fusion Consultancy Worldwide - Company Information
Fusion Consultancy Worldwide - Company Information Fusion Consultancy Worldwide - Company Information
Fusion Consultancy Worldwide - Company Information
Craig Willetts ISO Expert
 
Caw Digital Management & ISO Systems - Company Information
Caw Digital Management & ISO Systems - Company Information Caw Digital Management & ISO Systems - Company Information
Caw Digital Management & ISO Systems - Company Information
Craig Willetts ISO Expert
 
Caw Certification Services - Company Information
Caw Certification Services - Company InformationCaw Certification Services - Company Information
Caw Certification Services - Company Information
Craig Willetts ISO Expert
 
Q2 2017 newsletter
Q2 2017 newsletterQ2 2017 newsletter
Q2 2017 newsletter
Craig Willetts ISO Expert
 
Prepare for terrorist attacks
Prepare for terrorist attacksPrepare for terrorist attacks
Prepare for terrorist attacks
Craig Willetts ISO Expert
 
AS9100 transition checklist
AS9100 transition checklistAS9100 transition checklist
AS9100 transition checklist
Craig Willetts ISO Expert
 
AS 9100 rev D
AS 9100 rev DAS 9100 rev D
Transition from OHSAS 18001 - ISO 45001
Transition from OHSAS 18001 - ISO 45001Transition from OHSAS 18001 - ISO 45001
Transition from OHSAS 18001 - ISO 45001
Craig Willetts ISO Expert
 
Craig's little book of iso's
Craig's little book of iso'sCraig's little book of iso's
Craig's little book of iso's
Craig Willetts ISO Expert
 
Craig's little book of big business
Craig's little book of big businessCraig's little book of big business
Craig's little book of big business
Craig Willetts ISO Expert
 
OHSAS 18001 checklist
OHSAS 18001 checklistOHSAS 18001 checklist
OHSAS 18001 checklist
Craig Willetts ISO Expert
 
Iso 9001 transition checklist
Iso 9001 transition checklistIso 9001 transition checklist
Iso 9001 transition checklist
Craig Willetts ISO Expert
 
Iso 27001 Checklist
Iso 27001 ChecklistIso 27001 Checklist
Iso 27001 Checklist
Craig Willetts ISO Expert
 
Iso 22301 Checklist
Iso 22301 ChecklistIso 22301 Checklist
Iso 22301 Checklist
Craig Willetts ISO Expert
 
Iso 14001:2015 Checklist
Iso 14001:2015 ChecklistIso 14001:2015 Checklist
Iso 14001:2015 Checklist
Craig Willetts ISO Expert
 

More from Craig Willetts ISO Expert (20)

BS7858:2019 - Screening of individuals working in a secure environment
BS7858:2019 - Screening of individuals working in a secure environmentBS7858:2019 - Screening of individuals working in a secure environment
BS7858:2019 - Screening of individuals working in a secure environment
 
Provision of Security Services - BS 10800:2020 - training slides
Provision of Security Services - BS 10800:2020 - training slidesProvision of Security Services - BS 10800:2020 - training slides
Provision of Security Services - BS 10800:2020 - training slides
 
CAW Business Matters & Directories 2018
CAW Business Matters & Directories 2018CAW Business Matters & Directories 2018
CAW Business Matters & Directories 2018
 
CAW Newsletter Including ISO & Legislation Updates
CAW Newsletter Including ISO & Legislation Updates CAW Newsletter Including ISO & Legislation Updates
CAW Newsletter Including ISO & Legislation Updates
 
Caw Consultancy Business Solutions - Company Information
Caw Consultancy Business Solutions - Company Information Caw Consultancy Business Solutions - Company Information
Caw Consultancy Business Solutions - Company Information
 
Fusion Consultancy Worldwide - Company Information
Fusion Consultancy Worldwide - Company Information Fusion Consultancy Worldwide - Company Information
Fusion Consultancy Worldwide - Company Information
 
Caw Digital Management & ISO Systems - Company Information
Caw Digital Management & ISO Systems - Company Information Caw Digital Management & ISO Systems - Company Information
Caw Digital Management & ISO Systems - Company Information
 
Caw Certification Services - Company Information
Caw Certification Services - Company InformationCaw Certification Services - Company Information
Caw Certification Services - Company Information
 
Q2 2017 newsletter
Q2 2017 newsletterQ2 2017 newsletter
Q2 2017 newsletter
 
Prepare for terrorist attacks
Prepare for terrorist attacksPrepare for terrorist attacks
Prepare for terrorist attacks
 
AS9100 transition checklist
AS9100 transition checklistAS9100 transition checklist
AS9100 transition checklist
 
AS 9100 rev D
AS 9100 rev DAS 9100 rev D
AS 9100 rev D
 
Transition from OHSAS 18001 - ISO 45001
Transition from OHSAS 18001 - ISO 45001Transition from OHSAS 18001 - ISO 45001
Transition from OHSAS 18001 - ISO 45001
 
Craig's little book of iso's
Craig's little book of iso'sCraig's little book of iso's
Craig's little book of iso's
 
Craig's little book of big business
Craig's little book of big businessCraig's little book of big business
Craig's little book of big business
 
OHSAS 18001 checklist
OHSAS 18001 checklistOHSAS 18001 checklist
OHSAS 18001 checklist
 
Iso 9001 transition checklist
Iso 9001 transition checklistIso 9001 transition checklist
Iso 9001 transition checklist
 
Iso 27001 Checklist
Iso 27001 ChecklistIso 27001 Checklist
Iso 27001 Checklist
 
Iso 22301 Checklist
Iso 22301 ChecklistIso 22301 Checklist
Iso 22301 Checklist
 
Iso 14001:2015 Checklist
Iso 14001:2015 ChecklistIso 14001:2015 Checklist
Iso 14001:2015 Checklist
 

Recently uploaded

Ellen Burstyn: From Detroit Dreamer to Hollywood Legend | CIO Women Magazine
Ellen Burstyn: From Detroit Dreamer to Hollywood Legend | CIO Women MagazineEllen Burstyn: From Detroit Dreamer to Hollywood Legend | CIO Women Magazine
Ellen Burstyn: From Detroit Dreamer to Hollywood Legend | CIO Women Magazine
CIOWomenMagazine
 
Sustainable Logistics for Cost Reduction_ IPLTech Electric's Eco-Friendly Tra...
Sustainable Logistics for Cost Reduction_ IPLTech Electric's Eco-Friendly Tra...Sustainable Logistics for Cost Reduction_ IPLTech Electric's Eco-Friendly Tra...
Sustainable Logistics for Cost Reduction_ IPLTech Electric's Eco-Friendly Tra...
IPLTech Electric
 
Digital Transformation Frameworks: Driving Digital Excellence
Digital Transformation Frameworks: Driving Digital ExcellenceDigital Transformation Frameworks: Driving Digital Excellence
Digital Transformation Frameworks: Driving Digital Excellence
Operational Excellence Consulting
 
Profiles of Iconic Fashion Personalities.pdf
Profiles of Iconic Fashion Personalities.pdfProfiles of Iconic Fashion Personalities.pdf
Profiles of Iconic Fashion Personalities.pdf
TTop Threads
 
Best Competitive Marble Pricing in Dubai - ☎ 9928909666
Best Competitive Marble Pricing in Dubai - ☎ 9928909666Best Competitive Marble Pricing in Dubai - ☎ 9928909666
Best Competitive Marble Pricing in Dubai - ☎ 9928909666
Stone Art Hub
 
Kirill Klip GEM Royalty TNR Gold Lithium Presentation
Kirill Klip GEM Royalty TNR Gold Lithium PresentationKirill Klip GEM Royalty TNR Gold Lithium Presentation
Kirill Klip GEM Royalty TNR Gold Lithium Presentation
Kirill Klip
 
The Most Inspiring Entrepreneurs to Follow in 2024.pdf
The Most Inspiring Entrepreneurs to Follow in 2024.pdfThe Most Inspiring Entrepreneurs to Follow in 2024.pdf
The Most Inspiring Entrepreneurs to Follow in 2024.pdf
thesiliconleaders
 
list of states and organizations .pdf
list of  states  and  organizations .pdflist of  states  and  organizations .pdf
list of states and organizations .pdf
Rbc Rbcua
 
Discover the Beauty and Functionality of The Expert Remodeling Service
Discover the Beauty and Functionality of The Expert Remodeling ServiceDiscover the Beauty and Functionality of The Expert Remodeling Service
Discover the Beauty and Functionality of The Expert Remodeling Service
obriengroupinc04
 
Satta Matka Dpboss Kalyan Matka Results Kalyan Chart
Satta Matka Dpboss Kalyan Matka Results Kalyan ChartSatta Matka Dpboss Kalyan Matka Results Kalyan Chart
Satta Matka Dpboss Kalyan Matka Results Kalyan Chart
Satta Matka Dpboss Kalyan Matka Results
 
❼❷⓿❺❻❷❽❷❼❽ Dpboss Matka Result Satta Matka Guessing Satta Fix jodi Kalyan Fin...
❼❷⓿❺❻❷❽❷❼❽ Dpboss Matka Result Satta Matka Guessing Satta Fix jodi Kalyan Fin...❼❷⓿❺❻❷❽❷❼❽ Dpboss Matka Result Satta Matka Guessing Satta Fix jodi Kalyan Fin...
❼❷⓿❺❻❷❽❷❼❽ Dpboss Matka Result Satta Matka Guessing Satta Fix jodi Kalyan Fin...
❼❷⓿❺❻❷❽❷❼❽ Dpboss Kalyan Satta Matka Guessing Matka Result Main Bazar chart
 
Pitch Deck Teardown: Kinnect's $250k Angel deck
Pitch Deck Teardown: Kinnect's $250k Angel deckPitch Deck Teardown: Kinnect's $250k Angel deck
Pitch Deck Teardown: Kinnect's $250k Angel deck
HajeJanKamps
 
2022 Vintage Roman Numerals Men Rings
2022 Vintage Roman  Numerals  Men  Rings2022 Vintage Roman  Numerals  Men  Rings
2022 Vintage Roman Numerals Men Rings
aragme
 
Industrial Tech SW: Category Renewal and Creation
Industrial Tech SW:  Category Renewal and CreationIndustrial Tech SW:  Category Renewal and Creation
Industrial Tech SW: Category Renewal and Creation
Christian Dahlen
 
TIMES BPO: Business Plan For Startup Industry
TIMES BPO: Business Plan For Startup IndustryTIMES BPO: Business Plan For Startup Industry
TIMES BPO: Business Plan For Startup Industry
timesbpobusiness
 
AI Transformation Playbook: Thinking AI-First for Your Business
AI Transformation Playbook: Thinking AI-First for Your BusinessAI Transformation Playbook: Thinking AI-First for Your Business
AI Transformation Playbook: Thinking AI-First for Your Business
Arijit Dutta
 
Unlocking WhatsApp Marketing with HubSpot: Integrating Messaging into Your Ma...
Unlocking WhatsApp Marketing with HubSpot: Integrating Messaging into Your Ma...Unlocking WhatsApp Marketing with HubSpot: Integrating Messaging into Your Ma...
Unlocking WhatsApp Marketing with HubSpot: Integrating Messaging into Your Ma...
Niswey
 
CULR Spring 2024 Journal.pdf testing for duke
CULR Spring 2024 Journal.pdf testing for dukeCULR Spring 2024 Journal.pdf testing for duke
CULR Spring 2024 Journal.pdf testing for duke
ZevinAttisha
 
Registered-Establishment-List-in-Uttarakhand-pdf.pdf
Registered-Establishment-List-in-Uttarakhand-pdf.pdfRegistered-Establishment-List-in-Uttarakhand-pdf.pdf
Registered-Establishment-List-in-Uttarakhand-pdf.pdf
dazzjoker
 
Part 2 Deep Dive: Navigating the 2024 Slowdown
Part 2 Deep Dive: Navigating the 2024 SlowdownPart 2 Deep Dive: Navigating the 2024 Slowdown
Part 2 Deep Dive: Navigating the 2024 Slowdown
jeffkluth1
 

Recently uploaded (20)

Ellen Burstyn: From Detroit Dreamer to Hollywood Legend | CIO Women Magazine
Ellen Burstyn: From Detroit Dreamer to Hollywood Legend | CIO Women MagazineEllen Burstyn: From Detroit Dreamer to Hollywood Legend | CIO Women Magazine
Ellen Burstyn: From Detroit Dreamer to Hollywood Legend | CIO Women Magazine
 
Sustainable Logistics for Cost Reduction_ IPLTech Electric's Eco-Friendly Tra...
Sustainable Logistics for Cost Reduction_ IPLTech Electric's Eco-Friendly Tra...Sustainable Logistics for Cost Reduction_ IPLTech Electric's Eco-Friendly Tra...
Sustainable Logistics for Cost Reduction_ IPLTech Electric's Eco-Friendly Tra...
 
Digital Transformation Frameworks: Driving Digital Excellence
Digital Transformation Frameworks: Driving Digital ExcellenceDigital Transformation Frameworks: Driving Digital Excellence
Digital Transformation Frameworks: Driving Digital Excellence
 
Profiles of Iconic Fashion Personalities.pdf
Profiles of Iconic Fashion Personalities.pdfProfiles of Iconic Fashion Personalities.pdf
Profiles of Iconic Fashion Personalities.pdf
 
Best Competitive Marble Pricing in Dubai - ☎ 9928909666
Best Competitive Marble Pricing in Dubai - ☎ 9928909666Best Competitive Marble Pricing in Dubai - ☎ 9928909666
Best Competitive Marble Pricing in Dubai - ☎ 9928909666
 
Kirill Klip GEM Royalty TNR Gold Lithium Presentation
Kirill Klip GEM Royalty TNR Gold Lithium PresentationKirill Klip GEM Royalty TNR Gold Lithium Presentation
Kirill Klip GEM Royalty TNR Gold Lithium Presentation
 
The Most Inspiring Entrepreneurs to Follow in 2024.pdf
The Most Inspiring Entrepreneurs to Follow in 2024.pdfThe Most Inspiring Entrepreneurs to Follow in 2024.pdf
The Most Inspiring Entrepreneurs to Follow in 2024.pdf
 
list of states and organizations .pdf
list of  states  and  organizations .pdflist of  states  and  organizations .pdf
list of states and organizations .pdf
 
Discover the Beauty and Functionality of The Expert Remodeling Service
Discover the Beauty and Functionality of The Expert Remodeling ServiceDiscover the Beauty and Functionality of The Expert Remodeling Service
Discover the Beauty and Functionality of The Expert Remodeling Service
 
Satta Matka Dpboss Kalyan Matka Results Kalyan Chart
Satta Matka Dpboss Kalyan Matka Results Kalyan ChartSatta Matka Dpboss Kalyan Matka Results Kalyan Chart
Satta Matka Dpboss Kalyan Matka Results Kalyan Chart
 
❼❷⓿❺❻❷❽❷❼❽ Dpboss Matka Result Satta Matka Guessing Satta Fix jodi Kalyan Fin...
❼❷⓿❺❻❷❽❷❼❽ Dpboss Matka Result Satta Matka Guessing Satta Fix jodi Kalyan Fin...❼❷⓿❺❻❷❽❷❼❽ Dpboss Matka Result Satta Matka Guessing Satta Fix jodi Kalyan Fin...
❼❷⓿❺❻❷❽❷❼❽ Dpboss Matka Result Satta Matka Guessing Satta Fix jodi Kalyan Fin...
 
Pitch Deck Teardown: Kinnect's $250k Angel deck
Pitch Deck Teardown: Kinnect's $250k Angel deckPitch Deck Teardown: Kinnect's $250k Angel deck
Pitch Deck Teardown: Kinnect's $250k Angel deck
 
2022 Vintage Roman Numerals Men Rings
2022 Vintage Roman  Numerals  Men  Rings2022 Vintage Roman  Numerals  Men  Rings
2022 Vintage Roman Numerals Men Rings
 
Industrial Tech SW: Category Renewal and Creation
Industrial Tech SW:  Category Renewal and CreationIndustrial Tech SW:  Category Renewal and Creation
Industrial Tech SW: Category Renewal and Creation
 
TIMES BPO: Business Plan For Startup Industry
TIMES BPO: Business Plan For Startup IndustryTIMES BPO: Business Plan For Startup Industry
TIMES BPO: Business Plan For Startup Industry
 
AI Transformation Playbook: Thinking AI-First for Your Business
AI Transformation Playbook: Thinking AI-First for Your BusinessAI Transformation Playbook: Thinking AI-First for Your Business
AI Transformation Playbook: Thinking AI-First for Your Business
 
Unlocking WhatsApp Marketing with HubSpot: Integrating Messaging into Your Ma...
Unlocking WhatsApp Marketing with HubSpot: Integrating Messaging into Your Ma...Unlocking WhatsApp Marketing with HubSpot: Integrating Messaging into Your Ma...
Unlocking WhatsApp Marketing with HubSpot: Integrating Messaging into Your Ma...
 
CULR Spring 2024 Journal.pdf testing for duke
CULR Spring 2024 Journal.pdf testing for dukeCULR Spring 2024 Journal.pdf testing for duke
CULR Spring 2024 Journal.pdf testing for duke
 
Registered-Establishment-List-in-Uttarakhand-pdf.pdf
Registered-Establishment-List-in-Uttarakhand-pdf.pdfRegistered-Establishment-List-in-Uttarakhand-pdf.pdf
Registered-Establishment-List-in-Uttarakhand-pdf.pdf
 
Part 2 Deep Dive: Navigating the 2024 Slowdown
Part 2 Deep Dive: Navigating the 2024 SlowdownPart 2 Deep Dive: Navigating the 2024 Slowdown
Part 2 Deep Dive: Navigating the 2024 Slowdown
 

Iso 22301

  • 1. ISO 22301 Societal Security – Business Continuity Management Systems CAW CONSULTANCY BUSINESS SOLUTIONS LTD
  • 2. Contents  Introduction  Comparison between ISO 22301 and BS 25999-2  Basic terms used in the standard  Content of ISO 22301  ISO 22301 explained  Mandatory documentation  Related standards  Societal security content  Projects under development  Benefits of ISO 22301 business continuity management Copyrighted by CAW Consultancy Business Soltions Ltd
  • 3. Introduction  The full name of the standard is: “ISO 22301 Societal security – Business continuity management systems – Requirements”  The standard was fashioned by leading experts on this area to deliver the best framework for business continuity management in an organisation.  Object: ISO 22301 :2012 specifies requirements to plan, establish, operate, monitor, implement, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from the disruptive incidents when they arise.  Scope: The requirements identified in ISO 22301 :2012 are generic and projected to be appropriate for all organisations, or parts thereof, regardless of type, size and nature of the organisation. The extent of application of these requirements depends on the organisation’s operating environment and complexity.  Who can implement this standard? Any organisation, with or non-profit, big or small, private or public. The standard is formulated in such a was that it is applicable to any size or type of organisation. Copyrighted by CAW Consultancy Business Soltions Ltd
  • 4. Comparison between ISO 22301 and BS 2599-2 The ISO 22301 has replaces 25999-2. These are quite similar standards, but the ISO 22301 is often regarded as an update. Copyrighted by CAW Consultancy Business Soltions Ltd ISO 22301 BS 25999-2 Complete name ISO 22301:2012 Societal security – Business continuity management systems – Requirements BS 25999-2 Business Continuity Management – Part 2: Specification Published by International Organisation for standardisation British standards Institution Published date 15/05/2012 20/11/2007 Total number of minimum pages 24 28 Official recommendations Internationally accepted by standards institutes on 163 countries Accepted only in the United Kingdom, but implemented worldwide
  • 5.  ISO 22301 is not that different from BS 25990-2 in most businesses continuity sections such as business impact, analysis, strategy or planning; the greatest changes are in the management areas of the standard  ISO 22301 places particular emphasis on understanding requirements, constructing objectives and measuring performance. Therefore, it will be more easily accepted by top management. In turn this will contribute to the widespread adoption of this standard like ISO 27001, ISO 9001 or ISO 14001. Copyrighted by CAW Consultancy Business Soltions Ltd Comparison between ISO 22301 and BS 2599-2 (continuation)
  • 6. Basic terms used within the standard  Business Continuity Management System (BCMS) – part of an overall management system that ensures business continuity is planned, implemented, maintained, and continually improved  Maximum Acceptable Outage (MAO) – the maximum amount of time an activity can be disrupted without incurring unacceptable damage (also Maximum Tolerable Period of Disruption – MTPD)  Recovery Time Objective (RTO) – the specified time at which an activity must be resumed, or resources must me recovered  Recovery Point Objective (RPO) – maximum data loss, i.e., minimum amount of data that needs to be restored  Minimum Business Continuity Objective (MBCO) – the minimum level of services or products an organisation needs to produce after resuming it business operations. Copyrighted by CAW Consultancy Business Soltions Ltd
  • 7. Content of ISO 22301  Introduction  0.1 General  0.2 The Plan-Do-Check-Act (PDCA) model  0.3 Components of PDCA in this International Standard  1. Scope  2. Normative references  3. Terms and definitions  4. Context of the organisation  4.1 Understanding of the organisation and its context  4.2 Understanding the needs and expectations of the interested parties  4.3 Determining the scope of the management system  4.4 Business continuity management system Copyrighted by CAW Consultancy Business Soltions Ltd  5. Leadership  5.1 General  5.2 Management commitment  5.3 Policy  5.4 Organisational roles, responsibility and authorities  6. Planning  6.1 Actions to address risks and opportunities  6.2 Business continuity objectives and plans to achieve them  7. Support  7.1 Resources  7.2 Competence  7.3 Awareness  7.4 Communication  7.5 Documented information  8. Operation  8.1 Operational planning and control  8.2 Business impact analysis and risk assessment  8.3 Business continuity strategy  8.4 Establish and implement business continuity procedures  8.5 Exercising and testing  9. Performance evaluation  9.1 Monitoring, measurement, analysis and evaluation  9.2 Internal audit  9.3 Management review  10. Improvement  10.1 Non conformity and corrective action  10.2 Continual improvement  Bibliography
  • 8. ISO 22301 explained  ISO 22301 is the second published management system standard that has recognised the new high-level structure and standardised text agreed in ISO  This will guarantee consistency with all future and revamped management system standards and make integrated use easier, for example, ISO 9001 (quality), ISO 1400 (environmental) and ISO/IEC 27001 (information security).  The standard is separated into main clauses, starting with scope, typical references, and terms and definitions. Following these are the standard’s requirements. Copyrighted by CAW Consultancy Business Soltions Ltd
  • 9. ISO 22301 explained  Clause 4 – Context of the organisation The first step involves an understanding of the organisation, both the internal and external needs, and setting clear guidelines for the scope of the management system. In particular, this requires the organisation to understand the obligations of the relevant interested parties, such as regulators, customers and staff. It must in particular understand the appropriate legal and regulatory requirements. This enables it to determine the scope of the business continuity management system (BCMS).  Clause 5 – Leadership ISO 22301 places specific emphasis on the need for suitable leadership of BCM. This is so that top management ensures appropriate resources are provided, establishes policy and appoints people to implement and maintain the BCMS.  Clause 6 – Planning This requires the organisation to identify risks to the implementation of the management system and set clear objectives, goals and criteria that can be used to measure its success. Copyrighted by CAW Consultancy Business Soltions Ltd
  • 10. ISO 22301 explained  Clause 7 – Support Resources are compulsory for implementation, Clause 7 introduces the important concept of competence. For business continuity to be successful, people with appropriate knowledge, skills and experience must be in place to both aid the BCMS and respond to incidents when they occur. It is also essential that all staff are aware of their own role in reacting to incidents and this clause deals with all of these areas. The need for communication about the BCMS – for instance in telling customers that the organisation has suitable BCM in place – and preparedness to communicate subsequent an incident (when normal channels may be disrupted) is also covered here.  Clause 8 – Operations This section contains the main body of business continuity-specific expertise. The organisation must assume business impact analysis to comprehend how its business is affected by disruption and how this changes over time. Risk assessment sorts to understand the risks to the business in a structured way and these form the progress and expansion of business continuity strategy. Steps to avoid or reduce the likelihood of incidents are advanced alongside a guideline of steps to be taken when incidents occur. As it is impossible to completely predict and prevent all incidents, the approach of balancing risk reduction and planning for all eventualities is complementary. It might be said “hope for the best, plan for the worst” Copyrighted by CAW Consultancy Business Soltions Ltd
  • 11. ISO 22301 explained  Clause 9 – Evaluation For any management system, it is crucial to evaluate performance against plan. ISO 22301 therefore involves the organisation selecting and measuring itself against appropriate performance metrics. Internal audits must be carried out and there is a requirement that management review the BCMS and act upon these reviews.  Clause 10 – Improvement No management system is perfect initially, organisations and their environments are constantly transforming. Clause 10 defines actions to take to improve the BCMS over time and confirm that corrective actions arising from audits, reviews, exercise and so on are tackled. Copyrighted by CAW Consultancy Business Soltions Ltd
  • 12. Mandatory documentation If an organisation wants to implement this standard, the following documentation is mandatory: Copyrighted by CAW Consultancy Business Soltions Ltd  List of applicable legal, regulatory and other requirements  Scope of the BCMS  Business Continuity Policy  Business continuity objectives Evidence of personnel competences  Records of communication with interested parties  Business impact analysis  Risk assessment, including risk appetite  Incident response structure  Business continuity plan  Recovery procedures  Results of preventative actions  Results of monitoring and measurement  Results of internal audit  Results of Management review  Results of corrective actions
  • 13. Related standards Other standards that are helpful in implementation of business continuity are:  ISO/IEC 27031 – Guidelines for information and communication technology readiness for business continuity  PAS 200 – Crisis management – guidance and good practice  PD 25666 – Guidance on exercising and testing for continuity and contingency programs  PD 25111 – Guidance on human aspects of business continuity  ISO/IEC 24762 – Guidelines for information and communications technology disaster recovery services  ISO/PAS 22399 – Guidelines for incident preparedness and operational continuity management  ISO/IEC 27001 – Information security management systems - Requirements Copyrighted by CAW Consultancy Business Soltions Ltd
  • 14. Societal security context ISO 22301 has been developed by ISO/TC 223, societal security The committee has previously published the following standards and other documents:  ISO 22300:2012, Societal security – Terminology  ISO 22300:2012, Societal security – Emergency management – requirements for incident response  ISO/TR 22312:2011, Societal security – Technological capabilities  ISO/PAS 22399:2007, Societal security – Guideline for incident preparedness and operational continuity management Copyrighted by CAW Consultancy Business Soltions Ltd
  • 15. Projects under development  ISO 22311, Societal security – Video-surveillance – Export interoperability  ISO 22313, Societal security – Business continuity management systems - Guidance  ISO 22315, Societal security – Mass evacuation  ISO 22322, Societal security – Emergency management – Public warning  ISO 22323, Organisational resilience management systems – Requirements with guidance for use  ISO 22325, Societal security – Guidelines for emergency capability assessment for organisations  ISO 22351, Societal security – Emergency management – Shared situation awareness  ISO 22397, Societal security – Public Private Partnership – Guidelines to set up partnership agreements  ISO 22398, Societal security – Guidelines for exercising and testing  ISO 22324, Societal security – Emergency management – Color-coded alert. Copyrighted by CAW Consultancy Business Soltions Ltd
  • 16. The benefits of ISO 22301 business continuity management What are the benefits of ISO 22301 business continuity management?  Identify and manage current and future threats to your business  Take a proactive approach to minimizing the impact of incidents  Keep critical sections of the business up and running during times of crisis  Minimise interruption during incidents and improve recovery time  Exhibit resilience to customers, suppliers and for tender requests Copyrighted by CAW Consultancy Business Soltions Ltd
  • 17. Do you have any questions? Thank you for listening Get in touch now on 07427535662 or email craig@cawconsultancy.co.uk Copyrighted by CAW Consultancy Business Soltions Ltd