ISO22301:2012, “Societal security – Business continuity management systems – Requirements”, is a series of guidelines to ensure businesses are kept operational during and after a disruption.

Published by the International Organization for Standardization (ISO) in 2012, ISO22301 is the world’s first international standard for BCM, replacing the British standard BS25999.

ISO22301 is a management systems standard for business continuity management (BCM) which can be used by organizations of all sizes and types. It specifies the requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise.

The requirements specified in ISO22301 are generic and intended to be applicable to all organizations, or parts thereof, regardless of type, size and nature of the organization. The extent of application of these requirements depends on the organization’s operating environment and complexity.

Organisations which obtain the accredited certification against this standard are able to demonstrate to legislators, regulators, customers, prospective customers, and other interested parties that they are adhering to good practice in BCM. ISO22301 also enables the business continuity manager to show top management that a recognized standard has been achieved.

While ISO22301 may be used for certification and therefore includes rather short and concise requirements describing the central elements of BCM, a more extensive guidance standard (ISO22313) is being developed to provide greater detail on each requirement in ISO22301.

ISO22301 may also be used within an organization to measure itself against good practice, and by auditors wishing to report to management. The influence of the standard will therefore be much greater than those who simply choose to be certified against the standard.

For more information, please visit www.iso.org.

Related article: Business Resiliency in the Face of Global Change