What is ISO 22301 Business Continuity Management Systems?
ISO 22301 specifies the structure and requirements for implementing and maintaining a business continuity management system (BCMS) that develops business continuity appropriate to the amount and type of impact that the organization may or may not accept following a disruption.
The outcomes of maintaining a BCMS are shaped by the organization's legal, regulatory, organizational, and industry requirements, products and services provided, processes employed, size and structure of the organization, and its interested parties' requirements.
A BCMS emphasizes the importance of:
To whom does the ISO 22301 apply?
The document specifies requirements to implement, maintain, and improve a management system to protect against, reduce the likelihood of preparing, respond to, and recover from disruptions when they arise.
The requirements specified in this document are generic and intended to apply to all organizations or parts thereof, regardless of their type, size, and nature. The extent of application of these requirements depends on the organization's operating environment and complexity.
This standard applies to all types and sizes of organizations that:
How do I get started?
Be aware of your organization's key objectives – this will help you clarify your risk management system's targets and requirements.