SlideShare a Scribd company logo

Iso 22301

Download as PPTX, PDF
Craig Willetts ISO Expert
Craig Willetts ISO Expert

Business Continuity ISO 22301

Business
1 of 17
ISO 22301 Societal Security – Business Continuity Management Systems CAW CONSULTANCY BUSINESS SOLUTIONS LTD
Contents  Introduction  Comparison between ISO 22301 and BS 25999-2  Basic terms used in the standard  Content of ISO 22301  ISO 22301 explained  Mandatory documentation  Related standards  Societal security content  Projects under development  Benefits of ISO 22301 business continuity management Copyrighted by CAW Consultancy Business Soltions Ltd
Introduction  The full name of the standard is: “ISO 22301 Societal security – Business continuity management systems – Requirements”  The standard was fashioned by leading experts on this area to deliver the best framework for business continuity management in an organisation.  Object: ISO 22301 :2012 specifies requirements to plan, establish, operate, monitor, implement, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from the disruptive incidents when they arise.  Scope: The requirements identified in ISO 22301 :2012 are generic and projected to be appropriate for all organisations, or parts thereof, regardless of type, size and nature of the organisation. The extent of application of these requirements depends on the organisation’s operating environment and complexity.  Who can implement this standard? Any organisation, with or non-profit, big or small, private or public. The standard is formulated in such a was that it is applicable to any size or type of organisation. Copyrighted by CAW Consultancy Business Soltions Ltd
Comparison between ISO 22301 and BS 2599-2 The ISO 22301 has replaces 25999-2. These are quite similar standards, but the ISO 22301 is often regarded as an update. Copyrighted by CAW Consultancy Business Soltions Ltd ISO 22301 BS 25999-2 Complete name ISO 22301:2012 Societal security – Business continuity management systems – Requirements BS 25999-2 Business Continuity Management – Part 2: Specification Published by International Organisation for standardisation British standards Institution Published date 15/05/2012 20/11/2007 Total number of minimum pages 24 28 Official recommendations Internationally accepted by standards institutes on 163 countries Accepted only in the United Kingdom, but implemented worldwide
 ISO 22301 is not that different from BS 25990-2 in most businesses continuity sections such as business impact, analysis, strategy or planning; the greatest changes are in the management areas of the standard  ISO 22301 places particular emphasis on understanding requirements, constructing objectives and measuring performance. Therefore, it will be more easily accepted by top management. In turn this will contribute to the widespread adoption of this standard like ISO 27001, ISO 9001 or ISO 14001. Copyrighted by CAW Consultancy Business Soltions Ltd Comparison between ISO 22301 and BS 2599-2 (continuation)
Basic terms used within the standard  Business Continuity Management System (BCMS) – part of an overall management system that ensures business continuity is planned, implemented, maintained, and continually improved  Maximum Acceptable Outage (MAO) – the maximum amount of time an activity can be disrupted without incurring unacceptable damage (also Maximum Tolerable Period of Disruption – MTPD)  Recovery Time Objective (RTO) – the specified time at which an activity must be resumed, or resources must me recovered  Recovery Point Objective (RPO) – maximum data loss, i.e., minimum amount of data that needs to be restored  Minimum Business Continuity Objective (MBCO) – the minimum level of services or products an organisation needs to produce after resuming it business operations. Copyrighted by CAW Consultancy Business Soltions Ltd
Content of ISO 22301  Introduction  0.1 General  0.2 The Plan-Do-Check-Act (PDCA) model  0.3 Components of PDCA in this International Standard  1. Scope  2. Normative references  3. Terms and definitions  4. Context of the organisation  4.1 Understanding of the organisation and its context  4.2 Understanding the needs and expectations of the interested parties  4.3 Determining the scope of the management system  4.4 Business continuity management system Copyrighted by CAW Consultancy Business Soltions Ltd  5. Leadership  5.1 General  5.2 Management commitment  5.3 Policy  5.4 Organisational roles, responsibility and authorities  6. Planning  6.1 Actions to address risks and opportunities  6.2 Business continuity objectives and plans to achieve them  7. Support  7.1 Resources  7.2 Competence  7.3 Awareness  7.4 Communication  7.5 Documented information  8. Operation  8.1 Operational planning and control  8.2 Business impact analysis and risk assessment  8.3 Business continuity strategy  8.4 Establish and implement business continuity procedures  8.5 Exercising and testing  9. Performance evaluation  9.1 Monitoring, measurement, analysis and evaluation  9.2 Internal audit  9.3 Management review  10. Improvement  10.1 Non conformity and corrective action  10.2 Continual improvement  Bibliography
ISO 22301 explained  ISO 22301 is the second published management system standard that has recognised the new high-level structure and standardised text agreed in ISO  This will guarantee consistency with all future and revamped management system standards and make integrated use easier, for example, ISO 9001 (quality), ISO 1400 (environmental) and ISO/IEC 27001 (information security).  The standard is separated into main clauses, starting with scope, typical references, and terms and definitions. Following these are the standard’s requirements. Copyrighted by CAW Consultancy Business Soltions Ltd
ISO 22301 explained  Clause 4 – Context of the organisation The first step involves an understanding of the organisation, both the internal and external needs, and setting clear guidelines for the scope of the management system. In particular, this requires the organisation to understand the obligations of the relevant interested parties, such as regulators, customers and staff. It must in particular understand the appropriate legal and regulatory requirements. This enables it to determine the scope of the business continuity management system (BCMS).  Clause 5 – Leadership ISO 22301 places specific emphasis on the need for suitable leadership of BCM. This is so that top management ensures appropriate resources are provided, establishes policy and appoints people to implement and maintain the BCMS.  Clause 6 – Planning This requires the organisation to identify risks to the implementation of the management system and set clear objectives, goals and criteria that can be used to measure its success. Copyrighted by CAW Consultancy Business Soltions Ltd
ISO 22301 explained  Clause 7 – Support Resources are compulsory for implementation, Clause 7 introduces the important concept of competence. For business continuity to be successful, people with appropriate knowledge, skills and experience must be in place to both aid the BCMS and respond to incidents when they occur. It is also essential that all staff are aware of their own role in reacting to incidents and this clause deals with all of these areas. The need for communication about the BCMS – for instance in telling customers that the organisation has suitable BCM in place – and preparedness to communicate subsequent an incident (when normal channels may be disrupted) is also covered here.  Clause 8 – Operations This section contains the main body of business continuity-specific expertise. The organisation must assume business impact analysis to comprehend how its business is affected by disruption and how this changes over time. Risk assessment sorts to understand the risks to the business in a structured way and these form the progress and expansion of business continuity strategy. Steps to avoid or reduce the likelihood of incidents are advanced alongside a guideline of steps to be taken when incidents occur. As it is impossible to completely predict and prevent all incidents, the approach of balancing risk reduction and planning for all eventualities is complementary. It might be said “hope for the best, plan for the worst” Copyrighted by CAW Consultancy Business Soltions Ltd
ISO 22301 explained  Clause 9 – Evaluation For any management system, it is crucial to evaluate performance against plan. ISO 22301 therefore involves the organisation selecting and measuring itself against appropriate performance metrics. Internal audits must be carried out and there is a requirement that management review the BCMS and act upon these reviews.  Clause 10 – Improvement No management system is perfect initially, organisations and their environments are constantly transforming. Clause 10 defines actions to take to improve the BCMS over time and confirm that corrective actions arising from audits, reviews, exercise and so on are tackled. Copyrighted by CAW Consultancy Business Soltions Ltd
Mandatory documentation If an organisation wants to implement this standard, the following documentation is mandatory: Copyrighted by CAW Consultancy Business Soltions Ltd  List of applicable legal, regulatory and other requirements  Scope of the BCMS  Business Continuity Policy  Business continuity objectives Evidence of personnel competences  Records of communication with interested parties  Business impact analysis  Risk assessment, including risk appetite  Incident response structure  Business continuity plan  Recovery procedures  Results of preventative actions  Results of monitoring and measurement  Results of internal audit  Results of Management review  Results of corrective actions
Related standards Other standards that are helpful in implementation of business continuity are:  ISO/IEC 27031 – Guidelines for information and communication technology readiness for business continuity  PAS 200 – Crisis management – guidance and good practice  PD 25666 – Guidance on exercising and testing for continuity and contingency programs  PD 25111 – Guidance on human aspects of business continuity  ISO/IEC 24762 – Guidelines for information and communications technology disaster recovery services  ISO/PAS 22399 – Guidelines for incident preparedness and operational continuity management  ISO/IEC 27001 – Information security management systems - Requirements Copyrighted by CAW Consultancy Business Soltions Ltd
Societal security context ISO 22301 has been developed by ISO/TC 223, societal security The committee has previously published the following standards and other documents:  ISO 22300:2012, Societal security – Terminology  ISO 22300:2012, Societal security – Emergency management – requirements for incident response  ISO/TR 22312:2011, Societal security – Technological capabilities  ISO/PAS 22399:2007, Societal security – Guideline for incident preparedness and operational continuity management Copyrighted by CAW Consultancy Business Soltions Ltd
Projects under development  ISO 22311, Societal security – Video-surveillance – Export interoperability  ISO 22313, Societal security – Business continuity management systems - Guidance  ISO 22315, Societal security – Mass evacuation  ISO 22322, Societal security – Emergency management – Public warning  ISO 22323, Organisational resilience management systems – Requirements with guidance for use  ISO 22325, Societal security – Guidelines for emergency capability assessment for organisations  ISO 22351, Societal security – Emergency management – Shared situation awareness  ISO 22397, Societal security – Public Private Partnership – Guidelines to set up partnership agreements  ISO 22398, Societal security – Guidelines for exercising and testing  ISO 22324, Societal security – Emergency management – Color-coded alert. Copyrighted by CAW Consultancy Business Soltions Ltd
The benefits of ISO 22301 business continuity management What are the benefits of ISO 22301 business continuity management?  Identify and manage current and future threats to your business  Take a proactive approach to minimizing the impact of incidents  Keep critical sections of the business up and running during times of crisis  Minimise interruption during incidents and improve recovery time  Exhibit resilience to customers, suppliers and for tender requests Copyrighted by CAW Consultancy Business Soltions Ltd
Do you have any questions? Thank you for listening Get in touch now on 07427535662 or email craig@cawconsultancy.co.uk Copyrighted by CAW Consultancy Business Soltions Ltd

Recommended

ISO 22301: The New Standard for Business Continuity Best Practice
ISO 22301: The New Standard for Business Continuity Best PracticeISO 22301: The New Standard for Business Continuity Best Practice
ISO 22301: The New Standard for Business Continuity Best PracticeMissionMode
 
Business Continuity Management & ISO 22301
Business Continuity Management & ISO 22301Business Continuity Management & ISO 22301
Business Continuity Management & ISO 22301IT Governance Ltd
 
ISO 22301 Business Continuity Management
ISO 22301 Business Continuity ManagementISO 22301 Business Continuity Management
ISO 22301 Business Continuity ManagementRamiro Cid
 
Awareness iso 22301 danang suryo
Awareness iso 22301 danang suryoAwareness iso 22301 danang suryo
Awareness iso 22301 danang suryoDanang suryo Wardhono
 
Business continuity management per ISO 22301 - a certification training cour...
Business continuity management per ISO 22301 - a certification training cour... Business continuity management per ISO 22301 - a certification training cour...
Business continuity management per ISO 22301 - a certification training cour...Mart Rovers
 
Business Impact Analysis - The Most Important Step during BCMS Implementation
Business Impact Analysis - The Most Important Step during BCMS ImplementationBusiness Impact Analysis - The Most Important Step during BCMS Implementation
Business Impact Analysis - The Most Important Step during BCMS ImplementationPECB
 
BCMS Presentation1
BCMS Presentation1BCMS Presentation1
BCMS Presentation1barbytee
 
Business Continuity Workshop Final
Business Continuity Workshop FinalBusiness Continuity Workshop Final
Business Continuity Workshop FinalBill Lisse
 

Recommended

ISO 22301: The New Standard for Business Continuity Best Practice
ISO 22301: The New Standard for Business Continuity Best PracticeISO 22301: The New Standard for Business Continuity Best Practice
ISO 22301: The New Standard for Business Continuity Best PracticeMissionMode
 
Business Continuity Management & ISO 22301
Business Continuity Management & ISO 22301Business Continuity Management & ISO 22301
Business Continuity Management & ISO 22301IT Governance Ltd
 
ISO 22301 Business Continuity Management
ISO 22301 Business Continuity ManagementISO 22301 Business Continuity Management
ISO 22301 Business Continuity ManagementRamiro Cid
 
Awareness iso 22301 danang suryo
Awareness iso 22301 danang suryoAwareness iso 22301 danang suryo
Awareness iso 22301 danang suryoDanang suryo Wardhono
 
Business continuity management per ISO 22301 - a certification training cour...
Business continuity management per ISO 22301 - a certification training cour... Business continuity management per ISO 22301 - a certification training cour...
Business continuity management per ISO 22301 - a certification training cour...Mart Rovers
 
Business Impact Analysis - The Most Important Step during BCMS Implementation
Business Impact Analysis - The Most Important Step during BCMS ImplementationBusiness Impact Analysis - The Most Important Step during BCMS Implementation
Business Impact Analysis - The Most Important Step during BCMS ImplementationPECB
 
BCMS Presentation1
BCMS Presentation1BCMS Presentation1
BCMS Presentation1barbytee
 
Business Continuity Workshop Final
Business Continuity Workshop FinalBusiness Continuity Workshop Final
Business Continuity Workshop FinalBill Lisse
 
Societal Security – the new standard ISO 22301 for Business Continuity Manage...
Societal Security – the new standard ISO 22301 for Business Continuity Manage...Societal Security – the new standard ISO 22301 for Business Continuity Manage...
Societal Security – the new standard ISO 22301 for Business Continuity Manage...Global Risk Forum GRFDavos
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 IntroductionAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
it grc
it grc it grc
it grc 9535814851
 
How to Fulfil Requirements of ISO 37001:2016 Documentation?
How to Fulfil Requirements of ISO 37001:2016 Documentation?How to Fulfil Requirements of ISO 37001:2016 Documentation?
How to Fulfil Requirements of ISO 37001:2016 Documentation?Global Manager Group
 
Internal audit day 1
Internal audit day 1Internal audit day 1
Internal audit day 1Abd Elhamid Seliem
 
Introduction to Business Continuity Management
Introduction to Business Continuity ManagementIntroduction to Business Continuity Management
Introduction to Business Continuity ManagementProf. David E. Alexander (UCL)
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxDr Madhu Aman Sharma
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentationPranay Kumar
 
GRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveGRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveMax Neira Schliemann
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness TrainingDr Madhu Aman Sharma
 
PECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organizationPECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organizationPECB
 
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information StandardQuick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information StandardPECB
 
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksC-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksAronson LLC
 
Iso 27001 in images - sample slides from different levels of training, e.g. F...
Iso 27001 in images - sample slides from different levels of training, e.g. F...Iso 27001 in images - sample slides from different levels of training, e.g. F...
Iso 27001 in images - sample slides from different levels of training, e.g. F...Stratos Lazaridis
 
Steps to iso 27001 implementation
Steps to iso 27001 implementationSteps to iso 27001 implementation
Steps to iso 27001 implementationRalf Braga
 
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?PECB
 
Implementing a Business Continuity Management System in Telecoms
Implementing a Business Continuity Management System in TelecomsImplementing a Business Continuity Management System in Telecoms
Implementing a Business Continuity Management System in TelecomsGlobal Risk Forum GRFDavos
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance frameworkCeyeap
 
Introduction to 9001 2015
Introduction to 9001 2015 Introduction to 9001 2015
Introduction to 9001 2015 ismail Latiff
 
An Integrated Management System Standard
An Integrated Management System StandardAn Integrated Management System Standard
An Integrated Management System StandardRalph Reid
 
Screening in security
Screening in securityScreening in security
Screening in securityCraig Willetts ISO Expert
 
£999 package
£999 package£999 package
£999 packageCraig Willetts ISO Expert
 

More Related Content

What's hot

Societal Security – the new standard ISO 22301 for Business Continuity Manage...
Societal Security – the new standard ISO 22301 for Business Continuity Manage...Societal Security – the new standard ISO 22301 for Business Continuity Manage...
Societal Security – the new standard ISO 22301 for Business Continuity Manage...Global Risk Forum GRFDavos
 
How to Fulfil Requirements of ISO 37001:2016 Documentation?
How to Fulfil Requirements of ISO 37001:2016 Documentation?How to Fulfil Requirements of ISO 37001:2016 Documentation?
How to Fulfil Requirements of ISO 37001:2016 Documentation?Global Manager Group
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxDr Madhu Aman Sharma
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentationPranay Kumar
 
GRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveGRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveMax Neira Schliemann
 
PECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organizationPECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organizationPECB
 
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information StandardQuick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information StandardPECB
 
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksC-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksAronson LLC
 
Iso 27001 in images - sample slides from different levels of training, e.g. F...
Iso 27001 in images - sample slides from different levels of training, e.g. F...Iso 27001 in images - sample slides from different levels of training, e.g. F...
Iso 27001 in images - sample slides from different levels of training, e.g. F...Stratos Lazaridis
 
Steps to iso 27001 implementation
Steps to iso 27001 implementationSteps to iso 27001 implementation
Steps to iso 27001 implementationRalf Braga
 
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?PECB
 
Implementing a Business Continuity Management System in Telecoms
Implementing a Business Continuity Management System in TelecomsImplementing a Business Continuity Management System in Telecoms
Implementing a Business Continuity Management System in TelecomsGlobal Risk Forum GRFDavos
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance frameworkCeyeap
 
Introduction to 9001 2015
Introduction to 9001 2015 Introduction to 9001 2015
Introduction to 9001 2015 ismail Latiff
 
An Integrated Management System Standard
An Integrated Management System StandardAn Integrated Management System Standard
An Integrated Management System StandardRalph Reid
 

What's hot (20)

Societal Security – the new standard ISO 22301 for Business Continuity Manage...
Societal Security – the new standard ISO 22301 for Business Continuity Manage...Societal Security – the new standard ISO 22301 for Business Continuity Manage...
Societal Security – the new standard ISO 22301 for Business Continuity Manage...
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 Introduction
 
it grc
it grc it grc
it grc
 
How to Fulfil Requirements of ISO 37001:2016 Documentation?
How to Fulfil Requirements of ISO 37001:2016 Documentation?How to Fulfil Requirements of ISO 37001:2016 Documentation?
How to Fulfil Requirements of ISO 37001:2016 Documentation?
 
Internal audit day 1
Internal audit day 1Internal audit day 1
Internal audit day 1
 
Introduction to Business Continuity Management
Introduction to Business Continuity ManagementIntroduction to Business Continuity Management
Introduction to Business Continuity Management
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptx
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentation
 
GRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveGRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance Executive
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness Training
 
PECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organizationPECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organization
 
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information StandardQuick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
 
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksC-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
 
Iso 27001 in images - sample slides from different levels of training, e.g. F...
Iso 27001 in images - sample slides from different levels of training, e.g. F...Iso 27001 in images - sample slides from different levels of training, e.g. F...
Iso 27001 in images - sample slides from different levels of training, e.g. F...
 
Steps to iso 27001 implementation
Steps to iso 27001 implementationSteps to iso 27001 implementation
Steps to iso 27001 implementation
 
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?
 
Implementing a Business Continuity Management System in Telecoms
Implementing a Business Continuity Management System in TelecomsImplementing a Business Continuity Management System in Telecoms
Implementing a Business Continuity Management System in Telecoms
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance framework
 
Introduction to 9001 2015
Introduction to 9001 2015 Introduction to 9001 2015
Introduction to 9001 2015
 
An Integrated Management System Standard
An Integrated Management System StandardAn Integrated Management System Standard
An Integrated Management System Standard
 

Viewers also liked

Viewers also liked (7)

Screening in security
Screening in securityScreening in security
Screening in security
 
£999 package
£999 package£999 package
£999 package
 
ISO & ACS Power Point
ISO & ACS Power PointISO & ACS Power Point
ISO & ACS Power Point
 
How to write a Business Plan
How to write a Business Plan How to write a Business Plan
How to write a Business Plan
 
Reduce admin time by 60% - Here is how
Reduce admin time by 60% - Here is how Reduce admin time by 60% - Here is how
Reduce admin time by 60% - Here is how
 
Iso 17025
Iso 17025Iso 17025
Iso 17025
 
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 isms
 

Similar to Iso 22301

Business Continuity Management System ISO 22301:2012 An Overview
Business Continuity Management System ISO 22301:2012 An OverviewBusiness Continuity Management System ISO 22301:2012 An Overview
Business Continuity Management System ISO 22301:2012 An OverviewAhmed Riad .
 
iso22301businesscontinuitymanagement-140207090550-phpapp01.pdf
iso22301businesscontinuitymanagement-140207090550-phpapp01.pdfiso22301businesscontinuitymanagement-140207090550-phpapp01.pdf
iso22301businesscontinuitymanagement-140207090550-phpapp01.pdfVictorNagesparan
 
Iso 22301 2012 bcm
Iso 22301 2012 bcmIso 22301 2012 bcm
Iso 22301 2012 bcmfaisal_ss
 
what is Business Continuity Management System?
what is Business Continuity Management System?what is Business Continuity Management System?
what is Business Continuity Management System?Ascent World
 
What are the steps for ISO 22301 certification
What are the steps for ISO 22301 certificationWhat are the steps for ISO 22301 certification
What are the steps for ISO 22301 certificationhimalya sharma
 
ISO 22301 Certification What You Need to Know.pdf
ISO 22301 Certification What You Need to Know.pdfISO 22301 Certification What You Need to Know.pdf
ISO 22301 Certification What You Need to Know.pdfOFFICE
 
ISO9001_2015_Frequently_Asked_Questions.docx
ISO9001_2015_Frequently_Asked_Questions.docxISO9001_2015_Frequently_Asked_Questions.docx
ISO9001_2015_Frequently_Asked_Questions.docxSunil Arora
 
Everything You Need To Know About ISO 22301 Certification in Oman.pdf
Everything You Need To Know About ISO 22301 Certification in Oman.pdfEverything You Need To Know About ISO 22301 Certification in Oman.pdf
Everything You Need To Know About ISO 22301 Certification in Oman.pdfAnoosha Factocert
 
tuvsud-ISO-9001-2015-guidance.pdf
tuvsud-ISO-9001-2015-guidance.pdftuvsud-ISO-9001-2015-guidance.pdf
tuvsud-ISO-9001-2015-guidance.pdfHalaGhaziAyoub
 
Creating an Effective Business Continuity Plan
Creating an Effective Business Continuity PlanCreating an Effective Business Continuity Plan
Creating an Effective Business Continuity PlanPECB
 
PECB Webinar: Rethinking Business Continuity: Applying ISO 22301 to improve r...
PECB Webinar: Rethinking Business Continuity: Applying ISO 22301 to improve r...PECB Webinar: Rethinking Business Continuity: Applying ISO 22301 to improve r...
PECB Webinar: Rethinking Business Continuity: Applying ISO 22301 to improve r...PECB
 
Building a strong BC programme with ISO 22301
Building a strong BC programme with ISO 22301Building a strong BC programme with ISO 22301
Building a strong BC programme with ISO 22301PECB
 
Comparison of ISO 22301 with BS 25999
Comparison of ISO 22301 with BS 25999Comparison of ISO 22301 with BS 25999
Comparison of ISO 22301 with BS 25999Steelhenge
 
Iso 9001 quality manual example
Iso 9001 quality manual exampleIso 9001 quality manual example
Iso 9001 quality manual examplejohnfabianski333
 
ISO 22301:2019 (Business Continuity Management Systems) Awareness Training
ISO 22301:2019 (Business Continuity Management Systems) Awareness TrainingISO 22301:2019 (Business Continuity Management Systems) Awareness Training
ISO 22301:2019 (Business Continuity Management Systems) Awareness TrainingOperational Excellence Consulting
 
Construction Futures Wales - Quality Standards Presentation
Construction Futures Wales - Quality Standards PresentationConstruction Futures Wales - Quality Standards Presentation
Construction Futures Wales - Quality Standards PresentationRae Davies
 

Similar to Iso 22301 (20)

Business Continuity Management System ISO 22301:2012 An Overview
Business Continuity Management System ISO 22301:2012 An OverviewBusiness Continuity Management System ISO 22301:2012 An Overview
Business Continuity Management System ISO 22301:2012 An Overview
 
iso22301businesscontinuitymanagement-140207090550-phpapp01.pdf
iso22301businesscontinuitymanagement-140207090550-phpapp01.pdfiso22301businesscontinuitymanagement-140207090550-phpapp01.pdf
iso22301businesscontinuitymanagement-140207090550-phpapp01.pdf
 
Iso 22301 2012 bcm
Iso 22301 2012 bcmIso 22301 2012 bcm
Iso 22301 2012 bcm
 
what is Business Continuity Management System?
what is Business Continuity Management System?what is Business Continuity Management System?
what is Business Continuity Management System?
 
Business Continuity Audit
Business Continuity AuditBusiness Continuity Audit
Business Continuity Audit
 
What are the steps for ISO 22301 certification
What are the steps for ISO 22301 certificationWhat are the steps for ISO 22301 certification
What are the steps for ISO 22301 certification
 
Transition bs25999-to-iso22301
Transition bs25999-to-iso22301Transition bs25999-to-iso22301
Transition bs25999-to-iso22301
 
Bcm in oil&gas industry
Bcm in oil&gas industryBcm in oil&gas industry
Bcm in oil&gas industry
 
ISO 22301 Certification What You Need to Know.pdf
ISO 22301 Certification What You Need to Know.pdfISO 22301 Certification What You Need to Know.pdf
ISO 22301 Certification What You Need to Know.pdf
 
ISO9001_2015_Frequently_Asked_Questions.docx
ISO9001_2015_Frequently_Asked_Questions.docxISO9001_2015_Frequently_Asked_Questions.docx
ISO9001_2015_Frequently_Asked_Questions.docx
 
Everything You Need To Know About ISO 22301 Certification in Oman.pdf
Everything You Need To Know About ISO 22301 Certification in Oman.pdfEverything You Need To Know About ISO 22301 Certification in Oman.pdf
Everything You Need To Know About ISO 22301 Certification in Oman.pdf
 
tuvsud-ISO-9001-2015-guidance.pdf
tuvsud-ISO-9001-2015-guidance.pdftuvsud-ISO-9001-2015-guidance.pdf
tuvsud-ISO-9001-2015-guidance.pdf
 
Creating an Effective Business Continuity Plan
Creating an Effective Business Continuity PlanCreating an Effective Business Continuity Plan
Creating an Effective Business Continuity Plan
 
PECB Webinar: Rethinking Business Continuity: Applying ISO 22301 to improve r...
PECB Webinar: Rethinking Business Continuity: Applying ISO 22301 to improve r...PECB Webinar: Rethinking Business Continuity: Applying ISO 22301 to improve r...
PECB Webinar: Rethinking Business Continuity: Applying ISO 22301 to improve r...
 
Building a strong BC programme with ISO 22301
Building a strong BC programme with ISO 22301Building a strong BC programme with ISO 22301
Building a strong BC programme with ISO 22301
 
Comparison of ISO 22301 with BS 25999
Comparison of ISO 22301 with BS 25999Comparison of ISO 22301 with BS 25999
Comparison of ISO 22301 with BS 25999
 
ISO 22000 2018 -- what has changed
ISO 22000 2018 -- what has changedISO 22000 2018 -- what has changed
ISO 22000 2018 -- what has changed
 
Iso 9001 quality manual example
Iso 9001 quality manual exampleIso 9001 quality manual example
Iso 9001 quality manual example
 
ISO 22301:2019 (Business Continuity Management Systems) Awareness Training
ISO 22301:2019 (Business Continuity Management Systems) Awareness TrainingISO 22301:2019 (Business Continuity Management Systems) Awareness Training
ISO 22301:2019 (Business Continuity Management Systems) Awareness Training
 
Construction Futures Wales - Quality Standards Presentation
Construction Futures Wales - Quality Standards PresentationConstruction Futures Wales - Quality Standards Presentation
Construction Futures Wales - Quality Standards Presentation
 

More from Craig Willetts ISO Expert

BS7858:2019 - Screening of individuals working in a secure environment
BS7858:2019 - Screening of individuals working in a secure environmentBS7858:2019 - Screening of individuals working in a secure environment
BS7858:2019 - Screening of individuals working in a secure environmentCraig Willetts ISO Expert
 
Provision of Security Services - BS 10800:2020 - training slides
Provision of Security Services - BS 10800:2020 - training slidesProvision of Security Services - BS 10800:2020 - training slides
Provision of Security Services - BS 10800:2020 - training slidesCraig Willetts ISO Expert
 
CAW Newsletter Including ISO & Legislation Updates
CAW Newsletter Including ISO & Legislation Updates CAW Newsletter Including ISO & Legislation Updates
CAW Newsletter Including ISO & Legislation Updates Craig Willetts ISO Expert
 
Caw Consultancy Business Solutions - Company Information
Caw Consultancy Business Solutions - Company Information Caw Consultancy Business Solutions - Company Information
Caw Consultancy Business Solutions - Company Information Craig Willetts ISO Expert
 
Fusion Consultancy Worldwide - Company Information
Fusion Consultancy Worldwide - Company Information Fusion Consultancy Worldwide - Company Information
Fusion Consultancy Worldwide - Company Information Craig Willetts ISO Expert
 
Caw Digital Management & ISO Systems - Company Information
Caw Digital Management & ISO Systems - Company Information Caw Digital Management & ISO Systems - Company Information
Caw Digital Management & ISO Systems - Company Information Craig Willetts ISO Expert
 
Caw Certification Services - Company Information
Caw Certification Services - Company InformationCaw Certification Services - Company Information
Caw Certification Services - Company InformationCraig Willetts ISO Expert
 

More from Craig Willetts ISO Expert (20)

BS7858:2019 - Screening of individuals working in a secure environment
BS7858:2019 - Screening of individuals working in a secure environmentBS7858:2019 - Screening of individuals working in a secure environment
BS7858:2019 - Screening of individuals working in a secure environment
 
Provision of Security Services - BS 10800:2020 - training slides
Provision of Security Services - BS 10800:2020 - training slidesProvision of Security Services - BS 10800:2020 - training slides
Provision of Security Services - BS 10800:2020 - training slides
 
CAW Business Matters & Directories 2018
CAW Business Matters & Directories 2018CAW Business Matters & Directories 2018
CAW Business Matters & Directories 2018
 
CAW Newsletter Including ISO & Legislation Updates
CAW Newsletter Including ISO & Legislation Updates CAW Newsletter Including ISO & Legislation Updates
CAW Newsletter Including ISO & Legislation Updates
 
Caw Consultancy Business Solutions - Company Information
Caw Consultancy Business Solutions - Company Information Caw Consultancy Business Solutions - Company Information
Caw Consultancy Business Solutions - Company Information
 
Fusion Consultancy Worldwide - Company Information
Fusion Consultancy Worldwide - Company Information Fusion Consultancy Worldwide - Company Information
Fusion Consultancy Worldwide - Company Information
 
Caw Digital Management & ISO Systems - Company Information
Caw Digital Management & ISO Systems - Company Information Caw Digital Management & ISO Systems - Company Information
Caw Digital Management & ISO Systems - Company Information
 
Caw Certification Services - Company Information
Caw Certification Services - Company InformationCaw Certification Services - Company Information
Caw Certification Services - Company Information
 
Q2 2017 newsletter
Q2 2017 newsletterQ2 2017 newsletter
Q2 2017 newsletter
 
Prepare for terrorist attacks
Prepare for terrorist attacksPrepare for terrorist attacks
Prepare for terrorist attacks
 
AS9100 transition checklist
AS9100 transition checklistAS9100 transition checklist
AS9100 transition checklist
 
AS 9100 rev D
AS 9100 rev DAS 9100 rev D
AS 9100 rev D
 
Transition from OHSAS 18001 - ISO 45001
Transition from OHSAS 18001 - ISO 45001Transition from OHSAS 18001 - ISO 45001
Transition from OHSAS 18001 - ISO 45001
 
Craig's little book of iso's
Craig's little book of iso'sCraig's little book of iso's
Craig's little book of iso's
 
Craig's little book of big business
Craig's little book of big businessCraig's little book of big business
Craig's little book of big business
 
OHSAS 18001 checklist
OHSAS 18001 checklistOHSAS 18001 checklist
OHSAS 18001 checklist
 
Iso 9001 transition checklist
Iso 9001 transition checklistIso 9001 transition checklist
Iso 9001 transition checklist
 
Iso 27001 Checklist
Iso 27001 ChecklistIso 27001 Checklist
Iso 27001 Checklist
 
Iso 22301 Checklist
Iso 22301 ChecklistIso 22301 Checklist
Iso 22301 Checklist
 
Iso 14001:2015 Checklist
Iso 14001:2015 ChecklistIso 14001:2015 Checklist
Iso 14001:2015 Checklist
 

Recently uploaded

Guide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFGuide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFChandresh Chudasama
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607dollysharma2066
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCRashishs7044
 
Organizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessOrganizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessSeta Wicaksana
 
PSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationPSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationAnamaria Contreras
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCRashishs7044
 
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...ictsugar
 
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu MenzaYouth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menzaictsugar
 
Chapter 9 PPT 4th edition.pdf internal audit
Chapter 9 PPT 4th edition.pdf internal auditChapter 9 PPT 4th edition.pdf internal audit
Chapter 9 PPT 4th edition.pdf internal auditNhtLNguyn9
 
Innovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfInnovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfrichard876048
 
Marketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent ChirchirMarketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent Chirchirictsugar
 
Church Building Grants To Assist With New Construction, Additions, And Restor...
Church Building Grants To Assist With New Construction, Additions, And Restor...Church Building Grants To Assist With New Construction, Additions, And Restor...
Church Building Grants To Assist With New Construction, Additions, And Restor...Americas Got Grants
 
Memorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMMemorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMVoces Mineras
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfKhaled Al Awadi
 
Darshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdfDarshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdfShashank Mehta
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCRashishs7044
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCRashishs7044
 
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort ServiceCall US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Servicecallgirls2057
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Kirill Klimov
 

Recently uploaded (20)

Guide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFGuide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDF
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
 
Corporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information TechnologyCorporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information Technology
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
 
Organizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessOrganizational Structure Running A Successful Business
Organizational Structure Running A Successful Business
 
PSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationPSCC - Capability Statement Presentation
PSCC - Capability Statement Presentation
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
 
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
 
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu MenzaYouth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
 
Chapter 9 PPT 4th edition.pdf internal audit
Chapter 9 PPT 4th edition.pdf internal auditChapter 9 PPT 4th edition.pdf internal audit
Chapter 9 PPT 4th edition.pdf internal audit
 
Innovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfInnovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdf
 
Marketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent ChirchirMarketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent Chirchir
 
Church Building Grants To Assist With New Construction, Additions, And Restor...
Church Building Grants To Assist With New Construction, Additions, And Restor...Church Building Grants To Assist With New Construction, Additions, And Restor...
Church Building Grants To Assist With New Construction, Additions, And Restor...
 
Memorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMMemorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQM
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
 
Darshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdfDarshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdf
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
 
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort ServiceCall US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024
 

Iso 22301

  • 1. ISO 22301 Societal Security – Business Continuity Management Systems CAW CONSULTANCY BUSINESS SOLUTIONS LTD
  • 2. Contents  Introduction  Comparison between ISO 22301 and BS 25999-2  Basic terms used in the standard  Content of ISO 22301  ISO 22301 explained  Mandatory documentation  Related standards  Societal security content  Projects under development  Benefits of ISO 22301 business continuity management Copyrighted by CAW Consultancy Business Soltions Ltd
  • 3. Introduction  The full name of the standard is: “ISO 22301 Societal security – Business continuity management systems – Requirements”  The standard was fashioned by leading experts on this area to deliver the best framework for business continuity management in an organisation.  Object: ISO 22301 :2012 specifies requirements to plan, establish, operate, monitor, implement, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from the disruptive incidents when they arise.  Scope: The requirements identified in ISO 22301 :2012 are generic and projected to be appropriate for all organisations, or parts thereof, regardless of type, size and nature of the organisation. The extent of application of these requirements depends on the organisation’s operating environment and complexity.  Who can implement this standard? Any organisation, with or non-profit, big or small, private or public. The standard is formulated in such a was that it is applicable to any size or type of organisation. Copyrighted by CAW Consultancy Business Soltions Ltd
  • 4. Comparison between ISO 22301 and BS 2599-2 The ISO 22301 has replaces 25999-2. These are quite similar standards, but the ISO 22301 is often regarded as an update. Copyrighted by CAW Consultancy Business Soltions Ltd ISO 22301 BS 25999-2 Complete name ISO 22301:2012 Societal security – Business continuity management systems – Requirements BS 25999-2 Business Continuity Management – Part 2: Specification Published by International Organisation for standardisation British standards Institution Published date 15/05/2012 20/11/2007 Total number of minimum pages 24 28 Official recommendations Internationally accepted by standards institutes on 163 countries Accepted only in the United Kingdom, but implemented worldwide
  • 5.  ISO 22301 is not that different from BS 25990-2 in most businesses continuity sections such as business impact, analysis, strategy or planning; the greatest changes are in the management areas of the standard  ISO 22301 places particular emphasis on understanding requirements, constructing objectives and measuring performance. Therefore, it will be more easily accepted by top management. In turn this will contribute to the widespread adoption of this standard like ISO 27001, ISO 9001 or ISO 14001. Copyrighted by CAW Consultancy Business Soltions Ltd Comparison between ISO 22301 and BS 2599-2 (continuation)
  • 6. Basic terms used within the standard  Business Continuity Management System (BCMS) – part of an overall management system that ensures business continuity is planned, implemented, maintained, and continually improved  Maximum Acceptable Outage (MAO) – the maximum amount of time an activity can be disrupted without incurring unacceptable damage (also Maximum Tolerable Period of Disruption – MTPD)  Recovery Time Objective (RTO) – the specified time at which an activity must be resumed, or resources must me recovered  Recovery Point Objective (RPO) – maximum data loss, i.e., minimum amount of data that needs to be restored  Minimum Business Continuity Objective (MBCO) – the minimum level of services or products an organisation needs to produce after resuming it business operations. Copyrighted by CAW Consultancy Business Soltions Ltd
  • 7. Content of ISO 22301  Introduction  0.1 General  0.2 The Plan-Do-Check-Act (PDCA) model  0.3 Components of PDCA in this International Standard  1. Scope  2. Normative references  3. Terms and definitions  4. Context of the organisation  4.1 Understanding of the organisation and its context  4.2 Understanding the needs and expectations of the interested parties  4.3 Determining the scope of the management system  4.4 Business continuity management system Copyrighted by CAW Consultancy Business Soltions Ltd  5. Leadership  5.1 General  5.2 Management commitment  5.3 Policy  5.4 Organisational roles, responsibility and authorities  6. Planning  6.1 Actions to address risks and opportunities  6.2 Business continuity objectives and plans to achieve them  7. Support  7.1 Resources  7.2 Competence  7.3 Awareness  7.4 Communication  7.5 Documented information  8. Operation  8.1 Operational planning and control  8.2 Business impact analysis and risk assessment  8.3 Business continuity strategy  8.4 Establish and implement business continuity procedures  8.5 Exercising and testing  9. Performance evaluation  9.1 Monitoring, measurement, analysis and evaluation  9.2 Internal audit  9.3 Management review  10. Improvement  10.1 Non conformity and corrective action  10.2 Continual improvement  Bibliography
  • 8. ISO 22301 explained  ISO 22301 is the second published management system standard that has recognised the new high-level structure and standardised text agreed in ISO  This will guarantee consistency with all future and revamped management system standards and make integrated use easier, for example, ISO 9001 (quality), ISO 1400 (environmental) and ISO/IEC 27001 (information security).  The standard is separated into main clauses, starting with scope, typical references, and terms and definitions. Following these are the standard’s requirements. Copyrighted by CAW Consultancy Business Soltions Ltd
  • 9. ISO 22301 explained  Clause 4 – Context of the organisation The first step involves an understanding of the organisation, both the internal and external needs, and setting clear guidelines for the scope of the management system. In particular, this requires the organisation to understand the obligations of the relevant interested parties, such as regulators, customers and staff. It must in particular understand the appropriate legal and regulatory requirements. This enables it to determine the scope of the business continuity management system (BCMS).  Clause 5 – Leadership ISO 22301 places specific emphasis on the need for suitable leadership of BCM. This is so that top management ensures appropriate resources are provided, establishes policy and appoints people to implement and maintain the BCMS.  Clause 6 – Planning This requires the organisation to identify risks to the implementation of the management system and set clear objectives, goals and criteria that can be used to measure its success. Copyrighted by CAW Consultancy Business Soltions Ltd
  • 10. ISO 22301 explained  Clause 7 – Support Resources are compulsory for implementation, Clause 7 introduces the important concept of competence. For business continuity to be successful, people with appropriate knowledge, skills and experience must be in place to both aid the BCMS and respond to incidents when they occur. It is also essential that all staff are aware of their own role in reacting to incidents and this clause deals with all of these areas. The need for communication about the BCMS – for instance in telling customers that the organisation has suitable BCM in place – and preparedness to communicate subsequent an incident (when normal channels may be disrupted) is also covered here.  Clause 8 – Operations This section contains the main body of business continuity-specific expertise. The organisation must assume business impact analysis to comprehend how its business is affected by disruption and how this changes over time. Risk assessment sorts to understand the risks to the business in a structured way and these form the progress and expansion of business continuity strategy. Steps to avoid or reduce the likelihood of incidents are advanced alongside a guideline of steps to be taken when incidents occur. As it is impossible to completely predict and prevent all incidents, the approach of balancing risk reduction and planning for all eventualities is complementary. It might be said “hope for the best, plan for the worst” Copyrighted by CAW Consultancy Business Soltions Ltd
  • 11. ISO 22301 explained  Clause 9 – Evaluation For any management system, it is crucial to evaluate performance against plan. ISO 22301 therefore involves the organisation selecting and measuring itself against appropriate performance metrics. Internal audits must be carried out and there is a requirement that management review the BCMS and act upon these reviews.  Clause 10 – Improvement No management system is perfect initially, organisations and their environments are constantly transforming. Clause 10 defines actions to take to improve the BCMS over time and confirm that corrective actions arising from audits, reviews, exercise and so on are tackled. Copyrighted by CAW Consultancy Business Soltions Ltd
  • 12. Mandatory documentation If an organisation wants to implement this standard, the following documentation is mandatory: Copyrighted by CAW Consultancy Business Soltions Ltd  List of applicable legal, regulatory and other requirements  Scope of the BCMS  Business Continuity Policy  Business continuity objectives Evidence of personnel competences  Records of communication with interested parties  Business impact analysis  Risk assessment, including risk appetite  Incident response structure  Business continuity plan  Recovery procedures  Results of preventative actions  Results of monitoring and measurement  Results of internal audit  Results of Management review  Results of corrective actions
  • 13. Related standards Other standards that are helpful in implementation of business continuity are:  ISO/IEC 27031 – Guidelines for information and communication technology readiness for business continuity  PAS 200 – Crisis management – guidance and good practice  PD 25666 – Guidance on exercising and testing for continuity and contingency programs  PD 25111 – Guidance on human aspects of business continuity  ISO/IEC 24762 – Guidelines for information and communications technology disaster recovery services  ISO/PAS 22399 – Guidelines for incident preparedness and operational continuity management  ISO/IEC 27001 – Information security management systems - Requirements Copyrighted by CAW Consultancy Business Soltions Ltd
  • 14. Societal security context ISO 22301 has been developed by ISO/TC 223, societal security The committee has previously published the following standards and other documents:  ISO 22300:2012, Societal security – Terminology  ISO 22300:2012, Societal security – Emergency management – requirements for incident response  ISO/TR 22312:2011, Societal security – Technological capabilities  ISO/PAS 22399:2007, Societal security – Guideline for incident preparedness and operational continuity management Copyrighted by CAW Consultancy Business Soltions Ltd
  • 15. Projects under development  ISO 22311, Societal security – Video-surveillance – Export interoperability  ISO 22313, Societal security – Business continuity management systems - Guidance  ISO 22315, Societal security – Mass evacuation  ISO 22322, Societal security – Emergency management – Public warning  ISO 22323, Organisational resilience management systems – Requirements with guidance for use  ISO 22325, Societal security – Guidelines for emergency capability assessment for organisations  ISO 22351, Societal security – Emergency management – Shared situation awareness  ISO 22397, Societal security – Public Private Partnership – Guidelines to set up partnership agreements  ISO 22398, Societal security – Guidelines for exercising and testing  ISO 22324, Societal security – Emergency management – Color-coded alert. Copyrighted by CAW Consultancy Business Soltions Ltd
  • 16. The benefits of ISO 22301 business continuity management What are the benefits of ISO 22301 business continuity management?  Identify and manage current and future threats to your business  Take a proactive approach to minimizing the impact of incidents  Keep critical sections of the business up and running during times of crisis  Minimise interruption during incidents and improve recovery time  Exhibit resilience to customers, suppliers and for tender requests Copyrighted by CAW Consultancy Business Soltions Ltd
  • 17. Do you have any questions? Thank you for listening Get in touch now on 07427535662 or email craig@cawconsultancy.co.uk Copyrighted by CAW Consultancy Business Soltions Ltd