Business Continuity Management and ISO 22301

BCM (business continuity management) is a risk management process that helps organisations manage the threat of unexpected disruptions affecting their day-to-day operations.

As the COVID-19 pandemic has shown, the effects of such disruptions can be devastating, but pandemics are, of course, not the only business continuity challenge you face.

From natural disasters to data breaches and technological failures caused by cyber attacks, there are multiple ways your organisation could be forced to stop functioning.

Putting plans in place to ensure you can continue to provide an acceptable level of service throughout a disruptive incident and to enable your return to business as usual is therefore a critical board responsibility.

ISO 22301:2012 (ISO 22301) is the international standard that specifies the requirements of a BCMS (business continuity management system).

A BCMS is a framework that allows organisations of all types and sizes to implement and maintain a programme to help prepare for, respond to and recover from operational disruption.

The Standard takes a risk-based approach to managing an organisation’s ability to meet its obligations and continue operating during disruptions – even if that is at a reduced capacity – before returning to business as usual within an accepted time frame.

Aligning your BCM plans with ISO 22301 will ensure you can continue to meet your legal and regulatory requirements, as well as the needs and interests of interested parties such as customers, investors, shareholders and the supply chain.

  Buy your copy of ISO 22301 from our sister company IT Governance.

A key component of business continuity planning is staff awareness training.

If a disruptive incident occurs and normal operations are unavailable, staff must understand what is required of them and act without delay.

This is where we can help.

Prepare your employees to respond to workplace disruptions with our interactive Business Continuity Staff Awareness E-learning Course.

It covers:

• The different types of disruptive events that can affect an organisation’s operations, with examples ranging from widespread to smaller, more likely events;
• How an organisation will be harmed if it cannot continue to offer its products and services;
• Examples of how organisations can benefit from responding effectively to a disruptive incident;
• What a good-practice business continuity programme looks like;
• How ISO 22301 fits into the programme; and
• What employees can do to help protect their organisation before, during and after a disruptive event.

This is an annual subscription product. However, you can cancel at any time (T&Cs apply).

Learn more