Business Continuity Management & ISO 22301


Published on

Everything you need for your Business Continuity Management System implementation and ISO 22301 certification project

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Business Continuity Management & ISO 22301

  1. 1. Business Continuity Management & ISO22301 Everything you need for your implementation and certification project Implement a BCMS effectively and efficiently with documentation toolkits Train your staff with ISO22301 BCMS Foundation and Advanced level courses Receive professional business continuity consultancy support Achieve compliance with ISO22301, the international Business Continuity Management Standard Deliver Cyber Resilience by integrating ISO22301 with ISO27001
  2. 2. What is ISO/IEC 22301:2012? ISO/IEC 22301:2012 is the international Standard for business continuity management within organisations. It defines the specification and best practice for developing and implementing a robust business continuity management system. ISO/IEC 22301:2012 (Societal Security - Business Continuity Management System – Requirements) was published in May 2012 and replaces the BS25999 Standard. All organisations that hold BS25999 are required to make the transition to the new ISO22301 Standard within the transition period which is likely to be no more than 24 months. Why is implementing a BCMS important? Organisational survival depends on business resilience. Fire, flood, disease or other acts of nature can destroy a business in moments. Intelligent contingency planning is a pre-requisite for sleeping well at night and for maintaining your customer base! Service disruptions, delays in responding to customer requests, inability to process transactions in a timely manner or being unable to resume business in the face of a disaster, can all have significant impact on the effective operation and the profitability of the business. Recent natural disasters as well as terrorist activities have shown that an organisation’s resilience and its ability to resume business quickly and efficiently, are directly related to its preparedness to respond to unforeseen events. In the public sector, organisations have a responsibility to ensure the continuation of critical services in the event of any disruption or crisis. In the UK, this responsibility is defined in law under the UK Civil Contingencies Act 2006. A Business Continuity Management System (BCMS) enables organisations to update, control and deploy these plans and align them with their strategic and operational objectives. ‘IT Governance has a brand reputation that I trust.’ Andrew Dalrymple, Managing Consultant, GSS Ltd What is a BCMS? The ISO22301 Standard defines a Business Continuity Management System (BCMS) as: ‘Part of the overall management system that establishes, implements, operates, monitors, reviews, maintains and improves business continuity’ The benefits of a BCMS • Create effective operational business continuity plans • Ensure all business continuity plans (BCP) are fit for purpose • Align BCPs with strategic organisational objectives • Continually improve BCPs as the organisation grows • Reduce the cost of business interruption insurance policies • Satisfy a condition for a licence to operate (e.g. UK SRA Code of Conduct 2011) • Satisfy Corporate Governance obligations The benefits of ISO22301 certification • Demonstrate to key stakeholders (customers, suppliers and partners) that you are committed to them for the long term • Increase your competitive advantage and enhance your reputation • Protect your financial income and business assets • Comply with all mandatory legal and regulatory requirements • Align and integrate with ISO9001, ISO27001, ISO14001, ISO20000 and ISO28000 management standards to deliver significant benefits Sign up for the latest information and products about ISO22301 on our website: Continuity-Standard.aspx
  3. 3. Business Continuity Management Library From a copy of the ISO22301 Standard to essential books, we offer everything you need to get started: ISO22301 BCMS Implementation Toolkit The toolkit contains all the templates and tools that enable a Business Continuity manager to quickly and effectively implement a BCMS in line with ISO22301. This toolkit comes with an inbuilt 12-month support and upgrade contract that ensures that buyers benefit from all improvements to the toolkit, and provides online documentation drafting support. There is a free demo version of this toolkit available at: ‘The course enables me to complete a BCP to a higher quality with greater assurance.’ Antony Green, IT Manager, Raven Housing Trust Ltd Why Choose IT Governance to help you achieve certification to ISO22301? • We have over 10 years of experience with management standards and compliance • We have been involved with the Business Continuity Standard (BS25999) since its first publication • We are a single source provider of resources required to implement best practice and achieve certification • We can help you integrate your BCMS with other management systems • We have extensive knowledge and experience of integrating ISO22301 with ISO27001 to deliver Cyber Resilience and protect the information assets in your organisation Certified Training IT Governance offer delegates the opportunity to attain an industry standard qualification and to help their organisation achieve compliance and best practice with the ISO22301 Standard. ISO22301 BCMS Foundation Training Course This one-day training course provides an introduction to the best practices associated with Business Continuity Management as defined by the ISO22301 standard. ISO22301 BCMS Lead Implementer Training Course This three-day training course is ideal for anyone involved in or responsible for implementing a Business Continuity Management System (BCMS) that conforms with ISO22301. ISO22301 BCMS Lead Auditor Training Course This 4.5 day training course provides delegates with the practical knowledge and skills required to plan and execute an effective audit of a BCMS that conforms to ISO22301. Acknowledged Certification Delegates who successfully complete the examinations associated with the ISO22301 BCMS Foundation, Lead Implementer and Lead Auditor courses are awarded qualifications approved by the International Board for IT Governance Qualifications (IBITGQ).
  4. 4. Cyber Resilience The importance of mitigating the disruption to information technology services has been at the heart of disaster recovery and business continuity plans for many years. With the growth of IT and the increased risk of attack from outside sources (cyber attack), the survival of all organisations will depend upon the protection of their critical information assets. The idea of cyber resilience – that an organisation’s IT systems and processes should be resilient against natural disaster or outside attack is a key principle underlining the ISO22301 and ISO27001 Standards. ISO22301 and ISO27001 have been designed to work together to provide a complete ‘cyber resilience’ management solution. ISO/IEC 27001:2005 is the internationally recognised standard that helps businesses throughout the world mitigate the risks associated with cybercrime and provides the security assurance demanded by your board, shareholders, regulators and most importantly, your customers. Control A.14 of the ISO27001 standard deals with Business Continuity. The five sub-clauses of A.14 of ISO27001 are primarily concerned with how information security should be included in a business continuity plan. The ISO/IEC 27031:2011 Guidance for ICT Readiness for Business Continuity Standard provides the essential linkage between information security management and cyber resilience. IT Governance is an acknowledged leader in the provision of ISO27001 and ISO22301 products and services. We are uniquely positioned to help your organisation implement a comprehensive cyber resilience management system and become certificated to the international ISO27001 and ISO22301 standards. Call us on +44 (0)845 070 1750 to discuss your requirements. E-mail: Phone: + 44 845 070 1750 Version 2.2 Business Continuity Consultancy Services If you choose to use the IT Governance Consultancy services for your ISO22301 project, we will provide a free initial assessment to establish how exposed your business is. From this, we can help you identify what you need to do to fully meet the requirements of the ISO22301 Standard. By working with us, you will gain the following benefits: • You will be in control of all of your certification costs with our transparent pricing • We will help you increase internal buy-in and assist you with leveraging your resources to achieve your compliance goals • You will be able to access a wealth of information under one roof with our comprehensive, integrated Business Continuity Management resources, including: - Experienced consultants - Risk management experts - Technical BCM knowledge - Professional trainers and training courses - Books and support tools • We will link your ISO22301 business continuity framework with your ISO27001, COBIT® , ISO20000, ITIL® , PCI DSS, and other management frameworks • We will tailor your BCM system to your requirements to ensure it continues to be cost-effective to run while meeting ISO22301 requirements Recognised by third party accredited certification bodies Whilst independent of vendors and certification bodies, encouraging clients to select the best-fit for their needs and objectives, IT Governance is widely recognised amongst UKAS accredited certification bodies as a leading ISO27001 and ISO22301 consultancy.