ISO 22301:2019 - Business Continuity Management (BCM)
ISO 22301:2019 is an international standard that provides a framework for implementing and maintaining a Business Continuity Management (BCM) system. BCM is a holistic management process that identifies potential threats to an organization and provides a framework for building resilience and the capability to respond effectively to disruptions.
The ISO 22301 standard helps organizations establish, implement, maintain, and continually improve their BCM systems. It outlines the requirements for a robust and effective BCM system, focusing on key aspects such as risk assessment, business impact analysis, strategy development, incident response, and recovery planning.
Context of the organization
Understanding the organization’s internal and external context, including interested parties, and determining the scope of the BCM system.
Demonstrating leadership commitment to BCM, establishing policies, and assigning responsibilities for its implementation.
Leadership and commitment
Planning
Conducting a business impact analysis (BIA) to identify critical activities and dependencies, assessing risks, and establishing business continuity objectives and strategies.
Providing the necessary resources, competencies, and awareness to implement the BCM system effectively.
Support
Operation
Developing and implementing business continuity plans, establishing incident response structures, and ensuring effective communication and coordination during disruptions.
Monitoring, measuring, analyzing, and evaluating the performance of the BCM system, conducting exercises and tests, and conducting internal audits.
Performance evaluation
Improvement
Taking corrective actions, continually improving the BCM system, and learning from incidents and exercises.