5. www.isocertificationtrainingcourse.org
registrar@isocertificationtrainingcourse.org
ISO 22301 Gap Analysis
Why get a customized, in-person ISO 22301 gap analysis
Questionnaire-based gap analysesdon’t provide the level of expert analysisand insights you get
from a specialist. With an in-person gap analysis, you will have a clear idea of the proposed
scope of the ISO 22301, be able to set realistic project expectations, and obtain customized and
detailedinformationnecessaryto developa strongbusinesscasefor implementing a ISO 22301-
compliant Management System.
Organizations encourage ISO 22301 Gap Analysis to -
● Implement an ISO 22301 Standard based management system and would like to identify
the baseline to measure progress.
Earn a ISO 22301 management system certification in near future after having
implementedthe ISO management system.
Defeat the complacency that has set in over a period of time.
Identify and plug the gaps well before the client visit or customer audit.
Add new site to the existing Organizationscope of business.
Add new product or service to the existing scope of business.
Ramp up the work-force.
Carry out process re-engineering.
Organization restructuring.
identify global best practices in the ISO 22301 management system.
Know what makes ISO managementsystem ISO 22301 work for 360 degree improvement
in the organization processes
●
●
●
●
●
●
●
●
●
●
6. ● conduct suppliers' system ISO 22301 capability & maturity appraisal from time to time
ISO 22301 Gap Analysis Features
· Your management Systemscopeappliesto what productlines,ISO 22301 Standard clauses,
and facilities that you are planning on registering. You do not have to register every product
line. To define the scope within the Gap Analysis we look at what processes need to be included
and described within the Organization. The output is a draft process map. Next we examine
each clause of the ISO 22301 Standard. There are over hundreds of requirementsthat we count
to see which ones apply and how an organization may be conforming. These requirements
include mandatory records, and required procedures, manual, and many process needs that
must be fulfilled, but there is a lot of leeway on how you might fulfill those requirements.
· For example, collecting customer feedback on “deviations from needs & expectations”is a
required process and that must be measured, is a requirement, but how you do this is totally up
to you. You do not have to write a procedure for this or keep a record of measurements.As odd
as this sounds you have to free your mind of paper solutions and think of visual or electronic
methods that could accomplish this.
· The output of the ISO 22301 Standards “requirements” count is a histogram that shows
you how your organization stacks up, clause by clause, and a list of possible exclusions of areas
within clauses that may not apply. Each exclusion claimed will require a proper justification
within the Documented Framework. In the Gap Analysis we should be able to give you an idea
on possible exclusions.
Dedicated Specialists for ISO 22301 Gap Analysis
A specialist, in-person review of your current information security posture against the
requirements of ISO 22301
Get the true picture of your ISO 22301 compliance gap, and receive expert advice on how to
scope your project and establish your project resource requirements.
ISO 22301 Gap Analysis Brief Description
Our ISO 22301 Gap Analysis will provide you with an informed assessment of:
● Your compliance gaps against ISO 22301;
7. ●
●
●
The proposed scope of your ISO 22301 management system
Your internal resource requirements; and
The potential timeline to achieve certification readiness.
What to expect from ISO 22301 Gap Analysis:
An ISO 22301 specialist will interview key managers and perform an analysis of your existing
information security arrangements and documentation.
Following this, you will receive a gap analysis report collating the findings of these
investigations.The report will detail areasof compliance and areas requiring improvement,and
provide further recommendationsfor the proposed ISO 22301 compliance project.
ISO 22301 Gap Analysis report includes:
●
●
●
The overall state and maturity of your information security arrangements;
The specific gaps between these arrangementsand the requirements of ISO 22301;
Options for the scope of an ISO 22301, and how they help to meet your business and
strategic objectives;
An outline action plan and indicationsof the level of internal managementeffort required
to implement an ISO 22301 and
A compliance status report (red/amber/green) against the management system clauses
(clause-by-clause),described in ISO 22301
●
●