ISO 22301 specifies requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise.

The requirements specified in ISO 22301 are generic and intended to be applicable to all organizations, or parts thereof, regardless of type, size and nature of the organization. The extent of application of these requirements depends on the organization’s operating environment and complexity.

Benefits of an ISO 22301-compliant business continuity management system

  • Protect assets, turnover and profits: Effective business continuity management (BCM) enables organisations to protect their income steam following an incident or disaster, while reducing the risk of further losses.
  • Ensure continuity of business operations: A BCMS helps maintain an organisation’s service levels to its customers. It also helps business leaders to assess the potential impacts of an operational disruption, make the right decisions quickly, deploy an effective response and minimise the overall impact.
  • Increase competitive advantage and enhance corporate reputation: Organisations with an ISO 22301-compliant BCMS can improve customer confidence in the organisation’s ability to respond to incidents.
  • Meet legal and regulatory requirements: We recommend ISO 22301 compliance as a useful tool for implementing a well-defined incident response and reporting structure, so organisations can demonstrate they are taking steps to comply with regulatory requirements.
  • Obtain an independent assessment of your security posture: Accredited certification involves regular reviews and internal audits that provide an expert opinion as to whether the BCMS is functioning properly and provides the level of security needed to protect the organisation’s products and services