SlideShare a Scribd company logo

ISO 22301:2019 (Business Continuity Management Systems) Awareness Training

Operational Excellence Consulting
Operational Excellence Consulting

[To download this presentation, visit: https://www.oeconsulting.com.sg/training-presentations] ISO 22301:2019, Security and Resilience - Business Continuity Management System (BCMS), is the latest international standard for implementing and maintaining effective business continuity plans, systems and processes. This new standard replaces the old ISO 22301:2012. This ISO 22301:2019 (BCMS) awareness PPT training presentation can be used to brief management and staff, new hires and potential auditees so as to create awareness of the ISO 22301:2019 standard. Alternatively, the presentation may be used to supplement your materials for the training of BCMS professionals and internal auditors. LEARNING OBJECTIVES ​ 1. Provide background knowledge of ISO 22301 2. Gain an overview of ISO 22301 structure and the certification process 3. Gather useful tips on handling an audit session

Business
1 of 28
© Operational Excellence Consulting ISO 22301:2019 Security & Resilience – Business Continuity Management Systems © Operational Excellence Consulting. All rights reserved.
© Operational Excellence Consulting LEARNING OBJECTIVES 2 Provide background knowledge of ISO 22301 Describe the audit approach and learn useful tips for handling an audit session Gain an overview of the ISO 22301:2019 structure Understand the ISO 22301:2019 certification process NOTE: This is a PARTIAL PREVIEW. To download the complete presentation, please visit: https://www.oeconsulting.com.sg
© Operational Excellence Consulting CONTENTS 3 OVERVIEW OF ISO 22301 ISO 22301:2019 STRUCTURE ISO 22301:2019 CERTIFICATION PROCESS AUDIT APPROACH 01 04 03 02 HANDLING AN AUDIT SESSION 05
© Operational Excellence Consulting 95% of global business leaders report that their crisis management capabilities need improvement. 4 Source: PwC Global Crisis Survey 2021
© Operational Excellence Consulting 51% of companies across the globe don’t have a business continuity plan. 5 Source: Mercer, 2020
© Operational Excellence Consulting ● ISO 22301 is an International Standard for implementing and maintaining effective business continuity plans, systems and processes ● It establishes a framework for industrial plants or entire companies to manage all aspects of business continuity ● Applies to all types and sizes of organizations WHAT IS ISO 22301? © Operational Excellence Consulting 6
© Operational Excellence Consulting OBJECTIVE OF ISO 22301 7 ISO 22301:2019 specifies requirements to implement, maintain and improve a management system to protect against, reduce the likelihood of the occurrence of, prepare for, respond to and recover from disruptions when they arise.
© Operational Excellence Consulting WHAT IMPROVEMENTS WERE MADE TO ISO 22301:2019? 8 The structure of the standard has been reviewed to make it easier to read and implement, with greater clarification of what is required The language and terminology have been simplified to remove duplication and better reflect today’s thinking in the business continuity industry The High Level Structure (HLS) has been streamlined to remain in line with all other ISO management system standards
© Operational Excellence Consulting WHO CAN USE ISO 22301? 9 Implement, maintain and improve a BCMS Seek to ensure conformity with stated business continuity policy Need to be able to continue to deliver products and services at an acceptable predefined capacity during a disruption Seek to enhance their resilience through the effective application of the BCMS ISO 22301 is applicable to all types and sizes of organizations that:
© Operational Excellence Consulting BENEFITS TO AN ORGANIZATION FOR IMPLEMENTING A BUSINESS CONTINUITY MANAGEMENT SYSTEM 10 Help organizations respond to, and recover from, disruptions effectively Reduced costs and less impact on business performance should something go wrong Provides ability to reassure clients, suppliers, regulators and other stakeholders Companies with multiple sites can rely on the same consistent approach A better understanding of critical issues and areas of vulnerability Improved business performance and organizational resilience
© Operational Excellence Consulting ADVANTAGES OF CERTIFICATION © Operational Excellence Consulting ● Certification to ISO 22301 is voluntary ● Independent check of conformity by a third party ● Indicates an effective Business Continuity Management System ● National/International recognition ● Provides competitive advantage ● Improves company image 11 11
© Operational Excellence Consulting ● Identifying potential risks, likelihood and consequences ● Documenting assumptions and criteria ● Identifying activities by risk classification in order of priority ● Allocating necessary resources to risk management plan ● Documenting results and develop a Risk Management Action plan RISK-BASED THINKING 12 Risk Evaluation Risk Analysis Risk Identification Risk Assessment Risk Treatment Scope, Context, Criteria COMMUNICATION & CONSULTATION MONITORING & REVIEW RECORDING & REPORTING
© Operational Excellence Consulting ISO 22301:2019 IS BASED ON THE ISO HIGH-LEVEL STRUCTURE FOR MANAGEMENT SYSTEM STANDARDS 13 1. Scope 2. Normative References 3. Terms & Definitions 4. Context of the Organization 5. Leadership 6. Planning 7. Support 8. Operation 9. Performance Evaluation 10. Improvement
© Operational Excellence Consulting HLS – THE SAME CORE ELEMENTS 14 Environment ISO 14001 Food Safety ISO 22000 Quality Management ISO 9001 Occupational Health & Safety ISO 45001 THE SAME CORE ELEMENTS
© Operational Excellence Consulting ISO 22301:2019 IS BASED ON THE PDCA MODEL 15 Source: Adapted from ISO SCOPE OF THE BUSINESS CONTINUITY MANAGEMENT SYSTEM IMPLEMENT & OPERATE THE BCMS ESTABLISH BCMS MAINTAIN & IMPROVE THE BCMS MONITOR & REVIEW THE BCMS Plan Do Check Act INTERNAL & EXTERNAL ISSUES NEEDS & EXPECTATIONS OF INTERESTED PARTIES INTENDED OUTCOMES OF THE BCMS
© Operational Excellence Consulting ISO 22301:2019 KEY CLAUSE STRUCTURE (4-10) PLAN DO CHECK ACT 4. Context of the organization 5. Leadership 6. Planning 7. Support 8. Operation 9. Performance evaluation 10. Improvement 4.1 Understanding the organization and its context 5.1 Leadership and commitment 6.1 Actions to address risks and opportunities 7.1 Resources 8.1 Operational planning and control 9.1 Monitoring, measurement, analysis and evaluation 10.1 Nonconformity and corrective action 4.2 Understanding the needs and expectations of interested parties 5.2 Policy 6.2 Business continuity objectives and plans to achieve them 7.2 Competence 8.2 Business impact analysis and risk assessment 9.2 Internal audit 10.2 Continual improvement 4.3 Determining the scope of the BCMS 5.3 Roles, responsibilities and authorities 6.3 Planning changes to the BCMS 7.3 Awareness 8.3 Business continuity strategies and solutions 9.3 Management review 4.4 Business continuity management system 7.4 Communication 8.4 Business continuity plans and procedures 7.5 Documented information 8.5 Exercise programme 8.6 Evaluation of business continuity documentation and capabilities
© Operational Excellence Consulting THE PDCA CYCLE IS THE ENGINE OF CONTINUOUS IMPROVEMENT 17 Consolidation through Standardization Improvement P D C A P D C A Current Standard New Standard Time Continuous Improvement
© Operational Excellence Consulting ● The certification body examines the BCMS for conformity to the ISO 22301:2019 standard ● The BCMS audit is a compliance audit ● Certification means the organization has a documented BCMS that is fully implemented and meets ISO 22301:2019 requirements BECOMING ISO 22301:2019 CERTIFIED © Operational Excellence Consulting 18 18
© Operational Excellence Consulting 19 ISO 22301:2019 CERTIFICATION PROCESS 3 5 7 1 4 6 2 Implementation of BCMS Selection of a Certification Body Stage 2 Audit Continual Improvement and Surveillance Audits Conduct Internal Audit and Review Result by Top Management Stage 1 Audit Confirmation of Registration
© Operational Excellence Consulting WHAT DOES CERTIFICATION ASSURE? 20 Regular assessment to continually monitor and improve processes Credibility that the system can achieve its intended outcomes Reduced risk and uncertainty and increase market opportunities Consistency in the outputs designed to meet stakeholder expectations
© Operational Excellence Consulting ● Systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled ● Audit criteria ○ Processes or procedures ○ Standards WHAT IS AN AUDIT? © Operational Excellence Consulting 21 21
© Operational Excellence Consulting WHAT ARE AUDITS USED FOR? 22 Auditing conformity Auditing effectiveness Looking at the overall process Approving external service providers Investigating problems Way of improving Assessing for certification Highlight examples of good practice
© Operational Excellence Consulting ● Focuses on employees’ understanding of the organization’s processes and verifies that these processes are: o complied with o under control o achieving the desired results ● Provide evidence, e.g. records, meeting minutes, reports, data and emails AUDIT APPROACH © Operational Excellence Consulting 23 23
© Operational Excellence Consulting AUDIT FINDINGS 24 MAJOR NONCONFORMITY § A major nonconformity relates to the absence or total breakdown of a required process or a number of minor nonconformities listed against similar areas § A major nonconformity at the Registration Audit would defer recommendation for registration until that major has been closed MINOR NONCONFORMITY OBSERVATION § A minor nonconformity is an observed lapse in your systems ability to meet the requirements of the standard or your internal systems, while the overall process remains intact § An observation or opportunity for improvement relates to a matter about which the Auditor is concerned but which cannot be clearly stated as a non- conformity § Observations also indicate trends which may result in a future nonconformity
© Operational Excellence Consulting HOW TO HANDLE AN AUDIT SESSION? 25 Ask and clarify Admit obvious non-conformities Do not panic Take note of improvement areas highlighted by the auditor Show internal audit report, when necessary Offer evidence and explain patiently
© Operational Excellence Consulting ● Polite ● Professional ● Positive / Receptive ● Sincere ● Commitment ● Formal but not overly serious AUDITEE’S CONDUCT © Operational Excellence Consulting 26 26
© Operational Excellence Consulting ● Be honest and open ● Recognize they may be experts ● Realize they may not be subject matter experts ● Understand the purpose of the meeting and review related records prior to interviews INTERACTING WITH AUDITORS – DO’S ● Turn mobile phones to silent mode ● Get the right person in to answer the question ● Listen carefully and understand each question before answering – Be sure responses are complete and accurate 27
© Operational Excellence Consulting Operational Excellence Consulting is a management training and consulting firm that assists organizations in improving business performance and effectiveness. Based in Singapore, the firm’s mission is to create business value for organizations through innovative design and operational excellence management training and consulting solutions. For more information, please visit www.oeconsulting.com.sg ABOUT OPERATIONAL EXCELLENCE CONSULTING

Recommended

ISO 9001:2015 (QMS) Awareness Training
ISO 9001:2015 (QMS) Awareness TrainingISO 9001:2015 (QMS) Awareness Training
ISO 9001:2015 (QMS) Awareness TrainingOperational Excellence Consulting
 
ISO 13485:2016 (Medical Devices - Quality Management Systems) Awareness Training
ISO 13485:2016 (Medical Devices - Quality Management Systems) Awareness TrainingISO 13485:2016 (Medical Devices - Quality Management Systems) Awareness Training
ISO 13485:2016 (Medical Devices - Quality Management Systems) Awareness TrainingOperational Excellence Consulting
 
Business Process Reengineering (BPR)
Business Process Reengineering (BPR)Business Process Reengineering (BPR)
Business Process Reengineering (BPR)Operational Excellence Consulting
 
ISO 13485:2016 (Medical Devices - Quality Management System) Awareness Training
ISO 13485:2016 (Medical Devices - Quality Management System) Awareness TrainingISO 13485:2016 (Medical Devices - Quality Management System) Awareness Training
ISO 13485:2016 (Medical Devices - Quality Management System) Awareness TrainingOperational Excellence Consulting
 
ISO 37301:2021 (Compliance Management Systems) Awareness Training
ISO 37301:2021 (Compliance Management Systems) Awareness TrainingISO 37301:2021 (Compliance Management Systems) Awareness Training
ISO 37301:2021 (Compliance Management Systems) Awareness TrainingOperational Excellence Consulting
 
The EISA Audit Presentation
The EISA Audit PresentationThe EISA Audit Presentation
The EISA Audit PresentationSenthil Kumar Manian (Amirtham)
 
Leveraging Gap Assessments and Internal Audits in ISO 22301
Leveraging Gap Assessments and Internal Audits in ISO 22301Leveraging Gap Assessments and Internal Audits in ISO 22301
Leveraging Gap Assessments and Internal Audits in ISO 22301PECB
 
ISO 22301 leadership buy in presentation
ISO 22301 leadership buy in presentationISO 22301 leadership buy in presentation
ISO 22301 leadership buy in presentationQualsys Ltd
 

Recommended

ISO 9001:2015 (QMS) Awareness Training
ISO 9001:2015 (QMS) Awareness TrainingISO 9001:2015 (QMS) Awareness Training
ISO 9001:2015 (QMS) Awareness TrainingOperational Excellence Consulting
 
ISO 13485:2016 (Medical Devices - Quality Management Systems) Awareness Training
ISO 13485:2016 (Medical Devices - Quality Management Systems) Awareness TrainingISO 13485:2016 (Medical Devices - Quality Management Systems) Awareness Training
ISO 13485:2016 (Medical Devices - Quality Management Systems) Awareness TrainingOperational Excellence Consulting
 
Business Process Reengineering (BPR)
Business Process Reengineering (BPR)Business Process Reengineering (BPR)
Business Process Reengineering (BPR)Operational Excellence Consulting
 
ISO 13485:2016 (Medical Devices - Quality Management System) Awareness Training
ISO 13485:2016 (Medical Devices - Quality Management System) Awareness TrainingISO 13485:2016 (Medical Devices - Quality Management System) Awareness Training
ISO 13485:2016 (Medical Devices - Quality Management System) Awareness TrainingOperational Excellence Consulting
 
ISO 37301:2021 (Compliance Management Systems) Awareness Training
ISO 37301:2021 (Compliance Management Systems) Awareness TrainingISO 37301:2021 (Compliance Management Systems) Awareness Training
ISO 37301:2021 (Compliance Management Systems) Awareness TrainingOperational Excellence Consulting
 
The EISA Audit Presentation
The EISA Audit PresentationThe EISA Audit Presentation
The EISA Audit PresentationSenthil Kumar Manian (Amirtham)
 
Leveraging Gap Assessments and Internal Audits in ISO 22301
Leveraging Gap Assessments and Internal Audits in ISO 22301Leveraging Gap Assessments and Internal Audits in ISO 22301
Leveraging Gap Assessments and Internal Audits in ISO 22301PECB
 
ISO 22301 leadership buy in presentation
ISO 22301 leadership buy in presentationISO 22301 leadership buy in presentation
ISO 22301 leadership buy in presentationQualsys Ltd
 
Requirements Practice - Maveric Systems
Requirements Practice - Maveric SystemsRequirements Practice - Maveric Systems
Requirements Practice - Maveric SystemsMaveric Systems
 
ISO 22000:2018 (Food Safety Management Systems) Awareness Training
ISO 22000:2018 (Food Safety Management Systems) Awareness TrainingISO 22000:2018 (Food Safety Management Systems) Awareness Training
ISO 22000:2018 (Food Safety Management Systems) Awareness TrainingOperational Excellence Consulting
 
TPM Self-Assessment Guide
TPM Self-Assessment GuideTPM Self-Assessment Guide
TPM Self-Assessment GuideOperational Excellence Consulting
 
ISO/IEC 27001 vs ISO 22301 vs ISO 31000: What you need to know
ISO/IEC 27001 vs ISO 22301 vs ISO 31000: What you need to knowISO/IEC 27001 vs ISO 22301 vs ISO 31000: What you need to know
ISO/IEC 27001 vs ISO 22301 vs ISO 31000: What you need to knowPECB
 
Governance and Compliance for Credit Unions
Governance and Compliance for Credit UnionsGovernance and Compliance for Credit Unions
Governance and Compliance for Credit Unionsle chéile Group
 
Enterprise Risk Management & Organizational Excellence
Enterprise Risk Management & Organizational ExcellenceEnterprise Risk Management & Organizational Excellence
Enterprise Risk Management & Organizational ExcellenceEneni Oduwole
 
Six Sigma Improvement Process: Transforming Processes, Elevating Performance
Six Sigma Improvement Process: Transforming Processes, Elevating PerformanceSix Sigma Improvement Process: Transforming Processes, Elevating Performance
Six Sigma Improvement Process: Transforming Processes, Elevating PerformanceOperational Excellence Consulting
 
Charlotte FENG - What you need to know in 2014!
Charlotte FENG - What you need to know in 2014!Charlotte FENG - What you need to know in 2014!
Charlotte FENG - What you need to know in 2014!Ken Witt
 
NQA - ISO 9001 Implementation Guide
NQA - ISO 9001 Implementation GuideNQA - ISO 9001 Implementation Guide
NQA - ISO 9001 Implementation GuideNA Putra
 
Iso 22301 2012 bcm
Iso 22301 2012 bcmIso 22301 2012 bcm
Iso 22301 2012 bcmfaisal_ss
 
Dynamic Strategies Iso Implementation Corporate Presentation Ii
Dynamic Strategies Iso Implementation Corporate Presentation IiDynamic Strategies Iso Implementation Corporate Presentation Ii
Dynamic Strategies Iso Implementation Corporate Presentation Iidynamic67
 
The role of the new ISO 9001:2015 leadership requirements in companies
The role of the new ISO 9001:2015 leadership requirements in companiesThe role of the new ISO 9001:2015 leadership requirements in companies
The role of the new ISO 9001:2015 leadership requirements in companiesPECB
 
NQA ISO 9001 Implementation Guide
NQA ISO 9001 Implementation GuideNQA ISO 9001 Implementation Guide
NQA ISO 9001 Implementation GuideNQA
 
Binder
BinderBinder
BinderKevin Cory
 
LRQA ISO Standards Update - Integration as Standard? October 2013
LRQA ISO Standards Update - Integration as Standard? October 2013LRQA ISO Standards Update - Integration as Standard? October 2013
LRQA ISO Standards Update - Integration as Standard? October 2013Lloyd's Register - Management Systems
 
SWE 333 - ISQM ISO 9000-3.ppt
SWE 333 - ISQM ISO 9000-3.pptSWE 333 - ISQM ISO 9000-3.ppt
SWE 333 - ISQM ISO 9000-3.pptOswaldo Gonzales
 
Ensemble - Process, Strategy and Performance Management
Ensemble - Process, Strategy and Performance ManagementEnsemble - Process, Strategy and Performance Management
Ensemble - Process, Strategy and Performance ManagementRefik Tuncer
 
ISO 9001 ultimate guide to the core quality management standard.pdf
ISO 9001 ultimate guide to the core quality management standard.pdfISO 9001 ultimate guide to the core quality management standard.pdf
ISO 9001 ultimate guide to the core quality management standard.pdfFaiz Alkhawlani
 
Chapter vi strategic control and evaluation
Chapter vi strategic control and evaluationChapter vi strategic control and evaluation
Chapter vi strategic control and evaluationSuzana Vaidya
 
ISO 9001 Foundation Training Course - Sample Slides
ISO 9001 Foundation Training Course - Sample SlidesISO 9001 Foundation Training Course - Sample Slides
ISO 9001 Foundation Training Course - Sample SlidesStratos Lazaridis
 
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...Operational Excellence Consulting
 
ISO 37002:2021 (Whistleblowing Management Systems) Awareness Training
ISO 37002:2021 (Whistleblowing Management Systems) Awareness TrainingISO 37002:2021 (Whistleblowing Management Systems) Awareness Training
ISO 37002:2021 (Whistleblowing Management Systems) Awareness TrainingOperational Excellence Consulting
 

More Related Content

Similar to ISO 22301:2019 (Business Continuity Management Systems) Awareness Training

Requirements Practice - Maveric Systems
Requirements Practice - Maveric SystemsRequirements Practice - Maveric Systems
Requirements Practice - Maveric SystemsMaveric Systems
 
ISO 22000:2018 (Food Safety Management Systems) Awareness Training
ISO 22000:2018 (Food Safety Management Systems) Awareness TrainingISO 22000:2018 (Food Safety Management Systems) Awareness Training
ISO 22000:2018 (Food Safety Management Systems) Awareness TrainingOperational Excellence Consulting
 
ISO/IEC 27001 vs ISO 22301 vs ISO 31000: What you need to know
ISO/IEC 27001 vs ISO 22301 vs ISO 31000: What you need to knowISO/IEC 27001 vs ISO 22301 vs ISO 31000: What you need to know
ISO/IEC 27001 vs ISO 22301 vs ISO 31000: What you need to knowPECB
 
Governance and Compliance for Credit Unions
Governance and Compliance for Credit UnionsGovernance and Compliance for Credit Unions
Governance and Compliance for Credit Unionsle chéile Group
 
Enterprise Risk Management & Organizational Excellence
Enterprise Risk Management & Organizational ExcellenceEnterprise Risk Management & Organizational Excellence
Enterprise Risk Management & Organizational ExcellenceEneni Oduwole
 
Six Sigma Improvement Process: Transforming Processes, Elevating Performance
Six Sigma Improvement Process: Transforming Processes, Elevating PerformanceSix Sigma Improvement Process: Transforming Processes, Elevating Performance
Six Sigma Improvement Process: Transforming Processes, Elevating PerformanceOperational Excellence Consulting
 
Charlotte FENG - What you need to know in 2014!
Charlotte FENG - What you need to know in 2014!Charlotte FENG - What you need to know in 2014!
Charlotte FENG - What you need to know in 2014!Ken Witt
 
NQA - ISO 9001 Implementation Guide
NQA - ISO 9001 Implementation GuideNQA - ISO 9001 Implementation Guide
NQA - ISO 9001 Implementation GuideNA Putra
 
Iso 22301 2012 bcm
Iso 22301 2012 bcmIso 22301 2012 bcm
Iso 22301 2012 bcmfaisal_ss
 
Dynamic Strategies Iso Implementation Corporate Presentation Ii
Dynamic Strategies Iso Implementation Corporate Presentation IiDynamic Strategies Iso Implementation Corporate Presentation Ii
Dynamic Strategies Iso Implementation Corporate Presentation Iidynamic67
 
The role of the new ISO 9001:2015 leadership requirements in companies
The role of the new ISO 9001:2015 leadership requirements in companiesThe role of the new ISO 9001:2015 leadership requirements in companies
The role of the new ISO 9001:2015 leadership requirements in companiesPECB
 
NQA ISO 9001 Implementation Guide
NQA ISO 9001 Implementation GuideNQA ISO 9001 Implementation Guide
NQA ISO 9001 Implementation GuideNQA
 
SWE 333 - ISQM ISO 9000-3.ppt
SWE 333 - ISQM ISO 9000-3.pptSWE 333 - ISQM ISO 9000-3.ppt
SWE 333 - ISQM ISO 9000-3.pptOswaldo Gonzales
 
Ensemble - Process, Strategy and Performance Management
Ensemble - Process, Strategy and Performance ManagementEnsemble - Process, Strategy and Performance Management
Ensemble - Process, Strategy and Performance ManagementRefik Tuncer
 
ISO 9001 ultimate guide to the core quality management standard.pdf
ISO 9001 ultimate guide to the core quality management standard.pdfISO 9001 ultimate guide to the core quality management standard.pdf
ISO 9001 ultimate guide to the core quality management standard.pdfFaiz Alkhawlani
 
Chapter vi strategic control and evaluation
Chapter vi strategic control and evaluationChapter vi strategic control and evaluation
Chapter vi strategic control and evaluationSuzana Vaidya
 
ISO 9001 Foundation Training Course - Sample Slides
ISO 9001 Foundation Training Course - Sample SlidesISO 9001 Foundation Training Course - Sample Slides
ISO 9001 Foundation Training Course - Sample SlidesStratos Lazaridis
 

Similar to ISO 22301:2019 (Business Continuity Management Systems) Awareness Training (20)

Requirements Practice - Maveric Systems
Requirements Practice - Maveric SystemsRequirements Practice - Maveric Systems
Requirements Practice - Maveric Systems
 
ISO 22000:2018 (Food Safety Management Systems) Awareness Training
ISO 22000:2018 (Food Safety Management Systems) Awareness TrainingISO 22000:2018 (Food Safety Management Systems) Awareness Training
ISO 22000:2018 (Food Safety Management Systems) Awareness Training
 
TPM Self-Assessment Guide
TPM Self-Assessment GuideTPM Self-Assessment Guide
TPM Self-Assessment Guide
 
ISO/IEC 27001 vs ISO 22301 vs ISO 31000: What you need to know
ISO/IEC 27001 vs ISO 22301 vs ISO 31000: What you need to knowISO/IEC 27001 vs ISO 22301 vs ISO 31000: What you need to know
ISO/IEC 27001 vs ISO 22301 vs ISO 31000: What you need to know
 
Governance and Compliance for Credit Unions
Governance and Compliance for Credit UnionsGovernance and Compliance for Credit Unions
Governance and Compliance for Credit Unions
 
Enterprise Risk Management & Organizational Excellence
Enterprise Risk Management & Organizational ExcellenceEnterprise Risk Management & Organizational Excellence
Enterprise Risk Management & Organizational Excellence
 
Six Sigma Improvement Process: Transforming Processes, Elevating Performance
Six Sigma Improvement Process: Transforming Processes, Elevating PerformanceSix Sigma Improvement Process: Transforming Processes, Elevating Performance
Six Sigma Improvement Process: Transforming Processes, Elevating Performance
 
Charlotte FENG - What you need to know in 2014!
Charlotte FENG - What you need to know in 2014!Charlotte FENG - What you need to know in 2014!
Charlotte FENG - What you need to know in 2014!
 
NQA - ISO 9001 Implementation Guide
NQA - ISO 9001 Implementation GuideNQA - ISO 9001 Implementation Guide
NQA - ISO 9001 Implementation Guide
 
Iso 22301 2012 bcm
Iso 22301 2012 bcmIso 22301 2012 bcm
Iso 22301 2012 bcm
 
Dynamic Strategies Iso Implementation Corporate Presentation Ii
Dynamic Strategies Iso Implementation Corporate Presentation IiDynamic Strategies Iso Implementation Corporate Presentation Ii
Dynamic Strategies Iso Implementation Corporate Presentation Ii
 
The role of the new ISO 9001:2015 leadership requirements in companies
The role of the new ISO 9001:2015 leadership requirements in companiesThe role of the new ISO 9001:2015 leadership requirements in companies
The role of the new ISO 9001:2015 leadership requirements in companies
 
NQA ISO 9001 Implementation Guide
NQA ISO 9001 Implementation GuideNQA ISO 9001 Implementation Guide
NQA ISO 9001 Implementation Guide
 
Binder
BinderBinder
Binder
 
LRQA ISO Standards Update - Integration as Standard? October 2013
LRQA ISO Standards Update - Integration as Standard? October 2013LRQA ISO Standards Update - Integration as Standard? October 2013
LRQA ISO Standards Update - Integration as Standard? October 2013
 
SWE 333 - ISQM ISO 9000-3.ppt
SWE 333 - ISQM ISO 9000-3.pptSWE 333 - ISQM ISO 9000-3.ppt
SWE 333 - ISQM ISO 9000-3.ppt
 
Ensemble - Process, Strategy and Performance Management
Ensemble - Process, Strategy and Performance ManagementEnsemble - Process, Strategy and Performance Management
Ensemble - Process, Strategy and Performance Management
 
ISO 9001 ultimate guide to the core quality management standard.pdf
ISO 9001 ultimate guide to the core quality management standard.pdfISO 9001 ultimate guide to the core quality management standard.pdf
ISO 9001 ultimate guide to the core quality management standard.pdf
 
Chapter vi strategic control and evaluation
Chapter vi strategic control and evaluationChapter vi strategic control and evaluation
Chapter vi strategic control and evaluation
 
ISO 9001 Foundation Training Course - Sample Slides
ISO 9001 Foundation Training Course - Sample SlidesISO 9001 Foundation Training Course - Sample Slides
ISO 9001 Foundation Training Course - Sample Slides
 

More from Operational Excellence Consulting

The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...Operational Excellence Consulting
 
ISO 37002:2021 (Whistleblowing Management Systems) Awareness Training
ISO 37002:2021 (Whistleblowing Management Systems) Awareness TrainingISO 37002:2021 (Whistleblowing Management Systems) Awareness Training
ISO 37002:2021 (Whistleblowing Management Systems) Awareness TrainingOperational Excellence Consulting
 
ISO 37000:2021 (Governance of Organizations) Awareness Training
ISO 37000:2021 (Governance of Organizations) Awareness TrainingISO 37000:2021 (Governance of Organizations) Awareness Training
ISO 37000:2021 (Governance of Organizations) Awareness TrainingOperational Excellence Consulting
 
Kaizen Event Guide: Transforming Challenges into Opportunities
Kaizen Event Guide: Transforming Challenges into OpportunitiesKaizen Event Guide: Transforming Challenges into Opportunities
Kaizen Event Guide: Transforming Challenges into OpportunitiesOperational Excellence Consulting
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Poster
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness PosterISO/IEC 27001:2022 (Information Security Management Systems) Awareness Poster
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness PosterOperational Excellence Consulting
 

More from Operational Excellence Consulting (20)

The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
 
ISO 37002:2021 (Whistleblowing Management Systems) Awareness Training
ISO 37002:2021 (Whistleblowing Management Systems) Awareness TrainingISO 37002:2021 (Whistleblowing Management Systems) Awareness Training
ISO 37002:2021 (Whistleblowing Management Systems) Awareness Training
 
ISO 37000:2021 (Governance of Organizations) Awareness Training
ISO 37000:2021 (Governance of Organizations) Awareness TrainingISO 37000:2021 (Governance of Organizations) Awareness Training
ISO 37000:2021 (Governance of Organizations) Awareness Training
 
Kaizen Event Guide: Transforming Challenges into Opportunities
Kaizen Event Guide: Transforming Challenges into OpportunitiesKaizen Event Guide: Transforming Challenges into Opportunities
Kaizen Event Guide: Transforming Challenges into Opportunities
 
Kaizen: Elevating Continuous Improvement for Success
Kaizen: Elevating Continuous Improvement for SuccessKaizen: Elevating Continuous Improvement for Success
Kaizen: Elevating Continuous Improvement for Success
 
Strategic Planning: A3 Hoshin Planning Process
Strategic Planning: A3 Hoshin Planning ProcessStrategic Planning: A3 Hoshin Planning Process
Strategic Planning: A3 Hoshin Planning Process
 
A3 Problem Solving Process & Tools
A3 Problem Solving Process & ToolsA3 Problem Solving Process & Tools
A3 Problem Solving Process & Tools
 
Digital Strategic Business Planning Methodology
Digital Strategic Business Planning MethodologyDigital Strategic Business Planning Methodology
Digital Strategic Business Planning Methodology
 
Root Cause Analysis (RCA)
Root Cause Analysis (RCA)Root Cause Analysis (RCA)
Root Cause Analysis (RCA)
 
5 Steps of Problem Solving
5 Steps of Problem Solving5 Steps of Problem Solving
5 Steps of Problem Solving
 
Seven Advanced Tools of Quality (Seven Advanced QC Tools)
Seven Advanced Tools of Quality (Seven Advanced QC Tools)Seven Advanced Tools of Quality (Seven Advanced QC Tools)
Seven Advanced Tools of Quality (Seven Advanced QC Tools)
 
Seven Basic Tools of Quality (Seven Basic QC Tools)
Seven Basic Tools of Quality (Seven Basic QC Tools)Seven Basic Tools of Quality (Seven Basic QC Tools)
Seven Basic Tools of Quality (Seven Basic QC Tools)
 
Problem Solving & Visualization Tools
Problem Solving & Visualization ToolsProblem Solving & Visualization Tools
Problem Solving & Visualization Tools
 
PDCA Problem Solving Process & Tools
PDCA Problem Solving Process & ToolsPDCA Problem Solving Process & Tools
PDCA Problem Solving Process & Tools
 
8D Problem Solving Process & Tools
8D Problem Solving Process & Tools8D Problem Solving Process & Tools
8D Problem Solving Process & Tools
 
Digital Transformation Process Poster
Digital Transformation Process PosterDigital Transformation Process Poster
Digital Transformation Process Poster
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Poster
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness PosterISO/IEC 27001:2022 (Information Security Management Systems) Awareness Poster
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Poster
 
Four Steps of Jidoka Poster
Four Steps of Jidoka PosterFour Steps of Jidoka Poster
Four Steps of Jidoka Poster
 
Lean Startup: Build-Measure-Learn Process Poster
Lean Startup: Build-Measure-Learn Process PosterLean Startup: Build-Measure-Learn Process Poster
Lean Startup: Build-Measure-Learn Process Poster
 
AIDA Marketing Model Poster
AIDA Marketing Model PosterAIDA Marketing Model Poster
AIDA Marketing Model Poster
 

Recently uploaded

Vip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service DewasVip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewasmakika9823
 
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...lizamodels9
 
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With RoomVIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Roomdivyansh0kumar0
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Neil Kimberley
 
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...lizamodels9
 
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...anilsa9823
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.Aaiza Hassan
 
GD Birla and his contribution in management
GD Birla and his contribution in managementGD Birla and his contribution in management
GD Birla and his contribution in managementchhavia330
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...Paul Menig
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMRavindra Nath Shukla
 
Sales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessSales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessAggregage
 
Catalogue ONG NUOC PPR DE NHAT .pdf
Catalogue ONG NUOC PPR DE NHAT .pdfCatalogue ONG NUOC PPR DE NHAT .pdf
Catalogue ONG NUOC PPR DE NHAT .pdfOrient Homes
 
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppelCorporation
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANIlamathiKannappan
 
/:Call Girls In Jaypee Siddharth - 5 Star Hotel New Delhi ➥9990211544 Top Esc...
/:Call Girls In Jaypee Siddharth - 5 Star Hotel New Delhi ➥9990211544 Top Esc.../:Call Girls In Jaypee Siddharth - 5 Star Hotel New Delhi ➥9990211544 Top Esc...
/:Call Girls In Jaypee Siddharth - 5 Star Hotel New Delhi ➥9990211544 Top Esc...lizamodels9
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communicationskarancommunications
 
Eni 2024 1Q Results - 24.04.24 business.
Eni 2024 1Q Results - 24.04.24 business.Eni 2024 1Q Results - 24.04.24 business.
Eni 2024 1Q Results - 24.04.24 business.Eni
 

Recently uploaded (20)

Vip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service DewasVip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
 
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
 
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With RoomVIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023
 
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
 
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.
 
GD Birla and his contribution in management
GD Birla and his contribution in managementGD Birla and his contribution in management
GD Birla and his contribution in management
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSM
 
Sales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessSales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for Success
 
Catalogue ONG NUOC PPR DE NHAT .pdf
Catalogue ONG NUOC PPR DE NHAT .pdfCatalogue ONG NUOC PPR DE NHAT .pdf
Catalogue ONG NUOC PPR DE NHAT .pdf
 
KestrelPro Flyer Japan IT Week 2024 (English)
KestrelPro Flyer Japan IT Week 2024 (English)KestrelPro Flyer Japan IT Week 2024 (English)
KestrelPro Flyer Japan IT Week 2024 (English)
 
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMAN
 
/:Call Girls In Jaypee Siddharth - 5 Star Hotel New Delhi ➥9990211544 Top Esc...
/:Call Girls In Jaypee Siddharth - 5 Star Hotel New Delhi ➥9990211544 Top Esc.../:Call Girls In Jaypee Siddharth - 5 Star Hotel New Delhi ➥9990211544 Top Esc...
/:Call Girls In Jaypee Siddharth - 5 Star Hotel New Delhi ➥9990211544 Top Esc...
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communications
 
Eni 2024 1Q Results - 24.04.24 business.
Eni 2024 1Q Results - 24.04.24 business.Eni 2024 1Q Results - 24.04.24 business.
Eni 2024 1Q Results - 24.04.24 business.
 
Best Practices for Implementing an External Recruiting Partnership
Best Practices for Implementing an External Recruiting PartnershipBest Practices for Implementing an External Recruiting Partnership
Best Practices for Implementing an External Recruiting Partnership
 

ISO 22301:2019 (Business Continuity Management Systems) Awareness Training

  • 1. © Operational Excellence Consulting ISO 22301:2019 Security & Resilience – Business Continuity Management Systems © Operational Excellence Consulting. All rights reserved.
  • 2. © Operational Excellence Consulting LEARNING OBJECTIVES 2 Provide background knowledge of ISO 22301 Describe the audit approach and learn useful tips for handling an audit session Gain an overview of the ISO 22301:2019 structure Understand the ISO 22301:2019 certification process NOTE: This is a PARTIAL PREVIEW. To download the complete presentation, please visit: https://www.oeconsulting.com.sg
  • 3. © Operational Excellence Consulting CONTENTS 3 OVERVIEW OF ISO 22301 ISO 22301:2019 STRUCTURE ISO 22301:2019 CERTIFICATION PROCESS AUDIT APPROACH 01 04 03 02 HANDLING AN AUDIT SESSION 05
  • 4. © Operational Excellence Consulting 95% of global business leaders report that their crisis management capabilities need improvement. 4 Source: PwC Global Crisis Survey 2021
  • 5. © Operational Excellence Consulting 51% of companies across the globe don’t have a business continuity plan. 5 Source: Mercer, 2020
  • 6. © Operational Excellence Consulting ● ISO 22301 is an International Standard for implementing and maintaining effective business continuity plans, systems and processes ● It establishes a framework for industrial plants or entire companies to manage all aspects of business continuity ● Applies to all types and sizes of organizations WHAT IS ISO 22301? © Operational Excellence Consulting 6
  • 7. © Operational Excellence Consulting OBJECTIVE OF ISO 22301 7 ISO 22301:2019 specifies requirements to implement, maintain and improve a management system to protect against, reduce the likelihood of the occurrence of, prepare for, respond to and recover from disruptions when they arise.
  • 8. © Operational Excellence Consulting WHAT IMPROVEMENTS WERE MADE TO ISO 22301:2019? 8 The structure of the standard has been reviewed to make it easier to read and implement, with greater clarification of what is required The language and terminology have been simplified to remove duplication and better reflect today’s thinking in the business continuity industry The High Level Structure (HLS) has been streamlined to remain in line with all other ISO management system standards
  • 9. © Operational Excellence Consulting WHO CAN USE ISO 22301? 9 Implement, maintain and improve a BCMS Seek to ensure conformity with stated business continuity policy Need to be able to continue to deliver products and services at an acceptable predefined capacity during a disruption Seek to enhance their resilience through the effective application of the BCMS ISO 22301 is applicable to all types and sizes of organizations that:
  • 10. © Operational Excellence Consulting BENEFITS TO AN ORGANIZATION FOR IMPLEMENTING A BUSINESS CONTINUITY MANAGEMENT SYSTEM 10 Help organizations respond to, and recover from, disruptions effectively Reduced costs and less impact on business performance should something go wrong Provides ability to reassure clients, suppliers, regulators and other stakeholders Companies with multiple sites can rely on the same consistent approach A better understanding of critical issues and areas of vulnerability Improved business performance and organizational resilience
  • 11. © Operational Excellence Consulting ADVANTAGES OF CERTIFICATION © Operational Excellence Consulting ● Certification to ISO 22301 is voluntary ● Independent check of conformity by a third party ● Indicates an effective Business Continuity Management System ● National/International recognition ● Provides competitive advantage ● Improves company image 11 11
  • 12. © Operational Excellence Consulting ● Identifying potential risks, likelihood and consequences ● Documenting assumptions and criteria ● Identifying activities by risk classification in order of priority ● Allocating necessary resources to risk management plan ● Documenting results and develop a Risk Management Action plan RISK-BASED THINKING 12 Risk Evaluation Risk Analysis Risk Identification Risk Assessment Risk Treatment Scope, Context, Criteria COMMUNICATION & CONSULTATION MONITORING & REVIEW RECORDING & REPORTING
  • 13. © Operational Excellence Consulting ISO 22301:2019 IS BASED ON THE ISO HIGH-LEVEL STRUCTURE FOR MANAGEMENT SYSTEM STANDARDS 13 1. Scope 2. Normative References 3. Terms & Definitions 4. Context of the Organization 5. Leadership 6. Planning 7. Support 8. Operation 9. Performance Evaluation 10. Improvement
  • 14. © Operational Excellence Consulting HLS – THE SAME CORE ELEMENTS 14 Environment ISO 14001 Food Safety ISO 22000 Quality Management ISO 9001 Occupational Health & Safety ISO 45001 THE SAME CORE ELEMENTS
  • 15. © Operational Excellence Consulting ISO 22301:2019 IS BASED ON THE PDCA MODEL 15 Source: Adapted from ISO SCOPE OF THE BUSINESS CONTINUITY MANAGEMENT SYSTEM IMPLEMENT & OPERATE THE BCMS ESTABLISH BCMS MAINTAIN & IMPROVE THE BCMS MONITOR & REVIEW THE BCMS Plan Do Check Act INTERNAL & EXTERNAL ISSUES NEEDS & EXPECTATIONS OF INTERESTED PARTIES INTENDED OUTCOMES OF THE BCMS
  • 16. © Operational Excellence Consulting ISO 22301:2019 KEY CLAUSE STRUCTURE (4-10) PLAN DO CHECK ACT 4. Context of the organization 5. Leadership 6. Planning 7. Support 8. Operation 9. Performance evaluation 10. Improvement 4.1 Understanding the organization and its context 5.1 Leadership and commitment 6.1 Actions to address risks and opportunities 7.1 Resources 8.1 Operational planning and control 9.1 Monitoring, measurement, analysis and evaluation 10.1 Nonconformity and corrective action 4.2 Understanding the needs and expectations of interested parties 5.2 Policy 6.2 Business continuity objectives and plans to achieve them 7.2 Competence 8.2 Business impact analysis and risk assessment 9.2 Internal audit 10.2 Continual improvement 4.3 Determining the scope of the BCMS 5.3 Roles, responsibilities and authorities 6.3 Planning changes to the BCMS 7.3 Awareness 8.3 Business continuity strategies and solutions 9.3 Management review 4.4 Business continuity management system 7.4 Communication 8.4 Business continuity plans and procedures 7.5 Documented information 8.5 Exercise programme 8.6 Evaluation of business continuity documentation and capabilities
  • 17. © Operational Excellence Consulting THE PDCA CYCLE IS THE ENGINE OF CONTINUOUS IMPROVEMENT 17 Consolidation through Standardization Improvement P D C A P D C A Current Standard New Standard Time Continuous Improvement
  • 18. © Operational Excellence Consulting ● The certification body examines the BCMS for conformity to the ISO 22301:2019 standard ● The BCMS audit is a compliance audit ● Certification means the organization has a documented BCMS that is fully implemented and meets ISO 22301:2019 requirements BECOMING ISO 22301:2019 CERTIFIED © Operational Excellence Consulting 18 18
  • 19. © Operational Excellence Consulting 19 ISO 22301:2019 CERTIFICATION PROCESS 3 5 7 1 4 6 2 Implementation of BCMS Selection of a Certification Body Stage 2 Audit Continual Improvement and Surveillance Audits Conduct Internal Audit and Review Result by Top Management Stage 1 Audit Confirmation of Registration
  • 20. © Operational Excellence Consulting WHAT DOES CERTIFICATION ASSURE? 20 Regular assessment to continually monitor and improve processes Credibility that the system can achieve its intended outcomes Reduced risk and uncertainty and increase market opportunities Consistency in the outputs designed to meet stakeholder expectations
  • 21. © Operational Excellence Consulting ● Systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled ● Audit criteria ○ Processes or procedures ○ Standards WHAT IS AN AUDIT? © Operational Excellence Consulting 21 21
  • 22. © Operational Excellence Consulting WHAT ARE AUDITS USED FOR? 22 Auditing conformity Auditing effectiveness Looking at the overall process Approving external service providers Investigating problems Way of improving Assessing for certification Highlight examples of good practice
  • 23. © Operational Excellence Consulting ● Focuses on employees’ understanding of the organization’s processes and verifies that these processes are: o complied with o under control o achieving the desired results ● Provide evidence, e.g. records, meeting minutes, reports, data and emails AUDIT APPROACH © Operational Excellence Consulting 23 23
  • 24. © Operational Excellence Consulting AUDIT FINDINGS 24 MAJOR NONCONFORMITY § A major nonconformity relates to the absence or total breakdown of a required process or a number of minor nonconformities listed against similar areas § A major nonconformity at the Registration Audit would defer recommendation for registration until that major has been closed MINOR NONCONFORMITY OBSERVATION § A minor nonconformity is an observed lapse in your systems ability to meet the requirements of the standard or your internal systems, while the overall process remains intact § An observation or opportunity for improvement relates to a matter about which the Auditor is concerned but which cannot be clearly stated as a non- conformity § Observations also indicate trends which may result in a future nonconformity
  • 25. © Operational Excellence Consulting HOW TO HANDLE AN AUDIT SESSION? 25 Ask and clarify Admit obvious non-conformities Do not panic Take note of improvement areas highlighted by the auditor Show internal audit report, when necessary Offer evidence and explain patiently
  • 26. © Operational Excellence Consulting ● Polite ● Professional ● Positive / Receptive ● Sincere ● Commitment ● Formal but not overly serious AUDITEE’S CONDUCT © Operational Excellence Consulting 26 26
  • 27. © Operational Excellence Consulting ● Be honest and open ● Recognize they may be experts ● Realize they may not be subject matter experts ● Understand the purpose of the meeting and review related records prior to interviews INTERACTING WITH AUDITORS – DO’S ● Turn mobile phones to silent mode ● Get the right person in to answer the question ● Listen carefully and understand each question before answering – Be sure responses are complete and accurate 27
  • 28. © Operational Excellence Consulting Operational Excellence Consulting is a management training and consulting firm that assists organizations in improving business performance and effectiveness. Based in Singapore, the firm’s mission is to create business value for organizations through innovative design and operational excellence management training and consulting solutions. For more information, please visit www.oeconsulting.com.sg ABOUT OPERATIONAL EXCELLENCE CONSULTING