INTRODUCTION TO ISO 22301 Business Continuity Management involves the recovery or continuation of business activities in the event of any business disruption. The overall BCM programme must be managed through activities such as scoping, risk evaluation, business continuity strategy, business continuity objectives, development planning, training, exercises, testing, reviewing and continual development. Even if an organisation has never experienced a serious incident, establishing a BCMS, built on ISO 22301, helps to define key business processes and the disruption that could result from any threats.

ISO 22301 provides a comprehensive set of controls based on BCM best practice, covering the whole BCM lifecycle. It defines the strategic and tactical capability of an organisation to plan for and respond to incidents and business disruptions to continue business operations at an acceptable pre-defined level. The standard is generic and offers organisations guidance on putting their BCM systems in place.

An organisation can prepare for the worst and take steps to improve its resilience. The BCMS should also include Risk Assessment (RA) and Business Impact Analysis (BIA), which are an inherent part of ISO 22301 and an essential component to identifying prioritized activities, dependencies and resources supporting their key products and services, as well as what the impact of their failure would be on the organisation.

Certification against the requirements of ISO 22301, the International standard for Business Continuity Management, enables you to demonstrate your commitment to having a most robust BCMS in place. Partnering with SGS enables you to improve your risk management by implementing effective business continuity management systems, developing increasingly skilful talent and ensuring consistent and compliant supply chains are in place.