ISO 22301 : 2012
Safety & Risk
Environment & Energy
Good Industry Practices
Introduction to ISO 22301:2012: Societal Security -Business Continuity Management Systems – Requirements
Incidents can disrupt an organization at any time and applying ISO 22301 will ensure that organizations can respond and continue its operations. Incidents take many forms ranging from large scale natural disasters and acts of terror to technology-related accidents and environmental incidents. However, most incidents are small but can have a significant impact and that makes business continuity management relevant at all times.
This has led to a global awareness that organizations in the public and private sectors must know how to prepare for and respond to unexpected and disruptive incidents.
ISO 22301 provides a framework to plan, establish, implement, operate, monitor, review, maintain and continually improve a business continuity management system (BCMS). It is expected to help organizations protect against, prepare for, respond to, and recover when disruptive incidents arise.
What is ISO 22301:2012
ISO 22301:2012, Societal security – Business continuity management systems – will help organizations, regardless of their size, location or activity, to be better prepared and more confident to handle disruption of any type.
Why ISO 22031:2012
Protection of society from, and in response to, incidents, emergencies and disasters caused by intentional and unintentional human acts, natural hazards and technical failures.
What benefits it brings to business:
- Becomes a tool to the management to define processes critical to the organization
- Enables to react to major incidents and to establish remedial measures
- Minimizes loss caused by disruptions, break-downs of critical processes throughout the supply chain
- Allows competitive advantages by improving new customers
- Results in improved confidence among interested parties
Applicable to which type of industry:
All organizations irrespective of type, size and nature. The extent of application of the standard requirements depends on the organization’s operating environment and complexity.
Our Consulting approach:
- Gap Analysis: Assessment of existing management system practices against the selected standard requirements.
- Project Plan: Prepare a implementation project plan based on the time lines looking for;
- Orientation Training: Top/Senior Management orientation on selected standard requirements and implementation action plans preparation;
- Developing different levels of documentation ( Tier 1-3/4): Identification of processes required for the products produced and services provided; External and internal issues affecting the business, interested parties needs and expectations, Framing draft quality policy, organizational objectives, role, responsibility and authority, various risks affecting and opportunities arises, functional and system procedures, different implementation formats and checklists;
- System Implementation: Implementation of the selected management system as per the developed documentation;
- Company-wide Training: Training on detailed clause wise requirements and relating them to their departments and Internal audit.
- Internal Audits: Periodic assessment of system implementation and corrective actions.
- Pre assessment: Initial audit by Certifying agency, and, implementation of corrective actions.
- Final Assessment: Certification audit by the Certifying agency and recommendation for certification.